1

1

“EQUIPPING AUSTRALIA AND ALLIED NATION’S

AGAINST EMERGING

AND EVOLVING THREATS”

A proposal to create and/or link state of the art

national security real time systems

Based on the Police Evidence and Forensics

Information Management System (EFIMS) installed

and operating in New South Wales (NSW) Australia

Prepared by Kevin R Beck

Professional Managers and Associates (PMA) Pty Ltd

PO Box 100 Caulfield Victoria Australia 3162

Email: kevinrbeck@bigpond.com

Mobile cell: +61412451029

About the author: (Google sources)

https://www.google.com.au/webhp?sourceid=chrom

e-instant&ion=1&espv=2&ie=UTF-

8#q=kevin%20beck%20money%20laundering

In concert with

Dan Drum Managing Director of Hardcat Pty Ltd

Park Street

Melbourne Australia

http://www.hardcat.com

2

2

OVERVIEW OF PROPOSAL

The Australian government has a priority to equip the nation for the

challenges we face in the every evolving threats of terror within Australia and

externally. Such objectives can come with high price tags and lead times.

More so when one considers the need for international cooperation and

information sharing between allied nations.

This proposal, and its associated conceptual architecture, is conceived from Hardcat‘s Sabre Law Enforcement Software Suite designed, installed and operating in one of the world’s most advanced policing environments, the Australian state of New South Wales Police epartment. It is known as EFIMS (Evidence and Forensic Management Information System) a customised purpose built system based on Hardcat’s Sabre Law Enforcement Product. Hardcat SaBRe is a “best of breed” tracking and information management system giving this law enforcement organisation unrivalled transparency and intelligence on cases, events, incidents, jobs, exhibits, property, electronic briefs and chain of custody. An end to end application supporting the gathering of data, materials, evidence and analysis including forensics, organising complex, diverse and disparate information, into formats, and complying policies, for presentation in court. Detailing sources of information, warrants, wire taps, other intelligence and analytics that must go into a security and/or criminal investigation and the ultimate presentation requirements before a court of law.

3

3

According to the Australian Department of the Attorney General, September

2012, “Australia has developed significant national security capability in the

fight against terrorism espionage, serious and organised crime, and cyber -

crime.

Our challenge is to ensure that, as Australia evolves as a 21st century society

and economy, our national security capability similarly evolves with high levels

of agility and adaptability and continues to meet emerging threats. As

Australia advances, so too do threats to our wellbeing. Meeting the challenges

of new technologies and methodologies is a key priority for the Australian

Government in the national security sphere. Our law enforcement and security

capabilities must keep ahead of terrorists, agents of espionage and organised

criminals who threaten our national security and the safety of our citizens. So

our law enforcement and intelligence agencies must be equipped with

contemporary skills and technologies, and backed by necessary powers –

coupled with the appropriate checks and balances and oversight mechanisms

society rightly demands.”

The concept proposed here is to bring together the multi systems of

Australia’s government agencies, and those of its allies around the world to

whatever extent is deemed feasible whilst taking into account any necessary

reforms that must be enacted within countries working together, covering

pressing initiatives such as telecommunications interception reform,

metadata, telecommunications sector security reform and the Australian

intelligence community reforms.

We expand the above to incorporate Border Protection and Customs, Defence

and Intelligence Agencies, Foreign Affairs agencies of allied countries, agencies

such as Interpol, country’s own Crime Commissions, Federal and State Policing,

Drug Enforcement, FBI style agencies and nation’s critical infrastructure utilities

such as telecommunications and banking. The Hardcat Sabre EFIMS technical

capability can confront terrorists, agents of espionage and organised criminals

head on providing real time intelligence to approved agencies across multiple

jurisdictions.

4

4

INDUSTRY WITHIN NATION’S MUST PARTICIPATE AND PUT IN A

CONTRIBUTION TO GLOBAL SECURITY

The National Security Committee of the Australian government recognises

that Telecommunications interception reform is a significant challenge in any

National Security plan. No doubt our allies face similar legislative hurdles. It is

one thing to make telecommunication providers keep metadata, but how do

agencies use it and for what?

