Telestrategies
An Interview with Dr. Jerry Lucas
About one year ago, I spoke with Dr. Jerry Lucas of Telestrategies, an information company, about his view of the digital environment. The interview generated favorable comment from readers of my Beyond Search blog and from information specialists monitoring competitive intelligence technologies. Since that 2011 interview, Telestrategies’ impact has grown significantly. The company offers specialist training, webinars, and telecommunications-related conferences. I spoke with Dr. Lucas on January 9, 2013. The full text of our discussion appears below:
|
We talked more than 14 months ago. Intelligence gathering has become more, rather than less important. Also, in that time, Big Data has become the new buzzword in a range of intelligence support systems. Any thoughts about Big Data?
Before answering your question on “Big Data” as a marketing buzzword, let me give you my narrow view of the intelligence gathering market. First, I am considering only intelligence agencies within government organizations (Defense, Interior Security, Law Enforcement, etc.) Also I will give you my perspective based on the vendors who exhibit at ISS World Programs as well as attendees.
Fair enough.
“Big Data” as an eye catching buzzword that works in the US. But as you go east across the globe, “Big Data” as a buzzword doesn’t get traction in the Middle East, Africa and Asia Pacific Regions if you remove Russia and China. One interesting note from the ISS World perspective, Russian and Chinese government agencies only buy from vendors based in their countries.
The US Intelligence Community (IC) has big data problems because of the obvious massive amount of data gathered that’s now being measured in zettabytes. The data gathered and stored by the US Intelligence Community is growing beyond what typical database software products can handle as well as the tools to capture, store, manage and analyze the data. For the US, Western Europe, Russia and China, “Big Data” is a real problem and not a hyped up buzzword.
ISS Vendors marketing to IC’s in Central Europe, the Middle East, Africa, Latin America and Asia, rarely use “Big Data” in their presentation titles and product demonstrations at ISS World Programs.
The marketing pitch “you have a big data problem if it is taking days to add new data feeds, weeks to add new analytic functionality and you have many duplication of the same data for different systems” works in the US because these are real problems.
Are social media of interest?
Yes, there are real-time social network monitoring, text and telecom call detail records (CDR) mining challenges, but they would not fall into the big data analytics space at this time. On this note the low hanging intelligence data fruit in a number of countries comes from data mining telecom CDR’s and the data here is structured and doesn’t have to be transported. Bottom line, there are “dots to be connected” but there are fewer of them.
The social media revolution seems to be the “next big thing.” However, Facebook dominates with a billion members and most of the other social media plays are small or known to insiders. Are we moving ahead in extracting actionable information from social media?
Tools and methods for social network monitoring and intelligence gathering tops the needs and want lists of intelligence analysts in every country. Primarily driven by the Arab Spring. Having trending and sentiment assessment tools that can categorize social network messages, analyzing key elements of significant in text messages and their sentiment are must-have tools for countries particularly in the Middle East, Africa and Asia. At our upcoming March ISS 2013 World MEA in Dubai, we have scheduled over 20 technical training and product demonstration sessions addressing social network monitoring and intelligence gathering tools.
Other than the creating demand for Social Network Monitoring and Intelligence Gathering Products, what are the other Arab Spring impacts ISS Vendors should consider?
Largely because of Arab Spring, the center of mass of intelligent community vendor is shifting from North America and Western Europe east across the globe. When we started ISS World programs 10 years ago, the vendor community participants were 100% Westerners. Non-Western based vendors started popping up before Arab Spring but exploded afterwards, significantly in the last two years.
When we held our first ISS World MEA in Dubai, 100 percent of the exhibiting vendors were from Western Countries. At this upcoming March ISS World MEA in Dubai, 30% of the exhibiting companies are from non-western countries: from China (ZTEsec and Semptian), India (ClearTrail and Vehere), Saudi Arabia (Creative TeleSoft), South Africa (iSolve, Seartech and VASTech), Turkey (C2Tech), Poland (Macro-Systems) and United Arab Emirates (Advanced Middle East Systems and Global Security Network) to name a few.
What’s the spur to this influx of new vendors?
That’s an interesting question. The main reason in my opinion is the western governments reaction to certain Arab Spring revelations. During the uprisings in Tunisia, Libya and Egypt protesters raided respective ministry of interior offices and found vendor brochures, proposals and contracts for intelligence gathering products deployed in telecom networks. This information was passed on to privacy group and bloggers and eventually picked up by the mass media. Eventually these media revelations were picked up by Western politicians looking to make a name for themselves. When you can state the injustice and the villain causing the injustice in 10 seconds or less you have a hot political issue that the general public can relate too. The injustice in this case, governments surveillance of political dissidents and the villains, companies supplying the means to undertake network surveillance.
How have some of the major Western vendors reacted?
