240 likes | 437 Views
Intelligence and Security in the Digital Age. Sir David Omand GCB Visiting Professor, Department of War Studies, King ’ s College London Cambridge, Computing Society, 1 Mar 2012. “ The further back you look, the further ahead you can see ” Winston Churchill Offence/defence race
E N D
Intelligence and Security in the Digital Age Sir David Omand GCB Visiting Professor, Department of War Studies, King’s College London Cambridge, Computing Society, 1 Mar 2012
“The further back you look, the further ahead you can see”Winston Churchill • Offence/defence race • Technology drivers • Demand: modern national security? • Supply: new means • Cyber security • An additional factor: individual rights and social attitudes
Role of Intelligence Intelligence enables action to be optimised by reducing ignorance; and secret intelligence achieves this objective in respect of information that others wish to remain hidden. Continuous offence/defence competition for… Situational awareness Explanation Prediction and modelling Strategic notice of possible futures
4 revolutions in intelligence The legacy of Maxwell, Herz and Marconi: The discovery and exploitation of the electromagnetic spectrum: radio, direction finding, traffic analysis, agent communications, radio deception The legacy of Turing and Shockley: process engineering, The first quantum revolution: radar, programmable computers, transistors, minaturisation, into Space… The legacy of Feynman and Moore: The second quantum revolution: electro-optics, lasers, micro-electronics, packet switching, mobile communications, The legacy of Berners-Lee: the internet and web, “electronic exhaust”, Intelligence Agencies become ‘knowledge industries’,massive data storage
Balancing three sets of pressures Demand: new strategic requirements Supply: new technological possibilities
Balancing three sets of pressures Demand: new strategic requirements Supply: new technological possibilities Social attitudes and ethical issues
Demand: Modern‘National Security’ National security: more than territorial defence, important as this remains Includes modern threats, terrorism, cyber, WMD, narcotics and major hazards such as pandemics Security as a state of normality, people being able to make the most of their lives, freely and with confidence. Citizen centered: with a psychological component to security
Demand: Modern‘National Security’ • Understanding risk and uncertainty. No guarantees • Help frustrate threats and identify opportunities • Work upstream to reduce likelihood of future trouble • Reduce vulnerability • Increase resilience • Using intelligence consistently will improve the odds Risk management Citizen centered: a psychological component to security
Risk management as the driving logic Example: CONTEST Counter-Terrorism Strategy: Risk = likelihood x vulnerability x (impact x duration) + ?? Prepare Pursue Protect Prevent
Demand: Modern ‘National Security’ • Requires pre-emptive intelligence, of both States and Non-State Actors: terrorists, criminals, proliferators • Situational awareness • Explanation • Prediction • Strategic notice for longer term Risk management Anticipation Citizen centered: a psychological component to security
Accessing relevant information • Sources: • Classic ‘ints’: HUMINT, SIGINT (including network exploitation), IMINT etc • Open source information, OSINT, including analysis of social networking • Developing a new ‘int’: PROTINT or data protected personal information
Examples of ‘PROTINT’ in the UK E-Borders, Registrar General, social security, HMRC, electoral… Advance passenger information CCTV and ANPR (Automatic number plate readers) Communications meta-data Credit, debit and loyalty cards Financial transactions including SWIFT Social networking sites Data matching and mining
New technical possibilities • Network and cyber attack • ‘Facilitated’ access using insiders • Fused multi-source operational intelligence using advanced visualisation techniques • Social networking and RSS feeds • DIGINT techniques – digitally manipulating data sets • Information retrieval – latent semantic search
UK cyber strategy depends upon intelligence Ends: Supporting economic prosperity, protecting national security and safeguarding the public Ways: Drivers are in the private not public sectors Has to be international Means: role of intelligence central: 80/20 rule
Operating in the Intelligence Space • The top 20% of Cold War threat • penetration agents (Cambridge ring; Enormoz; Portland ring) • technical attacks (bugs, implants, microwave resonating cavities) • Counter-measures • 24/7 observation of KGB and GRU agents • Agent comms interception (Venona decrypts) • Double agents (Gordievsky - exposing Bettany) • R&D into novel attack methods
Current developments in S&T Cyber Network attack and defence PROTINT and data mining Stand-off range allied with precision (60,00ft to 1 m2) Remote surveillance streaming rates Detectors at 1 or 2 parts/billion + rapid field results Millimetric wave technology Nano-engineering Neuropharmacology and neuroscience Quantum computing?
But also building public trust that we are not heading for the Panoptic State, or the tyranny of absolute knowledge
With the end of the Cold War came a change of intelligence paradigm for the UK “The Secret State” of the Cold War Supporting nuclear deterrence and NATO, all kept secret from the public Secret status of intelligence agencies Domestic policing and external intelligence kept separate “The Protecting State” of modern national security Intelligence Agencies are avowed and regulated Use of intelligence for security of the public, who demand to know more about what is being done in their name Cooperation in policing and intelligence
Public attitudes and ethical issues The active use of secret intelligence for public protection: puts secret world under unwelcome media spotlight generates demands for accountability and oversight increases importance of public (and staff) confidence Issues arise for the security and intelligence community over privacy and the use of technology and PROTINT over the ethics of human intelligence work in using intelligence as evidence in court in justifying continuing secrecy over sources and methods
The security and intelligence community accepts: Terrorists get prosecuted under the law Ethics matter; some opportunities have to be passed Oversight by Parliament and judges The public has to accept: Security of public is first responsibility of government Managing the risks requires secret intelligence Some loss of privacy has to be accepted to get it Secret intelligence needs secrecy of sources/methods A ‘grand bargain between Government and the public
Discussion 21