Complexity and Terrorism Investigations

Good article on how complexity greatly limits the effectiveness of terror investigations. The stories of wasted resources are all from the UK, but the morals are universal.

The Committee's report accepts that the increasing number of investigations, together with their increasing complexity, will make longer detention inevitable in the future. The core calculation is essentially the one put forward by the police and accepted by the Government - technology has been an enabler for international terrorism, with email, the Internet and mobile telephony producing wide, diffuse, international networks. The data on hard drives and mobile phones needs to be examined, contacts need to be investigated and their data examined, and in the case of an incident, vast amounts of CCTV records need to be gone through. As more and more of this needs to be done, the time taken to do it will obviously climb, and as it's 'necessary' to detain the new breed of terrorist early in the investigation before he can strike, more time will be needed between arrest and charge in order to build a case.

All of which is, as far as it goes, logical. But take it a little further and the inherent futility of the route becomes apparent - ultimately, probably quite soon, the volume of data overwhelms the investigators and infinite time is needed to analyse all of it. And the less developed the plot is at the time the suspects are pulled in, the greater the number of possible outcomes (things they 'might' be planning) that will need to be chased-up. Short of the tech industry making the breakthrough into machine intelligence that will effectively do the analysis for them (which is a breakthrough the snake-oil salesmen suggest, and dopes in Government believe, has been achieved already), the approach itself is doomed. Essentially, as far as data is concerned police try to 'collar the lot' and then through analysis, attempt to build the most complete picture of a case that is possible. Use of initiative, experience and acting on probabilities will tend to be pressured out of such systems, and as the data volumes grow the result will tend to be teams of disempowered machine minders chained to a system that has ground to a halt. This effect is manifesting itself visibly across UK Government systems in general, we humbly submit. But how long will it take them to figure this out?

[...]

There is clearly a major problem for the security services in distinguishing disaffected talk from serious planning, and in deciding when an identified group constitutes a real threat. But the current technology-heavy approach to the threat doesn't make a great deal of sense, because it produces very large numbers of suspects who are not and never will be a serious threat. Quantities of these suspects will nevertheless be found to be guilty of something, and along the way large amounts of investigative resource will have been expended to no useful purpose, aside from filling up 90 days. Overreaction to suggestions of CBRN threats is similarly counter-productive, because it makes it more likely that nascent groups will, just like the police, misunderstand the capabilities of the weapons, and start trying to research and build them. Mischaracterising the threat by inflating early, inexpert efforts as 'major plots' meanwhile fosters a climate of fear and ultimately undermines public confidence in the security services.

The oft-used construct, "the public would never forgive us if..." is a cop-out. It's a spurious justification for taking the 'collar the lot' approach, throwing resources at it, ducking out of responsibility and failing to manage. Getting back to basics, taking ownership and telling the public the truth is more honest, and has some merit. A serious terror attack needs intent, attainable target and capability, the latter being the hard bit amateurs have trouble achieving without getting spotted along the way. Buying large bags of fertiliser if you're not known to the vendor and you don't look in the slightest bit like a farmer is going to put you onto MI5's radar, and despite what it says on a lot of web sites, making your own explosives if you don't know what you're doing is a good way of blowing yourself up before you intended to. If disaffected youth had a more serious grasp of these realities, and had heard considerably more sense about the practicalities, then it's quite possible that fewer of them would persist with their terror studies. Similarly, if the general public had better knowledge it would be better placed to spot signs of bomb factories. Bleached hair, dead plants, large numbers of peroxide containers? It could surely have been obvious.

Posted on July 14, 2006 at 7:25 AM • 35 Comments

Comments

RCJuly 14, 2006 8:00 AM

I think Bruce would make a good cybersecurity czar.

Does anyone second the motion?

RC

Erik V. OlsonJuly 14, 2006 8:17 AM

Objection to consideration: A free society needs exactly 0 czars.

martinelliJuly 14, 2006 8:38 AM

I remember all too well the Reagan "Russian Evil Empire years" and how they gloated over having made the Soviet Union spend itself to death in the arms race of that time. Sounds to me like the whole purpose of the Al Quaida thing, whatever it is is to do a few highly visible deadly stunts, throw in a few minor ones from time to time to keep the pot boiling and watch the "free world" spend itself to death. We have a stunned "deer in the headlights" obsession fueled by the graphical news media that is probably causing us to miss the larger picture.

