The modern threat environment features a dizzying array of players with deep financial and technological resources. Jihadists use the Internet to recruit and train new members. Organized criminals defraud victims and institutions with ever-increasing sophistication. Sovereign states wield energy resources and their means of delivery like the blunt instruments of medieval combat, while covertly funding more subtle criminal activity. Global supply chains of information technology equipment are compromised with near-identical knockoffs hiding trap doors, Trojan horses, malware and time bombs set to activate within our most trusted public and private networks. Counterfeit electronics — seemingly identical to brand-name versions — periodically slip into technology orders placed by the federal government and other sensitive buyers. The blueprints for anything from improvised explosive devices (IEDs) to nuclear weapons can be found online. This all illustrates how the threat environment today is both complex and nuanced.
All of these disturbing trends have collided in Russia, which under Vladimir Putin has devolved over the past decade into a winner-take-all Wild East. Today’s Russia is consumed by clannish struggles among competing elites that all too often operate as an organized crime syndicate. Government functions such as the tax department are used for personal profit and political retribution. At the United Nations, manipulation of the Iraq “Food for Oil” program by Russian intelligence allowed oil vouchers to be directed for individual profit — within the Russian presidential administration, no less — to the tune of over $500 million dollars. I know of no other instance where the intelligence service of a major nation was tasked to serve personal interests on such a massive scale. Vast resources are held by an unscrupulous few in Russia and elsewhere. Criminal players and intelligence officers now have international, national and regional resources and identities at their disposal. The proper response to such coordination is to learn from it, by forming a tight-knit network of our own, in which federal, state and local forces work in tandem. I call this approach “net-centric public safety.” This article details the nature of the threat as well as ways in which the U.S. government can respond.
The organizational ingenuity displayed by today’s criminals and intelligence players would be laudable were its implications not so dire. Chinese hackers regularly and systematically ravage U.S. government and private Web sites and systems to glean intelligence and cause disruption. Chinese technological fingerprints have been found in U.S. Congressional Committee computer systems. There is evidence linking these fingerprints with surveillance of Chinese dissidents in the Washington, D.C. area by Chinese intelligence personnel operating from the embassy in Washington, D.C. In Iraq, a stolen Chevy Suburban from Texas was found in Fallujah rigged with explosives intended for the Green Zone. In 2004, a top al Qaeda lieutenant met with the leaders of a Central American gang, Mara Salvatrucha (MS13), to request assistance in smuggling al Qaeda operatives into the U.S. A backup al Qaeda safe house for Mohammed Atta doubled as a residential home and mosque in Hyattsville, MD in violation of local zoning codes. The distinctions between international and local continue to blur, challenging our ability to battle the multi-headed hydra of terrorism, counter-intelligence and crime.
The responsibility for securing our homeland against these threats has primarily fallen to the federal government, in the form of the Department of Homeland Security and the Federal Bureau of Investigation, but the state and local authorities also have a vital role. The impressive patchwork scale of the federal effort brings unfortunate bureaucratic baggage with it, including tight information control via classification regulations. Outside of DHS-funded fusion centers, which have been created to integrate non-federal entities, state and local forces tend to be disconnected from the federal effort. Unfortunately, crime, like politics, is almost always local. Though the efforts may yield global results — a hacker cracking open a U.S. retail network to steal credit card data, say — the behavior itself tends to be regional. Crime takes place in parking lots, train yards, shopping malls and back alleys. The hacker sits in a bland apartment, pillaging bank accounts and boardrooms with impunity. He might be the mild-mannered man next door.
Turning Information Into Intelligence
Public safety in the Information Age requires that data assimilated on the local level be shared with state and federal authorities through a technologically robust network of geographically dispersed databases and organizations. Examples of this included the aforementioned fusion centers, as well as the more than 200 FBI Joint Terrorist Task Forces charged with this responsibility. Serious gaps remain, however. On the local level, access to critical information is limited, as is the ability to analyze and interpret the information in a timely manner.
Public safety demands that we let federal, state and local authorities work together not only on a need-to-know basis but on a need- to-share basis. The traditional approach has yielded monstrous, ever-expanding warehouses of data that are expensive to maintain as well as silos stuffed with local police and government information — an inefficient approach that raises privacy issues. In an attempt to field legitimate information requests without violating civil liberties, innovative technological architectures are being implemented. In King County, WA, for example, a successful project dubbed RAIN (Regional Automated Information Network) gives 44 different police and sheriff departments’ access to criminal justice information through a single federated inquiry without creating a new data warehouse. To give you a sense of the magnitude of the challenge we face, there are more than 18,000 distinct law enforcement agencies across the United States in more than 3,000 counties Using this new approach to information sharing called “Briyante Integration Environment (BIE),” law enforcement organizations can easily and securely tie together data from disparate systems into a single view through common Web service-based architecture. BIE delivers tremendous flexibility in determining specific data views for varied user groups and for agencies that rapidly deliver vital information at tactical speed. This enhances officer safety and operational effectiveness. This system eliminates latency in warehouses and provides only the information needed for as long as it is needed, securing privacy while improving efficiency and tactical response capabilities. This approach mitigates privacy concerns by delivering information without requiring massive storage facilities.