A number of western vendors made a decision because of the negative press attention to abandon the global intelligence gathering market. In the US Congress Representative Chris Smith (R, NJ) sponsored a bill that went nowhere to ban the export of intelligence gathering products period. In France a Bull Group subsidiary, Amesys legally sold intelligence gathering systems to Lybia but received a lot of bad press during Arab Spring. Since Amesys represented only a few percent of Bull Group’s annual revenues, they just sold the division. Amesys is now a UAE company, Advanced Middle East Systems (Ames).
My take away here is governments particularly in the Middle East, Africa and Asia have concerns about the long term regional presence of western intelligence gathering vendors who desire to keep a low public profile. For example, choosing not to exhibit at ISS World Programs. The next step by these vendors could be abandoning the regional marketplace and product support.
What other recent developments have occurred that effect intelligence gathering in the ISS space?
The number one development that has effected intelligence gathering from telecom networks is the proliferation of mobile smartphones. In addition to the already problematic challenge of increase volume of traffic there are three new challenges for the IC.
First, with smartphones you can communicate leaving no record with your cellular phone operator. For example take Apple’s new iMessaging application. An SMS type text message from iPhone to iPhone leaves no call record with the cellular phone operator.
Second, the third party communications provider can operate in a country in which your government may not have a close relationship. For example a new VoIP service created for smartphones, VIBER was created by a Belarus company. They have currently 140 million users growing at 10 million per month. Call set up is done by a VIBER server in Belarus then the call is transmitted peer-to-peer, encrypted and its a free service. The users mobile operator has no record of this call and given the US – Belarus political relationship VIBER is not under any pressure to help the US intelligence community.
Finally, with the proliferations of smartphones comes the proliferation of free or nearly free software to provide mobile caller privacy. Features found very attractive by criminals and terrorists. Example, TIGER TEXT: pick a message time to live in storage and kill the message after it’s read and Wickr all messages (voice, text, video) are sent encrypted, set to self destruct after a given time and it’s completely anonymous. Wickr promotes this service as an iPhone encryption app a three-year-old can use. An Android version is in development.
Three ways come to mind. First, use IT Intrusion to remotely infect the criminals terminal so you can extract the content before its encrypted. Sessions given by Gamma Group, Hacking Team, VUPEN Systems and others are very popular at ISS World Programs, but these sessions are only open to LEA and IC attendees.
If this is not an option, have the telecom collect metadata where possible. No content but you can determine who called whom, where and when because call set up data is sent unencrypted.
Finally, be patient and wait for targets to make mistakes. Libya’s Col. Muammar Gaddafi certainly knew mobile satellite phone calls can be intercepted with precise location of caller identified.. He was captured and killed after he made a call from a vehicle in a caravan leaving Tripoli. He called, NATO intercepted the call with location ID and a French fighter jet attacked and stopped the caravan on route out of Tripoli. The rest is history.
More recently the David Petraeus and Paula Broadwell affair was uncovered because they used a method of sending messages using a portal company’s draft file folder service. David Petraeus was Director of the CIA and Paula Broadwell was a Major in the Army’s Counterintelligence Unit! They both were surrounded by experts in communicating over the Internet anonymously. The way they communicated was easily intercepted particularly if you use a portal company known to cooperate with US Law Enforcement possessing over 15,000 lawful intercept requests per year.
In the last year, the need for keeping track of many different types of data and information has increased. Are we approaching a solution to information silo or information stovepipe problem?
My answer is, “Definitely, yes.”
Consider the US where you have 16 federal organizations collecting intelligence data plus the oversight of the Office of Director of National Intelligence (ODNI). In addition there are nearly 30,000 local and state police organizations collecting intelligence data as well.
Data sharing has been a well identified problem since 9/11. Congress established the ODNI in 2004 and funded the Department of Homeland Security to set up State and Local Data Fusion Centers. To date Congress has not been impressed. DNI James Clapper has come under intelligence gathering fire over Benghazi and the DHS has been criticized in an October Senate report that the $1 Billion spent by DHS on 70 state and local data fusion centers has been an alleged waste of money.
The information silo or the information stovepipe problem will not go away quickly in the US for many reasons. Data cannot be shared because one agency doesn’t have the proper security clearances, job security which means “as long as I control access the data I have a job,” and privacy issues, among others.
Can you give me an example?
Some states have laws that drivers license data cannot be ported outside the state and out of state access can only be one record at a time and that record cannot be stored. Also, a new data analytics tool needs to be deployed immediately and can only be timely done as a stand alone system. Integration with other databases is an after though. As in previous examples, the US is an extreme case in this regard. Again, this is why the US has big data analytics challenges.
What are some important considerations for vendors looking to market successfully in the ISS arena?
Let one assume these vendors have had success in the private sector with business intelligence products or success marketing the US Federal Government and are looking to expand internationally. First you have to have a local presence or an alliance partner in your country of interest. Secondly, every country already has intelligence gathering infrastructure in place with established interfaces with telecom operators and internet service providers. Any proposal calling for a system “forklift” will fall on deaf ears. Finally, you have to understand intercept standards. The US intercepts standards are not the same as in Europe. European countries will fine tune the general standards and work with the dominant or legacy telecom operators. Other telecoms in that country will have to mirror what the legacy telecom puts in place and more.