Carlo GrazianiJuly 14, 2006 8:40 AM

Point of Order, Mr. Chairman! Since the recent Sovietization of U.S. Government, requirements of "free" societies with respect to number of Czars (OK, General Secretaries) have increased, and are no longer zero.

Chris WalshJuly 14, 2006 8:57 AM

Czar is a misnomer for that position. Bruce is too smart to take a "responsibility without authority" gig. There's a reason it's been a revolving door, methinks.

ACJuly 14, 2006 10:17 AM

I agree with martinelli's post.

So far Al-Quaida has succeeded in making
the US government waste an inordinate
amount of US citizens tax money on programs
that strip them of their civil liberties,
do not protect them from terrorism,
sow paranoia and breed corruption under
the cloak of National Security.

Never mind the US military shedding all
the credibility they had by torturing and
abducting civilians.

Unfortunately the people profiting from
this setup are not the same paying for it.

AnonymousJuly 14, 2006 12:18 PM

"So far Al-Quaida has succeeded in making the US government waste an inordinate amount of US citizens tax money on programs that strip them of their civil liberties, do not protect them from terrorism, sow paranoia and breed corruption under the cloak of National Security."

The next time you consider giving up your rights because "9/11 changed everything" keep in mind that this is exactly the goal that those despicable 9/11 terrorists wanted to achieve. You're not just giving up your privacy rights when you surrender to that thinking.

Geoff LaneJuly 14, 2006 12:41 PM

Just a few months ago, the UK government claimed it was absolutely essential that the police be able to hold suspects for up to 90 days
(from the current 7 + limited extensions) without being charged. This time was required because of the increased complexity of "terrorist" cases involving computers, web sites, cell phones etc. Anything less than 90 days was "giving in to terrorism."

In the end, a revolt in the House of Lords and government members in the Commons forced the government to accept 28 days (despite the government not conceding that 90 days was the minimum acceptable time.)

Now, months later, the 28 day holding rule has NOT YET BEEN INACTED. So suspected terrorists such as the brothers arrested in London recently still get to be released after at most 7 days (no evidence was found against the brothers and it seems they were victims of a false report and useless survellence.)

So, something that the government told us was absolutely essential for the safety of the country appears to be of such a low priority that they can't get around to completing the paperwork!!

Tom GrantJuly 14, 2006 2:00 PM

@ AC

"So far Al-Quaida has succeeded in making the US government waste an inordinate amount of US citizens tax money on programs that strip them of their civil liberties, do not protect them from terrorism, sow paranoia and breed corruption under the cloak of National Security."

Um...since when did Al Quaeda do this?

Our leadership has determined this "best course of action" and we've agreed like lambs following the ewes (with our votes). Al Quaeda stripped us of nothing; we've done that to ourselves. We've wasted the money, we've curtailed our own civil liberties, and we're the ones not protecting ourselves from terrorism while spreading paranioa in the media and on web logs.


anonymous cowardJuly 14, 2006 2:22 PM

Why do you think the government's strategy is failing? It got them re-ellected, didn't it?

scottJuly 14, 2006 2:39 PM

I'll agree with Tom Grant, this is just another in a series of threats, or better 'threats', used to justify incleasing intrusions into and control on the lives of citizens. The War on (some) Drugs and various anticrime 'wars, as well as much of the anti-Communist actions of days past are other examples.

Besides Tom's and AC's lists of what this costs us, it's making us ignorant; the home experimenter is being driven out of existence. And the logic is no better than the "movie plot terrorism" listed here in the past; from http://www.wired.com/wired/archive/14.06/...

comes the following

"...It is illegal in Texas, for example, to buy such basic labware as Erlenmeyer flasks or three-necked beakers without first registering with the state’s Department of Public Safety to declare that they will not be used to make drugs...
...The Mr. Coffee machine that every Texas legislator has near his desk has three violations of the law built into it: a filter funnel, a Pyrex beaker, and a heating element...."

ACJuly 14, 2006 3:44 PM

@Tom Grant:
I think the current situation in the US is comparable
to a DOS attack on the citizenry.
And it takes an outside threat (real or not) to pull it off.