Similarly banking enterprises must also contribute to the source information

of allied nations, as well as major utilities and even global software and

technology companies that expect governments and states to provide secure

places to conduct business.

The Australian Crime Commission’s “Future of Organised Criminality in

Australia 2020” assessment is directly relevant to our concept proposal by

proffering working and highly effective software, ciphers and other

methodologies to match and exceed criminal capabilities in technology

obstruction and their ability to impede detection by law enforcement and

security agencies.

The NSW Police system supports the gathering of multi-source materials,

leading, if required, to the prosecution of serious and organised and other

technology‐enabled crime. However it does not have to be applied specifically

for activities that will go to court but can be adapted to track information and

assemble case files used to inform decision making and counter terrorism

activities.

5

5

Within our proposed National Security Sabre model we have included threats

posed to critical infrastructure. The security and resilience of such

infrastructure significantly affects the social and economic well‐being of the

nation.

Global intelligence community reform is about appropriately equipping and

enhancing the operational capabilities of these agencies and also providing a

mechanism to gather and synthesise data, events, apparently disparate, and

unrelated intelligence, and evidence from anywhere in real time.

To be able to package it as either locational intelligence, national, regional or

local in an unallocated sense or to actually attach it to an individual or group of

individuals tracking their movements and entering the evidence and reports

into a file similar to a NSW Police case ready for the prosecutor in court. But

we also conceive that agencies might want to assemble case files containing

materials that never are to go to court. The multi-sources of highly sensitive

information serve the analytical and assessment functions and readiness

capacity of agencies across the world. The Hardcat Sabre concept is a working

framework to better manage national security challenges to any nation’s

security and the many reforms envisaged by government necessary to enhance

it.

Incorporation of Government Reforms, Policies and Processes

In developing our model off the NSW Police foundation using it as a prototype upon which additional features and models are added we take note of:

• The desirability of comprehensive, consistent and workable laws and

practices to protect the security and safety of any nation, its citizens and businesses, including privacy and intrusion issues

• the need to ensure that intelligence, security and law enforcement

agencies are equipped to effectively perform their functions and cooperate effectively in today’s and tomorrow’s technologically advanced and globalised environment, and

• The fact that national security brings shared responsibilities to the

government/s of a nation and the private sector as well

6

6

This proposal encompasses:

a) the challenges of new and emerging technologies upon agencies’

capabilities b) the requirements of a modern intelligence and

security agency legislative framework, and to enhance cooperation

between agencies, and

c) the need for enhancements to the security of the telecommunications sector.

The EFIMS system installed in NSW Police is readily adaptable to any context of law enforcement or intelligence whilst

a) containing appropriate safeguards for protecting the human rights and

privacy of individuals proportionate to any threat to national security and the security of the private sector

b) applying reasonable obligations upon industry whilst at the same

time minimising cost and impact on business operations in the public and private sector, in short this is a very economical proposition.

c) and addressing law enforcement reduction of capabilities from new technologies and business environment, which has a flow‐on effect to security agencies.

Governments grapple with strengthening the safeguards and privacy protections under the lawful access to communications regime in various types of Telecommunications (Interception and Access) Acts of

nations and we take account of

a. privacy protection

b. the proportionality tests warrant issue

c. mandatory record‐keeping standards

7

7

d. oversight arrangements by Ombudsmen and Regulators, Parliament and so on

Nations may want to

a. reduce the number of agencies eligible (and authorised)

to access communications information

b. address the standardisation of warrant tests and thresholds

Streamlining and reducing complexity in the lawful access to communications regime by

a. simplifying the information sharing provisions that allow

agencies to cooperate using the EFIMS as a model (with a central customised (top secret design versions)

b. removing legislative duplication where feasible and allowable under a nation’s Constitution

Our technical model incorporates a financial layer to enable a cost sharing framework to:

a. align industry interception assistance with industry regulatory policy b. clarify regulatory and enforcement roles

Security Intelligence Acts and the like

Modernising and streamlining warrant provisions

a. the definition of a ‘computer’

b. enabling warrants to be varied by an approved authority, simplifying the renewal of the warrants process and extending duration of search warrants from say 90 days to 6 months or whatever a nation’s laws may allow.

