[Infowarrior] - MI5 seeks powers to trawl records in new terror hunt

[Richard Forno]

http://www.guardian.co.uk/uk/2008/mar/16/uksecurity.terrorism

MI5 seeks powers to trawl records in new terror hunt

Counter-terrorism experts call it a 'force multiplier': an attack combining
slaughter and electronic chaos. Now Britain's security services want total
access to commuters' travel records to help them meet the threat

    * Gaby Hinsliff, political editor
    * The Observer (UK)
    * Sunday March 16 2008

This article appeared in the Observer on Sunday March 16 2008 on p22 of the
News section. It was last updated at 01:49 on March 16 2008.

Millions of commuters could have their private movements around cities
secretly monitored under new counter-terrorism powers being sought by the
security services.

Records of journeys made by people using smart cards that allow 17 million
Britons to travel by underground, bus and train with a single swipe at the
ticket barrier are among a welter of private information held by the state
to which MI5 and police counter-terrorism officers want access in order to
help identify patterns of suspicious behaviour.

The request by the security services, described by shadow Home Secretary
David Davis last night as 'extraordinary', forms part of a fierce Whitehall
debate over how much access the state should have to people's private lives
in its efforts to combat terrorism.

It comes as the Cabinet Office finalises Gordon Brown's new national
security strategy, expected to identify a string of new threats to Britain -
ranging from future 'water wars' between countries left drought-ridden by
climate change to cyber-attacks using computer hacking technology to disrupt
vital elements of national infrastructure.

The fear of cyber-warfare has climbed Whitehall's agenda since last year's
attack on the Baltic nation of Estonia, in which Russian hackers swamped
state servers with millions of electronic messages until they collapsed. The
Estonian defence and foreign ministries and major banks were paralysed,
while even its emergency services call system was temporarily knocked out:
the attack was seen as a warning that battles once fought by invading armies
or aerial bombardment could soon be replaced by virtual, but equally deadly,
wars in cyberspace.

While such new threats may grab headlines, the critical question for the new
security agenda is how far Britain is prepared to go in tackling them. What
are the limits of what we want our security services to know? And could they
do more to identify suspects before they strike?

One solution being debated in Whitehall is an unprecedented unlocking of
data held by public bodies, such as the Oyster card records maintained by
Transport for London and smart cards soon to be introduced in other cities
in the UK, for use in the war against terror. The Office of the Information
Commissioner, the watchdog governing data privacy, confirmed last night that
it had discussed the issue with government but declined to give details,
citing issues of national security.

Currently the security services can demand the Oyster records of specific
individuals under investigation to establish where they have been, but
cannot trawl the whole database. But supporters of calls for more sharing of
data argue that apparently trivial snippets - like the journeys an
individual makes around the capital - could become important pieces of the
jigsaw when fitted into a pattern of other publicly held information on an
individual's movements, habits, education and other personal details. That
could lead, they argue, to the unmasking of otherwise undetected suspects.

Critics, however, fear a shift towards US-style 'data mining', a
controversial technique using powerful computers to sift and scan millions
of pieces of data, seeking patterns of behaviour which match the known
profiles of terrorist suspects. They argue that it is unfair for millions of
innocent people to have their privacy invaded on the off-chance of finding a
handful of bad apples.

'It's looking for a needle in a haystack, and we all make up the haystack,'
said former Labour minister Michael Meacher, who has a close interest in
data sharing. 'Whether all our details have to be reviewed because there is
one needle among us - I don't think the case is made.'

Jago Russell, policy officer at the campaign group Liberty, said
technological advances had made 'mass computerised fishing expeditions'
easier to undertake, but they offered no easy answers. 'The problem is what
do you do once you identify somebody who has a profile that suggests
suspicions,' he said. 'Once the security services have identified somebody
who fits a pattern, it creates an inevitable pressure to impose
restrictions.'

Individuals wrongly identified as suspicious might lose high-security jobs,
or have their immigration status brought into doubt, he said. Ministers are
also understood to share concerns over civil liberties, following public
opposition to ID cards, and the debate is so sensitive that it may not even
form part of Brown's published strategy.

But if there is no consensus yet on the defence, there is an emerging
agreement on the mode of attack. The security strategy will argue that in
the coming decades Britain faces threats of a new and different order. And
its critics argue the government is far from ready.

The cyber-assault on Estonia confirmed that the West now faces a relatively
cheap, low-risk means of warfare that can be conducted from anywhere in the
world, with the power to plunge developed nations temporarily into the stone
age, disabling everything from payroll systems that ensure millions of
employees get paid to the sewage treatment processes that make our water
safe to drink or the air traffic control systems keeping planes stacked
safely above Heathrow.

