Rail Security – the Slow Metamorphosis of Trains into Airliners

Many aviation experts continue to complain that security controls at airports are inefficient and ineffective. Their arguments are only strengthened by the fact that testing the system usually reveals breathtaking gaps. Nevertheless, terrorists are known to be adaptive by nature and have responded to increased vigilance and technological improvements at airports by switching their ’loci operandi’ to trains, as the attacks in Madrid ('04) and London ('05) and the averted plots in Germany ('06) painfully illustrated.

The need to beef up train security is apparent and two interesting examples below show different approaches and success rates:

German police authorities (BKA) put facial recognition to a test at the central train-station in Mainz in 2007 – with mixed results at its best. They tried to recognize 200 registered commuters (so people purposefully took a designated picture at the beginning of the test). However even in these artificial conditions they reached a recognition success rate of only about 60% during the day and less than 20% at night. These results were so disappointing that the BKA chief said he could not recommend facial recognition, at least at its current level of maturity, for wider use by the federal authorities.

Last week Amtrak – the US train behemoth – announced the implementation of airport-like security checks. Now some travelers will be exposed to checks before they board trains by technologies like Smiths Detection’s portable explosive detection devices. Amtrak did however, stop short of installing fixed metal-detectors, which would trigger lengthy cues and erase the last benefit that trains have over airlines – that of convenience. This columnist believes though that as long as rail security remains significantly lower than airlines, it will remain a target of convenience for terrorists.

A Look at Defence Investing: Funding from Asia

As it becomes more and more important to find and fund cutting edge technologies, we see countries turning to the venture capitalist route. Singapore is one of those countries and today we’ll look at the fund established there and how it helps defence and security innovators.

Defence Science and Technology Agency (DSTA), is very involved in defence and security research and development at universities in the region through Temasek Laboratories at both the National University of Singapore (NUS) and the Nanyang Technological University (NTU).

They have now gone one step further to help bring to market innovative ideas that can be used in Singapore’s defence initiatives and have therefore set up a technology innovation fund. This fund is administered by Cap Vista, a strategic partner of the Global Security Challenge competition.

DSTA committed S$20 million to invest in early-stage technology startups around the globe (capped at around $2 million per investment). The current portfolio companies from the website of CapVista are:

• Ascendent Technologies Pte Ltd, a Singapore registered company, was formed in March 2007. It specializes in the research and development of CERMET (metal infused ceramics) processing technology, and the subsequent performance and packaging customisation for armour system integrators. It aims to be a key global supplier and consultants for advanced protection materials


• DenseLight owns and operates an indium phosphite-based manufacturing facility, with the ability to design, manufacture, package and test photonics devices. These devices are used in a wide range of sensors such as fibre-optic gyroscopes, chemical sensors and remote sensing devices.


• Rosum Corporation is based in Mountain View, Silicon Valley. It is a location technology company in the business of augmenting traditional GPS solutions through the integration of TV-based positioning systems. Rosum TV-GPS, provides reliable and accurate position fixes indoors, outdoors, and in dense urban locations where GPS signals are completely denied.

As you can tell via the investments above, you don’t need to be in Singapore or even in Asia to get an investment from CapVista. In fact they have built a robust network centered on partnerships around the world and have established Defence Technology Offices (DTO) in the US and Europe. So if you are in Europe, fear not! the DTO (Europe) office is located in Paris. This office helps to organize and build links in places such as France, Sweden, and the UK. Perhaps not surprisingly, in the last few years DSTA was the third largest defence R&D partner after Germany and the UK.

Web 2.0 – New Terrorist Threats or Security Opportunities?

The (ab)use of emails by terrorists has been a well known issue in the intelligence industry. In the averted train-plot in Germany last year, terrorists tried to (unsuccessfully) outsmart authorities’ surveillance of email traffic by not actually sending out emails but placing them as draft messages in their account with all parties commenting on the drafted messages.
This tactic illustrates how different online tools are used now and tactics anticipating standard surveillance. The US Government acknowledges the potential dangers of social networks by saying that: "Unfortunately, what started out as a benign environment where people would congregate to share information or explore fantasy worlds is now offering the opportunity for religious/political extremists to recruit, rehearse, transfer money, and ultimately engage in information warfare or worse with impunity."

Therefore the US Intelligence Community has started analyzing “Second Life“ type communities and NSA reportedly “is funding research into the mass harvesting of the information that people post about themselves on social networks.” (New Scientist)

What is the Role of Web 2.0 Tools in Government?
Lewis Sheperd, a former senior technology officer at the US Defense Intelligence Agency and now CTO at Microsoft’s Institute for Advanced Technology in Governments, described in a podcast the deployment of social networks in government. The US Intelligence Community already started using wikis; in particular an IC-wide tool called “Intellipedia” has been massively used and deemed a success, as measured mainly by satisfaction of intelligence end-consumers, such as policymakers. Also the creation of internal blogs and RSS feeds has helped to improve quality of information as well as speedy delivery. Through an impressively fast integration of an open source tool (gallery.menalto.com), they even created an intelligent Flickr-like photo sharing platform in-house. Mr. Shepherd’s main tip for integrating web 2.0 tools by other governments was to develop these applications side by side with technologists and end-users.


