Upload
madeline-johns
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Intelligence and Security in the Digital Age
Sir David Omand GCBVisiting Professor, Department of War Studies, King’s College LondonCambridge, Computing Society, 1 Mar 2012
2
“The further back you look, the further ahead you can see” Winston Churchill
o Offence/defence race
o Technology drivers
o Demand: modern national security?
o Supply: new means
o Cyber security
o An additional factor: individual rights and social attitudes
Role of Intelligence
o Intelligence enables action to be optimised by reducing ignorance; and secret intelligence achieves this objective in respect of information that others wish to remain hidden.
o Continuous offence/defence competition for…
Situational awareness
Explanation
Prediction and modelling
o Strategic notice of possible futures
4 revolutions in intelligence
o The legacy of Maxwell, Herz and Marconi: The discovery and exploitation of the electromagnetic spectrum: radio, direction finding, traffic analysis, agent communications, radio deception
o The legacy of Turing and Shockley: process engineering, The first quantum revolution: radar, programmable computers, transistors, minaturisation, into Space…
o The legacy of Feynman and Moore: The second quantum revolution: electro-optics, lasers, micro-electronics, packet switching, mobile communications,
o The legacy of Berners-Lee: the internet and web, “electronic exhaust”, Intelligence Agencies become ‘knowledge industries’, massive data storage
Demand:new strategic requirements
Supply: new technological possibilities
Balancing three sets of pressures
Social attitudes and ethical issues
Demand:new strategic requirements
Supply: new technological possibilities
Balancing three sets of pressures
Demand: Modern‘National Security’
National security: more than territorial defence, important as this remains
Includes modern threats, terrorism, cyber, WMD, narcotics and major hazards such as pandemics
Security as a state of normality, people being able to make the most of their lives, freely and with confidence.
Citizen centered:with a psychological
component to security
Understanding risk and uncertainty. No guarantees
•Help frustrate threats and identify opportunities
•Work upstream to reduce likelihood of future trouble
•Reduce vulnerability
•Increase resilience
Using intelligence consistently will improve the odds
Citizen centered:a psychological component
to security
Risk management
Demand: Modern‘National Security’
9
Risk management as the driving logic
Example: CONTEST Counter-Terrorism Strategy:
Risk = likelihood x vulnerability x (impact x duration) + ??
PreventPursue
Protect
Prepare
Citizen centered:a psychological component
to security
Risk management Anticipation
o Requires pre-emptive intelligence, of both States and Non-State Actors: terrorists, criminals, proliferators
o Situational awareness
o Explanation
o Prediction
o Strategic notice for longer term
Demand: Modern ‘National Security’
11
Accessing relevant information
o Sources:
o Classic ‘ints’: HUMINT, SIGINT (including network exploitation), IMINT etc
o Open source information, OSINT, including analysis of social networking
o Developing a new ‘int’: PROTINT or data protected personal information
oE-Borders, Registrar General, social security, HMRC, electoral…
oAdvance passenger information
oCCTV and ANPR (Automatic number plate readers)
oCommunications meta-data
oCredit, debit and loyalty cards
oFinancial transactions including SWIFT
oSocial networking sites
oData matching and mining
Examples of ‘PROTINT’ in the UK
13
New technical possibilities
o Network and cyber attack
o ‘Facilitated’ access using insiders
o Fused multi-source operational intelligence using advanced visualisation techniques
o Social networking and RSS feeds
o DIGINT techniques – digitally manipulating data sets
o Information retrieval – latent semantic search
UK cyber strategy depends upon intelligence
o Ends:
o Supporting economic prosperity, protecting national security and safeguarding the public
o Ways:
o Drivers are in the private not public sectors
o Has to be international
o Means: role of intelligence central: 80/20 rule
Operating in the Intelligence Space
• The top 20% of Cold War threat– penetration agents (Cambridge ring; Enormoz; Portland
ring)– technical attacks (bugs, implants, microwave resonating
cavities)
• Counter-measures– 24/7 observation of KGB and GRU agents– Agent comms interception (Venona decrypts)– Double agents (Gordievsky - exposing Bettany)– R&D into novel attack methods
Current developments in S&T
o Cyber Network attack and defence
o PROTINT and data mining
o Stand-off range allied with precision (60,00ft to 1 m2)
o Remote surveillance streaming rates
o Detectors at 1 or 2 parts/billion + rapid field results
o Millimetric wave technology
o Nano-engineering
o Neuropharmacology and neuroscience
o Quantum computing?
But also building public trust that we are not heading for the Panoptic State, or the tyranny of
absolute knowledge
“The Secret State” of the Cold War
o Supporting nuclear deterrence and NATO, all kept secret from the public
o Secret status of intelligence agencies
o Domestic policing and external intelligence kept separate
“The Protecting State” of modern national security
o Intelligence Agencies are avowed and regulated
o Use of intelligence for security of the public, who demand to know more about what is being done in their name
o Cooperation in policing and intelligence
With the end of the Cold War came a change of intelligence paradigm for the UK
Public attitudes and ethical issues
• The active use of secret intelligence for public protection:
• puts secret world under unwelcome media spotlight
• generates demands for accountability and oversight
• increases importance of public (and staff) confidence
• Issues arise for the security and intelligence community
• over privacy and the use of technology and PROTINT
• over the ethics of human intelligence work
• in using intelligence as evidence in court
• in justifying continuing secrecy over sources and methods
The security and intelligence community accepts:o Terrorists get prosecuted under the law
o Ethics matter; some opportunities have to be passed
o Oversight by Parliament and judges
The public has to accept:o Security of public is first responsibility of government
o Managing the risks requires secret intelligence
o Some loss of privacy has to be accepted to get it
o Secret intelligence needs secrecy of sources/methods
A ‘grand bargain between Government and the public