When you think about the different regions and their information challenges, are today’s systems making it easier to deal with language and translation issues? Is speech recognition technology keeping pace with other types of technology?
Yes, with the fact that there are 6,000 different languages spoken on our planet and there are many multi language social networks to deal with. So you have translation problems. At this point Facebook supports 97 languages. And yes, there has been lots of progress in speech recognition technology.
Is translation the key factor?
In part. What’s of high interest at ISS World Programs is speaker biometric recognition. Create a voice print of your target and later identify that target by scanning recorded conversation or conversations monitored in real-time.
At a recent ISS World Program a speaker recognition vendor invited Tatiana Lucas, ISS World Program Director to participate in a real-time demonstration of their products. Tatiana is fluent in four languages. The vendor recorded 30 seconds of her speaking in Arabic and created an Arabic voice print. Then she made a phone call through their system in which there were 5,000 other simultaneous conversations going on. She spoke in Russian and within seconds her conversation was picked up and played to the audience using that Arabic voice print. She then spoke in English with the same result. The audience was convinced so she didn’t speak in Ukrainian.
Speaker recognition vendors predict with storage costs continuing to fall, you will see the day when all calls could be recorded and if you have a voice print of your target it could be detected. But to be effective in intelligence gathering you would have to match the intercept with detail call records or call set up signaling data and this by itself will be challenging but doable.
US Intelligence Agencies buy speaker recognition products but obviously are closed mouth about what they do with it. The use of speech recognition evidence has to date not been supported by the FBI in court cases. Not the same in other countries however.
What are the two or three trends you are monitoring for 2013?
In addition to speaker biometric identification and the adoption of big data analytics previously referenced, here are other trends we are watching.
First is the adoption of IPv6 as a replacement for or supplement to IPv4 internet addresses. IPv4 has 32 bit addresses and IPv6 has 128 bit addresses. Two to the power of 128 yields a number so large you wouldn’t notice a size reduction if you assigned every grain of sand on earth an IPv6 Address out of the pool.
IPv6 will present many challenges to the intelligence community. To identify just one. A user or organization will be able to get a block of IPv6 addresses and use a unique address for a session and change the terminal IP address for the next session. The IC will be challenged in identifying how many devices are behind this block and who the actual user is.
Another trend we are watching is the development of new cyber security standard called Structured Threat Information eXpression (STIX). This is a standard for sharing cyber threat information gathered in network among many organizations including telecom operators. A cyber security record or metric that can be shared by the law enforcement, the intelligence community and those charged with telecom network infrastructure protection will be a giant step regarding cyber security. If adopted, it will create demand for new ISS area products and intelligence gathering analytic techniques.
How have the solutions presented at ISS World been evolving to keep pace with what strikes me as the accelerating pace of innovation in various illegal activities? Can government agencies keep pace with alleged wrong doers who are hiring unemployed engineers and programmers to develop malware and other inappropriate systems?
Yes, the pace at which criminals or terrorists adopt new methods to communicate anonymously is accelerating. Excluding governments developing cyber offensive capabilities, wrong doers don’t have to hire unemployed engineers or programmers. Private industry supplies them with all the products they need for free. As previously discussed, you have TIGER TEXT, Wickr, VIBER and more. What more does the criminal element need and who needs an R&D operation!
You know I want you to put on you wizard hat. What are the most encouraging information and data developments you have noticed in the last 12 months? In short, what are the bright spots in ISS related technology and its use?
Other than Big Data analytic and speaker biometric identification I would include facial recognition analytics. With 300 million photos uploaded daily on Facebook, 30 million surveillance cameras in the US alone gathering billion of hours of video and other facial data bases to mine creates a huge, new intelligence gathering market for picture recognition analytics.
If a reader wants to be considered as a speaker or wants to exhibit at on of the ISS shows, where does that person get more information?
Contact ISS World Program Director, Tatiana Lucas, at Talucas@telestrategies.com.
What’s the url for the ISS line up of programs for 2013?
To review the 2013 ISS World Conference and Expo Programs scheduled for Dubai (March), Prague (June), Brasilia (July), Washington (October) and Kuala Lumpur (December), go to www.issworldtraining.com. Also, we have posted a number of webinars scheduled for this coming March addressing IPv6 Challenges, Facial Recognition Techniques Used by Law Enforcement and Intelligence Analysts, Cyber Defense Opportunities using STIX and other webinars. There is no charge to attend our training webinars.
ArnoldIT Comment
Those interested in law enforcement and intelligence community practices and technology will want to learn more about the Telestrategies ISS events. These are outstanding programs for those interested in next-generation digital services and issues.
Stephen E. Arnold, January 15, 2013