Cutting Edge Technologies to Police the Web
What have we seen in this space? Three specific technologies come to my mind immediately that can be helpful in securing internet platforms from malicious behavior:

• Carified Networks from Finland is developing a collaborative intelligence tool: at the heart of the system is a wiki portal that visually represents the technical and social actors and their linkage in the scope of terrorist and criminal investigations.


• As criminals and terrorists continue to take advantage of the anonymity of virtual platforms, such as 2nd Life and online social networks (Facebook), a potential solution could be to identify users by their unique typing rhythms. The German startup, Psylock , has developed a log-in software using a typing algorithm - but perhaps a future version of this kind of technology could run in the background of chat-rooms and forums to identify suspicious users.


• Another problem of the immense data flood that is contained in forums, chat-rooms and virtual lives is instant analysis and prioritization of data – especially when written in a different language. Intuview, a cool Israeli startup tries to tackle this problem with its artificial intelligence Arab translation software. Their Arabic language NLP engine is tailored to the idiosyncratic neo-classical Arabic used by Islamic terrorists.

More Statistics about Funding Security and Defence Startups

We thought we’d share some remaining statistics about the innovators that entered the GSC last year. Approximately 51% of the startups that entered were self-funded while nearly 30% had been funded by VCs. The remaining 19% had a mix of grant or angel funding.

Of those that were funded the majority (approximately 65%) received less than $1 million, with 23% receiving $1-5 million. At the top end – those receiving more than $5 million in VC funding – comprised about 12% of our entrants. Hopefully this number increased after their involvement in the competition.

Now if we take one cross-section of entrants, for example just those who entered from the US, we see a similar pattern to the world-wide statistics. The majority of entrants (44%) are boot-strapping their companies. The next largest group, coming in at 31% of the total, is being funded with VC money. With nearly 25% startups receiving grants there is a bit of a bump over the global average. Is this because the US Government is forward leaning in supporting research and development?

Opportunity For Investors
The good news for investors is that there are a lot of unfunded security startups around the world. The Global Security Challenge 2008 will be a great place to interact with startups and to learn more about the security innovation landscape.

Cyber Defence – warfare of the future?

With the heavy reliance of military, banks and even civilians on the Internet today, it’s no surprise that criminal and terrorist activities are focusing their efforts on reeking havoc on the web these days. While it used to be individual hackers who stole credit cards and brought down webpages such as the New York Times’ site in 1998 and the White House’s page in 2001 (allegedly by Chinese hackers), now the latest attacks are much more coordinated and can be directed to attack the critical infrastructure of an entire country, as the recent cyber-attack on Estonia in 2007 showed. The sophisticated attackers used a distributed denial-of-service technique, in which “hackers infiltrated computers around the world with software known as bots, and banded them together in networks to perform these incursions. The computers become unwitting foot soldiers, or “zombies,” in a cyber attack” (New York Times)

As a result of the attack in Estonia, nearly all government ministry networks and two Estonian banks were knocked offline. Many say this was the first example of a cyber-war we have seen. The fact that the Internet often forms the critical backbone of a country’s infrastructure is also illustrated by the rumors currently circulating Cairo’s streets. After the recent destruction of an underwater telecommunication cable by a ship in the Mediterranean Sea that disrupted Cairo’s Internet access, the initial rumors interpreted this to be the first step of the USA for an attack of Iran, according to our Egypt Correspondent (M.S.).

So where is our Cyber Defence?

In 2003, the US government created the National Infrastructure Advisory Council that operates within DHS to produce the National Strategy to Secure Cyberspace, which among many other points stresses the importance of: “performing and funding research and development along with other agencies that will lead to new scientific understanding and technologies in support of homeland security.“

Following this report’s point about looking at the private sector for solutions, we can confirm the validity of working with scientists and entrepreneurs to tackle problems like this. One prime example is Iviz, an Indian startup company that has developed an artificial intelligence technology to simulate intelligent human hackers. They were selected amongst the top-6 security startups in the world by the Global Security Challenge 2007.

The Balance of Military Spending in 2008

According to IISS’s annual assessment of world-wide military capabilities and expenditures, Military Balance 2008, as the world gets richer more money is spent on defence. During times of economic prosperity it is easy to justify growing defence spending as GDP increases.

According to the heritage foundation, military spending as a percent of GDP reached a pinnacle during World War II at 34%. But right now the US spends just over 4% of GDP on defence. The percent increase President Bush asked for in this year’s budget comes to about 7.5%. Contrast this with increases of 20% and 25% year on year for China’s military spending. (Keep in mind even when you allow for the difficulty in summing up the true numbers there is still an order of magnitude difference in the billions spent by these countries.)

