Babak Akhgar and Andrew Staniforth examine how a dedicated multi-agency approach is proving successful in the battle against a constantly evolving cyber threat.
Date – 10th February 2014
By – Andrew Staniforth – CENTRIC
The UK, like many other nations, is under constant attack from all manner of hazards – the most pressing of which includes cyber crime and cyber terrorism. If left unchecked, cyber threats can cause untold harm to citizens, communities, public services, businesses, infrastructures and the wider economy.
The increasingly interconnected world in which we now live necessitates shared responsibilities for online safety and security. The global reach and borderless nature of the internet means that no single government or law enforcement agency can effectively tackle the challenges of cyber crime or cyber terrorism on their own – a multi-disciplinary, multi-faceted collaborative approach is now required.
Cyber threats emerge
When Metropolitan Police officers raided a flat in West London during October 2005, they arrested a young man, Younes Tsouli. The significance of this arrest was not immediately clear but investigations soon revealed that the Moroccan-born Tsouli was the world’s most wanted ‘cyber-terrorist’. In his activities Tsouli adopted the user name ‘Irhabi 007’, (Irhabi meaning ‘terrorist’ in Arabic), and his activities grew from posting advice on the internet on how to hack into mainframe computer systems to assisting those in planning terrorist attacks.
Tsouli trawled the internet searching for home movies made by US soldiers in the theatres of conflict in Iraq and Afghanistan that would reveal the inside layout of US military bases. Over time these small pieces of information were collated and passed to those planning attacks against armed forces bases. This virtual hostile reconnaissance provided insider data illustrating how it was no longer necessary for terrorists to conduct physical reconnaissance if relevant information could be captured and meticulously pieced together from the internet.
Police investigations subsequently revealed that Tsouli had €2.5million worth of fraudulent transactions passing through his accounts which he used to support and finance terrorist activity. Pleading guilty to charges of incitement to commit acts of terrorism Tsouli received a 16-year custodial sentence to be served at Belmarsh High Security Prison in London where, perhaps unsurprisingly, he has been denied access to the internet.
Following Tsouli’s conviction at court, the then National Coordinator of Terrorist Investigations, Deputy Assistant Commissioner Peter Clarke, said that Tsouli “provided a link to core al Qaeda, to the heart of al Qaeda and the wider network that he was linking into through the internet”, going on to say: “what it did show us was the extent to which they could conduct operational planning on the internet. It was the first virtual conspiracy to murder that we had seen.”
The case against Tsouli was the first in the UK which quickly brought about the realisation that cyber-terrorism presented a real and present danger to the national security of the UK. Law enforcement practitioners understood that the internet clearly provided positive opportunities for global information exchange, communication, networking, education and as a major tool in the fight against crime but a new and emerging contemporary threat had appeared within the communities they sought to protect. The internet was being hijacked and exploited by terrorists not only to progress attack planning but to radicalise and recruit new operatives to their cause.
Research to reality
To tackle the contemporary threats from cyber crime and cyber terrorism requires law enforcement agency practitioners, academics and private industry professionals to work together. All have very different perspectives of similar issues and often operate within different time frames and may desire different outcomes. But an innovative multi disciplinary and end-user focused approach to tackle cyber threats is essential to bring academic and technical research to operational reality.
Such an approach has been adopted by partners of project COURAGE (Cybercrime and cyberterrOrism EUropean Research AGEnda), the 2013 flagship European Commission Research Executive Agency research project, funded under the seventh Framework Programme. Commencing in January 2014, the two-year, grant-funded project aims to develop a cyber crime and cyber terrorism research agenda for the European Commission to significantly improve the security of citizens and critical infrastructures and support crime investigators.