8

8

Users of the system can be designated by roles and levels of access and authenticity in their work.

Intelligence Services Acts or the like

The technical design can incorporate a nation’s Defence’s Imagery and

geospatial organisation’s authority to provide assistance to approved bodies working in unison in real time on the system adding information

and intelligence from diverse and disparate sources.

Telecommunications (Interception and Access) Acts and the like

a. Sabre can be designed to handle the creation of multiple or single warrants with multiple interception powers

Cooperative frameworks between nation’s governments, agencies, private enterprise and the community can be leveraged –

a. Industry interception obligations

b. Ancillary service providers not currently covered by the

legislation

c. t h e three‐tiered industry participation model d community input – crime stoppers and other reporting mechanisms

Security Intelligence Organisation Acts and the like

Sabre EFIMS is a working example of what is possible for an intelligence operations scheme. Protecting officers and human sources with protection from criminal and civil liability for certain conduct in the course of authorised intelligence operations.

9

9

You can:

a. Establish a named person warrant enabling intelligence agencies to request a single warrant specifying multiple (existing) powers against a single target instead of requesting multiple warrants against a single target.

b. Align surveillance device provisions with any Surveillance Devices Acts

c. Enable the disruption of a target computer for the purposes of

a computer access warrant

d. Enable person searches to be undertaken independently of a premises search e. Establish classes of persons able to execute warrants and track

Establish an agency’s ability to cooperate with the private sector/community and then track that cooperation as part of a file or schema of files in whatever context you want to look at, assemble and expand it. EFIMS can take into its structure business rules and policies the:

Telecommunications (Interception and Access) Act s and the like

The Lawful Access Regime a. expanding the basis of interception activities and decryption of communications b. Industry response timelines c. tailored data retention periods for parts of a data set, with

specific timeframes taking into account agency priorities, and privacy and cost impacts

Telecommunications Act s and the like

The Sabre EFIMS system will address security and resilience risks posed to the telecommunications sector and can be enabled to permit legal authorised access to third party systems monitoring such access.

10

10

Security Intelligence Organisation Acts and the like

Enabling warrant provisions through interconnection to, and use of,

a. third party computers, and communications, in transit to access a

target computer under a computer access warrant.

b. the incidental power in the search warrant provision that authorises access to third party premises to execute a warrant and which are recorded in EFIMS

c. reasonable force recoding during the execution of a warrant, not

just on entry.

d. an evidentiary certificate regime.

Intelligence Services Acts and the like

Assembling broad or detailed and very specific files covering: a. persons, or groups, likely to be, involved in intelligence or

counter‐ intelligence activities.

b. recording in detail a Manager of an Agency or the Parliament Minister/Head authorising specified activities which may involve producing intelligence on a person or persons where the Agency is cooperating with any other agency or intelligence body in the performance of a function pursuant to an act of parliament

c. Enable an agency to provide training in self-defence and the use

of weapons to a person cooperating with agencies. Hardcat systems currently installed in many Australian state and other international police regimes track the issuance of such weapons against an individual or event and prescribed use and circumstance.