This amount of money gives the US a fair amount of breathing room to be creative and to try innovative methods to improve its defense technology, such as through the funding of groups like the Technical Support Working Group and DeVenCI.

Even with President Putin’s latest warning that a new arms race might break out and the dramatic increase in military spending by China is there a possibility for a dramatic uptick in percent spending for defence by the US? Excluding the significant unexpected event, unlikely. With the addition of a new administration heading to 1600 Pennsylvania Ave and the growth of entitlement programmes such as Medicare, Medicaid, and social security (numbers being thrown around suggest growth at the rate of up to 300% year on year) it’s very unlikely we’ll see a boost in the budget. It’s also unlikely we’ll see a dramatic decrease in spending. Even when we see a troop reduction in Afghanistan and Iraq, the US will replace and retool a lot of its equipment.

It appears that somewhere around 4% is the magic number that the US has found and it will be interesting to see how innovative the US will continue to be if forced to restrain its military outlay.

The EU Counter-Terrorism Strategy: how is technology involved?

The Counter-Terrorism Coordinator
After the Madrid bombings in 2004, the EU appointed its first Counter-Terrorism Coordinator, Gijs de Vries, with the ambitious mission to facilitate exchange of information about border control, the security of travel documents and to promote police and judicial cooperation.
After three years, Mr. de Vries’ resigned in spring 2007 with the International Herald Tribune stating that a “disagreement over both the mandate and competencies of the job is believed to have been a significant underlying cause of his decision to leave”.

Then in fall 2007, the EU High Representative Javier Solana, appointed Mr Gilles de Kerchove as the new Counter-Terror Czar of Europe to “coordinate the work of the Council of the EU in the field of counter-terrorism, maintain an overview of all the instruments at the Union's disposal, closely monitor the implementation of the EU counter-terrorism strategy, and ensure that the Union plays an active role in the fight against terrorism.” (EU webpage)
Solana commented that the changing priorities of this role would not amount to an expansion but rather a deepening of the post (according to the IHT).

EU Counter-Terrorism Strategy
The EU’s counter-terrorism strategy was adopted in December 2005 and commits “to combat terrorism globally while respecting human rights, and to make Europe safer, allowing its citizens to live in an area of freedom, security and justice”. (EU webpage)

Similar to most CT strategies, the EU’s strategy rests on four pillars: Prevent, Protect, Pursue and Respond. Here are a few points where these strategies touch technology and thus are related to the efforts of the Global Security Challenge.

Prevent:

• Develop common approaches to spot and tackle problematic behaviour, in particular the misuse of the internet;

Protect

• Improve the secure nature of EU passports through the introduction of biometrics;
• Make best use of EU and Community level research activity.

Pursue

• Tackle terrorist access to weapons and explosives, ranging from components for home-made explosives to CBRN materials;
• Provide technical assistance to priority third countries in order to enhance their own counter-terrorism capabilities.

Respond

• Develop risk assessment as a tool to help inform the building of capabilities to respond to an attack;

Science and Innovation as a part of the UK’s Counterterrorism Strategy

Maintaining a culture of innovation is difficult under the best of circumstances and within very big organizations and governments it is probably easier to through up your hands in frustration than to build in a system that properly finds, funds, and rewards innovators.

The role of science and innovation in the UK’s security and counter-terrorism strategy takes two forms.

"The first is about forging an environment that fosters creativity and innovation in
order to generate the knowledge and technologies that can reduce the risk from
terrorism. The second is about providing the best available scientific evidence and
advice to support Government’s aims. Science and innovation provide support, both at the strategic/policy level (Government departments) and at the end-user tactical level (e.g. emergency responders)." (UK Security & Counter-Terrorism Science & Innovation Strategy)

The UK has a strategy to use developments in science to fight terrorism that utilizes four pathways:

• Expanding a cross-departmental analytical approach to identifying Government’s research priorities;



• Horizon-scanning for future threats and new scientific developments and inventions to counter such threats;



• Working more effectively with business and academia to ensure that research is delivered and exploited through the cultivation of a strong and innovative counter-terrorism research market;



• Collaborating with international partners, allowing increased sharing of knowledge and technology.

Implementation
The Research, Analysis and Development Working Group (RADWG), has responsibility for the coordination and delivery of this strategy. The UK knows that the best way to approach this is through the cross-departmental Counter-Terrorism Science & Innovation Programme. This programme focuses on using to the fullest extent inter-Governmental research. International partnerships also enable the UK to meet its goals and a number of exchanges and groups meet to tackle this challenge together. Here are some recent examples of how the UK is using science and innovation to combat terrorism:

• Facial recognition technology;



• The development of hand-held devices for the rapid detection of chemical and
  biological warfare agents;



• Research into explosive blasts in tunnels and other confined spaces, in order to
  mitigate the effect of terrorist attacks on the London Underground.