And it is one of the few weapons which is most effective against more
sophisticated western societies, precisely because of their reliance on
computers. 'As we become more advanced, we become more vulnerable,' says
Alex Neill, head of the Asia Security programme at the defence think-tank
RUSI, who is an expert on cyber-attack.

The nightmare scenario now emerging is its use by terrorists as a so-called
'force multiplier' - combining a cyber-attack to paralyse the emergency
services with a simultaneous atrocity such as the London Tube bombings.

Victims would literally have nowhere to turn for help, raising the death
toll and sowing immeasurable panic. 'Instead of using three or four aircraft
as in 9/11, you could do one major event and then screw up the
communications network behind the emergency services, or attack the
Underground control network so you have one bomb but you lock up the whole
network,' says Davis. 'You take the ramifications of the attack further. The
other thing to bear in mind is that we are ultimately vulnerable because
London is a financial centre.'

In other words, cyber-warfare does not have to kill to bring a state to its
knees: hackers could, for example, wipe electronic records detailing our
bank accounts, turning millionaires into apparent paupers overnight.

So how easy would it be? Estonia suffered a relatively crude form of attack
known as 'denial of service', while paralysing a secure British server would
be likely to require more sophisticated 'spy' software which embeds itself
quietly in a computer network and scans for secret passwords or useful
information - activating itself later to wreak havoc.

Neill said that would require specialist knowledge to target the weakest
link in any system: its human user. 'You will get an email, say, that looks
like it's from a trusted colleague, but in fact that email has been cloned.
There will be an attachment that looks relevant to your work: it's an
interesting document, but embedded in it invisibly is "malware" rogue
software which implants itself in the operating systems. From that point,
the computer is compromised and can be used as a platform to exploit other
networks.'

Only governments and highly sophisticated criminal organisations have such a
capability now, he argues, but there are strong signs that al-Qaeda is
acquiring it: 'It is a hallmark of al-Qaeda anyway that they do simultaneous
bombings to try to herd victims into another area of attack.'

The West, of course, may not simply be the victim of cyber-wars: the United
States is widely believed to be developing an attack capability, with
suspicions that Baghdad's infrastructure was electronically disrupted during
the 2003 invasion.

So given its ability to cause as much damage as a traditional bomb, should
cyber-attack be treated as an act of war? And what rights under
international law does a country have to respond, with military force if
necessary? Next month Nato will tackle such questions in a strategy
detailing how it would handle a cyber-attack on an alliance member. Suleyman
Anil, Nato's leading expert on cyber-attack, hinted at its contents when he
told an e-security conference in London last week that cyber-attacks should
be taken as seriously as a missile strike - and warned that a determined
attack on western infrastructure would be 'practically impossible to stop'.

Tensions are likely to increase in a globalised economy, where no country
can afford to shut its borders to foreign labour - an issue graphically
highlighted for Gordon Brown weeks into his premiership by the alleged
terrorist attack on Glasgow airport, when it emerged that the suspects
included overseas doctors who entered Britain to work in the NHS.

A review led by Homeland Security Minister Admiral Sir Alan West into issues
raised by the Glasgow attack has been grappling with one key question: could
more be done to identify rogue elements who are apparently well integrated
with their local communities?

Which is where, some within the intelligence community insist, access to
personal data already held by public bodies - from the Oyster register to
public sector employment records - could come in. The debate is not over
yet.
The Battlegrounds

Energy Security

As North Sea oil stocks run out, Britain risks increasing reliance on
imported gas and oil from volatile regions such as Russia and the Middle
East - but what if Russia turned off the gas tap, as it has repeatedly done
to Ukraine? The threat is seen as intensifying the case for new nuclear
power stations in UK.

China's Monopoly

Rapid industrial growth means that China is desperate for oil, coal, iron
ore and minerals and is developing a stranglehold on supplies from some
countries. There are concerns about its willingness to trade arms for
natural resources with unscrupulous governments, such those of Sudan and
Burma.

Water Wars

Global warming could dry up rivers and lakes in regions such as the Nile
delta and the Middle East, causing mass human migration and battles for
control of remaining water supplies.

Global Poverty

Hunger and economic collapse drives refugees to overwhelm neighbouring
countries and triggers immigration surges to West. Hardship can become a
recruiting ground for extremism.

Cyber Wars

Electronic aggression involving hacking into computer systems running
critical services such as communications, banking or water supply. The main
threat is from Russia, China and terrorists.