The overall impacts are:

1. The Sabre National Security Centre piece is built in months, not years to security approved levels for general reporting and separately

11

11

authorized access for analytics using whatever engine a nation state or agency chooses

2. The prototype cost design upon which the National Security Sabre system is concepted is already built it requires customisation to suit (a base model is estimated to be $AUD20,000,000 with cost add - ons being the number of repositories and extraction database links required

3. National and International Agencies gain from increase operational efficiency

4. In turn a nation gains from these efficiencies 5. Reduction of manual effort in managing the chain of custody process for

exhibits (if required) 6. Increased number of positive and linked identifications 7. Prioritisation of jobs based on real time data from multiple sources 8. Reduced effort tracking exhibits and property 9. Performance improvement mechanisms 10. Secure (access can be controlled by biometric identification systems many

of which are owned now by agencies for audit ability across all entities within the system

11. Manage the complete lifecycle of cases, events, incidents, jobs, exhibits and property

Hardcat’s Sabre can incorporate or eliminate manual brief construction where manual might be used for extremely high security rather than automated, where limited access is required, for cases, events and incidents and can balance valuable resources with back room and frontline operations

INTERCEPTION

Interception of telecommunications content and data is a powerful and cost

effective tool for law enforcement and security agencies to reduce threats to

national security and to assist in the investigation and prosecution of criminal

offences. [Report of the Review of the regulation of access to communications

(Australia 2005) (the Blunn Report)]

Access to interception is tightly regulated and, in relation to content, is limited to the investigation of serious offences under the authority of an independently issued warrant and subject to a range of oversight and

12

12

accountability measures. Sabre (existing EFIMS capabilities) can assist users to document instances.

Sabre will:

Meet privacy protection objectives, and the proportionality

test for issuing warrants, mandatory record‐keeping standards,

and oversight arrangements by the Commonwealth and State

Ombudsmen

Control the number of agencies eligible to access

communications information and the system’s files

Standardise warrant tests and thresholds

Simplifying the information sharing provisions that

allow agencies to cooperate

In real technology terms align industry interception assistance with industry regulatory policy

Create a single warrant with multiple TI powers

Implement detailed requirements for industry interception obligations

Implement whatever tiered industry participation model you envisage and

Immediately accommodate an expansion of the basis of interception activities

Document in evidentiary form the offence for

failure to assist in the decryption of communications

Immediately apply tailored data retention periods of parts of a data set,

with specific timeframes taking into account agency priorities and

privacy and cost impacts

Strengthen the safeguards and privacy protections of the interception

regime in line with contemporary community expectations;

13

13

lawful access regime for agencies;

Streamline and reduce complexity in the lawful access regime; and

• Modernise cost sharing frameworks.

Arrange data in a form to enable prosecution (as used by NSW Police)

Reliably identify communications of interest and to

associate them with telecommunications services;

Reliably and securely access communications and associated data of

interest within networks; and

Provide tools to effectively interpret the communications to extract the intelligence or evidence

Sabre (EFIMS) will swiftly enable the Commonwealth to Implement a standard

threshold for both content and stored communications warrants (assuming

that enabling legislation has been passed) removing the complexities inherent

in the current interpretation of what is a serious offence, recognise the growing

number of online offences and provide consistent protection for ‘live’ and

‘stored’ content.

National security risks

14

14

“The Australian Security Intelligence Organisation Report to Australia’s

Parliament 2010‐2011 states that espionage by foreign intelligence services is

an enduring security threat to Australia, both conventional and new forms,

such as cyber espionage. Our increasing reliance on communications

technology to conduct the business of Government, commerce and our daily

lives makes Australians more vulnerable to malicious attack. As such cyber

security has emerged as a serious and widespread concern. States, as well as

disaffected individuals or groups, are able to use computer networks to view

or siphon sensitive, private, or classified information for the purpose of,

political, diplomatic or commercial advantage.

Individual records or files stored or transmitted on telecommunications

networks may not be classified or particularly sensitive in and of themselves

but, in aggregate, they can give foreign states and other malicious actors a

range of intelligence insights not otherwise readily available.

This threat extends to information vital to the effective day‐to‐day operation

of critical national industries and infrastructure, including intellectual

property and commercial intelligence.

It is imperative that Australia’s intelligence agencies are appropriately

equipped to protect Australia’s vital national security interests. This includes

the ability for Australia’s foreign intelligence and security services to interact

and work seamlessly together.”

Such considerations, we assume are common to all allied nations. We offer

such a mechanism installed and proven.