Today’s threat environment demands increased collaboration and shared situational awareness among authorities at every level of government, from local housing inspectors to firefighters, police officers and federal agents. We require a holistic view of law enforcement in which the traditional categories — vice, burglary, auto theft, et al — are no longer seen as distinct disciplines but as part of a greater whole. Staffing in this manner bucks a trend that has contributed to the stove-piping of both information and career tracks. Modern risks also demand that we bring our deep national experience in counter-intelligence to bear on the new threat environment. Counter-intelligence is traditionally defined as a detailed understanding of the activities of a foreign intelligence service, which is then used to thwart its effort to compromise our national security. Counter-intelligence has both defensive and offensive missions. Today, we are battling forces that blend government structures with private business, intelligence acumen with criminal ruthlessness. Our counter-intelligence skills should play an important role. The mission of our federal counter-intelligence forces should broaden to address this sophisticated threat and educate our state and local counter-terrorist forces on its implications. This shift will no doubt require additional resources for the FBI to take on this broader training. Retired agents and intelligence officers may be able to help here.
This new definition of counter-intelligence is a comprehensive, creative process of analyzing the personnel and methodologies of the targeted criminal, state-controlled business, intelligence or terrorist organization and its assets.
The principles and methodology of counter-intelligence should become part of our standard homeland security / first responder training. This training will help local and state authorities spot behavior that may hint at a wider criminal network, in the same way archeologists are trained to see a tyrannosaurus skeleton lurking beneath a few stray bones. All relevant data — drawn from surveillance, travel records, wiretapping, forensic evidence, banking transactions, travel records, informants and elsewhere — can then be understood as relevant to the mission of the fusion centers when tasked to analyze a valid threat.
To achieve their promise, fusion centers would benefit from the BIE information-sharing environment, which would permit them to analyze disparate arrays of data to yield meaningful patterns. These patterns may quickly illustrate a relatively simple local crime, or they may illustrate one layer of a more complex effort. They can identify trends and help agencies allocate resources more effectively and more precisely if the technology matches the analytic capability. This is a vital task but a difficult one and may take years to accomplish.
The future of policing will hinge on improved data collection and analytics, which in turn will spur continuous improvements in technology and tactics. Witness the implications of license plate reading (LPR) technology, which can capture thousands of license plates during a single shift, categorized by GPS location. LPR technology can immediately check each tag number to determine if it is stolen or wanted. After action analysis of this data can also lead to witness identification; it can place suspects at crime scenes; it can recognize patterns and yield terrorist and gang watch lists that can be fed to authorities at every level.
Intelligence is the most valuable currency in modern crime prevention. Information needs to be collected, analyzed and exploited in real time. Local and state agencies, as first responders, should be trained to identify and gather information. They require access to the information already stored in legacy databases and record management systems. Technology can transform that information into actionable intelligence, when properly sorted and analyzed.
Ultimately, collaboration between municipal, state and federal agencies can translate this technology and manpower into a reduction in crime, improving the quality of community life while furthering our national homeland security mission. When technology gives police officers access to information that will enhance their safety and bolster their job performance, and when that information can then reach crime centers and watch commanders in real time, we will have a net-centric public safety system. The top-down approach to homeland security must be inverted to place priority at the state and local level, bringing powerful new resources to bear. This counter-intelligence-driven mindset will unite technology, investigations and analysis into a coherent, holistic system capable of meeting modern challenges.
This all begins by getting authorized access to the information that, in many cases, already exists in the silos of local criminal justice records and management systems. Next is the need to analyze this information for relevancy.
In a net-centric public safety world, the flow of information from the first responder to a real-time crime or fusion center is seamlessly bidirectional. Public safety in the Information Age seeks to translate an information advantage into a security advantage. This requires technological investments that create a robust networking of well-informed geographically dispersed elements (municipal, state and federal government). Once implemented, this networking creates new forms of organizational behavior by allowing increased information sharing, collaboration, and shared situational awareness. Shared situation awareness enables collaboration and self-synchronization and enhances sustainability. Better information awareness produces greater speed of command. This approach will dramatically increase our effectiveness in public safety missions, counter-terrorism goals and counter-intelligence awareness.
Paul M. Joyal is managing director, Public Safety Sector at National Strategies Inc. in Washington, DC. He has extensive experience in law enforcement, intelligence and national security entities worldwide. Joyal is the former director of security for the U.S. Senate Select Committee on Intelligence and has recently received the Golden Eagle Leadership Award for Defender of Counter-intelligence and Homeland Security, by the Respect for Law Alliance in New York City.
For more information, please contact Heather Sabharwal at firstname.lastname@example.org or 202-349-7016.
Posted on Tue, September 30, 2008
by Paul Joyal