Hardcat’s NSW Police EFIMS addresses the question as to how an extraordinary amount of data can be filtered and allocated a security level according to its purpose. The debate may revolve, inter alia, around what data should be centralised and operated on and what can remain distributed in the field. This is the decision of the system administrators. EFIMS is both fixed and mobile. A nation’s National Security Committee (or Lead Body) can determine in what context the Sabre System is applied to national, states, territories and any local government management of its own law enforcement and agencies’ data, extent of sharing, privacy and cooperation in national security activities.

15

15

Information provided by commercial enterprise drawn into EFIM’s capabilities incorporates required and offered participation by industry. It can operate in a covert manner if required, assembling information on how criminal elements infiltrate corporate enterprise and use it as well as tracking parties external to that enterprise. A disparate patch work quilt of policies and actions by governments and key agencies and sectors of business enterprise (banking, utilities, telecommunications, document issuance and so on) serves to advantage criminal elements. Sabre suddenly encapsulates these disparate webs of information source. This proposal acknowledges the role of the agency that may be responsible for cyber security policy in a nation. One might assume, or external parties in the private sector may claim, they hold a similar philosophy as their government/s in defining measures relating to the confidentially, availability and integrity of information that is processed stored and communicated by electronic or similar means and which can contribute to national security surveillance and analysis. We find these contentions irrelevant to what we propose. Sabre is not something they can replicate because its features are ultimately “classified”. The record shows that not too many enterprise CEO and Boards are keen to enable data retrieval from their corporate systems and additionally they may resist the costs involved in participation in any nation’s national security. To our mind this is also irrelevant. Commercial enterprise expects to be protected from terrorism, criminals and be provided with secure policing and security and there comes a cost with that. Our Sabre proposal minimises that cost dramatically when compared to what big integrators my offer governments, and agencies, conceptually. Even if they do offer something they do not operate holistically as Hardcat EFIMS does. This is not to say that integrators need not be involved in the development and implementati9on of a Sabre system such as NSW Police EFIMS. Hardcat is a small company and governments will decide under what financial

16

16

and implementation scope Sabre would proceed. Hardcat can provide the foundation intellects that built EFIMS on time and to budgeted cost required by NSW Police. A nation’s national security, economic prosperity and social wellbeing are critically dependent upon the availability, integrity and confidentiality of a range of information and communications technologies. This includes desktop computers, the internet, mobile communications devices and other computer systems and networks and may I add products that are provided by external parties such as passports, employee identity, smart cards, tokens, credit cards and any other instrument that deals with data. All of these are vital elements to building a state of the art response to the challenges posed by fundamentalism, ideology, terrorism, activism and criminality. Telecommunication providers can play an active role inputting data automatically into a National System for later analysis and processing, just as airlines, shipping and other industries can play a contributing role. We can all cite an increase in malicious code, attacks and criminal activity, as is particularly the case for financial transactions and sensitive commercial or personal identity including theft thereof, or the creation of one core document to breed others for the purpose of opening a bank account, a social security identity, a driver licence and more. Terrorists can strike in many ways and rogue nations can attack Australia’s underlying financial systems and business using fake identities, credit cards, passports and other instruments. In all of this governments have to balance national security against the civil liberties of citizens, including the right to privacy, and the inherent need to promote efficiency and innovation to ensure that a nation realises its full potential. This task is compounded by vested interests and users who are free with their private information on social media, perhaps not fully understanding the dangers and yet resist having their metadata examined? In this proposal we are not concerned with civil liberties, a Sabre National Security System can be programmed to do whatever you want it to including limiting its reach and intervention or making it covert. That is a decision for government.

17

17

Within this proposal we are moving beyond the mere concept of a Cyber Security Centre gathering data and using the Internet and supporting the government’s objective of cyber safety focused on protecting individuals, particularly children, from offensive content, bullying, stalking or grooming online for the purposes of sexual exploitation to a broader economic and social contexts, requiring coordination of other related policies, programmes and industry participation. There is a role for industry in this scope particular in the federation of competing interests, and knowledge awareness of federal, state and territories. A global network of criminal elements has emerged, literally coming together like a new generation mafia, using whole countries (pariah states, states under sanctions and so on) whilst integrating this into institutional structures (government, banking, financial systems, utilities, technology and telecommunications) across the world to launder large volumes of money, to create fraud and as we also know to fund terrorism. This is not simply the transactional movement of funds involving the complicity of a bank or other structure it is the actual manufacture of the foundation for that movement beyond data transfer in computer systems and on the internet to physical instruments such as credit cards, chips in mobile devices and identity instruments. The clients of these outputs are those who embrace serious badness. EFIMS’s forensic capabilities are designed to enable capture of all of this intelligence with authorized access by as many agencies as required to work on the data and use it according to their individual charters. If you want to package up cyber data such as web sites preying on children or any such thing Sabre National Security will do it. Every honest business, and person with integrity at their core, would support the National Leadership approach by within a federation of a shared responsibility in the communication, and storage, of sensitive information (of all types) and the obligations of mutual respect for the information and systems of other users. Not only the public service should be engaged, through knowledge leadership and action, in a partnership approach to cyber and national security across all of a nation’s governments (state or other) the private sector and the broader nation community is essential along with our nation’s allies and multi-national global corporations that cross borders.

18

18

Globalism supports many players and is a major fillip for the criminal person and the criminal state. Just we install systems in government to produce identity, across a myriad of agencies in Australia, all with varying or no level of security EFIMS is the prototype from which you build the capacity to be ahead of them. All business and government entities require risk management in a globalised world where interoperability and internet-connected systems are potentially vulnerable and where cyber - attacks are difficult to detect, there is no such thing as absolute cyber security. However on too many occasions, entities operate in a state of unawareness of what human and machine networks they are in and supporting, knowingly or unknowingly. In concert with government, and community, everyone must be brought into the policy and the intelligence exchange, and all must apply a risk-based approach to assessing, prioritising and resourcing cyber security activities within the values paradigm of their individual operations. Many enterprises educate customers, and others, with whom they come into contact (at exhibitions, conferences and seminars) as to the cyber risks of instruments that individuals carry and use, phones, credit cards and other devices. As a part of their own cyber security they must operate, and maintain, secure and resilient information and communications technologies to protect the integrity of operations and the identity and privacy of the customers and end users. This vitally includes corporations engaged in the manufacture, and distribution of critical identities and software particularly everyday commercial software that can also be used for elicit purposes. International governments and jurisdictional agencies, working together as allies, can assist in educating, and empowering, all citizens with the information, confidence and practical tools to protect themselves online and in their financial and other transactions but what of the hidden criminal operations described previously that pray upon ignorance, greed and human nature? Governments may promote security and resilience in infrastructure, networks, products and services across governments, including parliamentarians, associated people, employees and communities but this is but one part of the puzzle and vital mosaic that builds to protect our nation and our cooperation with like - minded (allied) sovereign states around the world. It is but one part of our proposal’s potential.

19

19

The private sector and government agencies the world over look to the protection of their ICT systems but to what extent do they ponder how criminal elements become embedded and institutionalised as part of those structures? They take live (or deceased) identities and data to manufacture other things for their needs (breeder documents) and then send them into the legitimate world. Companies and, more particularly, those with global footprints must work with agencies like CERT Australia to assist the owners, and operators, of critical infrastructure, and systems, of national interest and add support to such a nation’s own body (like CERT) within a global community of computer emergency response teams (CERTs) to support international collaboration in regards to cyber and national security issues and also complement the work of a nation’s Cyber Security Operations Centre. These collaborative arrangements can also serve to make participants aware that their business can also provide the foundation and tools of crime and terrorism and to incite them to vigilance. Sabre is being offered as a tool in an arsenal of such vigilance. A sort of crime stoppers in technology form.

20

20

21

21