If you ask yourself who profits from the current US
threat situation it is unfortunate that both terrorists and
the US government profit from it.
Terrorists succeed in sowing fear, discord and unease and
the government gains control and tax money for security projects.

Only if gov't is honestJuly 14, 2006 10:12 PM

>There is clearly a major problem for the security services in distinguishing disaffected talk from serious planning

In some countries disaffected talk is what the security services are there to prevent.

James RycmanJuly 15, 2006 1:26 AM

Who profits? Maybe also the Military-Industrial complex, and Security companies?

Also, given that the "War on Terrorism" is focused on the Middle East, maybe the Oil companies as well?

BrainwashedJuly 15, 2006 2:41 AM

Anonymous,

'The next time you consider giving up your rights because "9/11 changed everything" keep in mind that this is exactly the goal that those despicable 9/11 terrorists wanted to achieve.'

How do you know the exact goal of the terrorists? We don't even know exactly who they were. Were you involved? Do you have terrorist connections? Or is this what the media wants you to believe? I even doubt that Al-Quaida really exists...

There are still so many unanswered questions from 9/11, while the case was closed as fast as possible. Remember the large financial transactions around the incident? Anyone ever heard anything of them again? Or was it dropped into silence?

Davi OttenheimerJuly 15, 2006 1:35 PM

"I really hate the term "czar" when applied to someone in charge of a particular policy area."

I agree, especially if the person is supposed to be accountable to an elected body. You can't just imply an autocracy.

However it does sound better than "cybersecurity cleric", which might be the next title if religious extremism continues to spread in government.

MikeFromEarthJuly 15, 2006 6:43 PM

"I really hate the term "czar" when applied to someone in charge of a particular policy area."

I always liked the term "poobah"

KeesJuly 15, 2006 7:24 PM

I wonder what happened to the anthrax scare.
Who sent those batches; where did it come from; why don't they send it anymore?

@MikeFromEarth: 'Grand Poobah' sounds even better!

I nominate Bruce 'Grand Poobah of Security and Chairman of the Imperial Society for the Prevention of Cruelty to Squids'; do I hear a second?

TankJuly 16, 2006 5:17 AM

"The next time you consider giving up your rights because "9/11 changed everything" keep in mind that this is exactly the goal that those despicable 9/11 terrorists wanted to achieve."
Posted by: Anonymous at July 14, 2006 12:18 PM

Says who idiot?
They actually have stated goals and demands and even peripheral shit that serves their purposes which could be referred to as "what they want". That ain't among them and you're not going to up up with shit that suggests it is so FFS quit repeating this already.

Ben LiddicottJuly 17, 2006 4:44 AM

As far as I can tell, they "build the case" using concealed listening devices, undercover operatives and informants rather than CCTV.

CCTV has been used post-event to find perpetrators and accomplices.

Ed T.July 17, 2006 6:41 AM

"I am so ready to be the nation's cybersecurity poobah."

Bruce, I think you need to think on a larger scale - how about the

Worldwide
Integrated
Master
Poobah

?

~EdT.

Ed T.July 17, 2006 6:45 AM

Just curious: has anyone ever commented on the fact that police techniques/procedures are pretty good at catching the criminal after they commit the crime, but these same techniques are really, really lousy for pre-emptive work (e.g. catching the criminal *before* s/he commits the crime)?

Maybe *this* is the basis for the ongoing clusterf***age with the NSA, CIA, TSA, DHS, INS, EIEIO, etc - they are using the wrong tool for the job!

~EdT.

Lowell GilbertJuly 17, 2006 7:20 AM

@Ed T.: "Just curious: has anyone ever commented on the fact that police techniques/procedures are pretty good at catching the criminal after they commit the crime, but these same techniques are really, really lousy for pre-emptive work (e.g. catching the criminal *before* s/he commits the crime)?"

Police have been aware of this for many, many years. The difficulty is that before someone commits a crime, they are not in fact a "criminal."

derfJuly 17, 2006 9:26 AM

I agree the US government has spent too much money, but that's always the case. It's not exactly an efficient organization. The TSA is a joke, but it's what we've got for now. Unfortunately, what the TSA is doing isn't any more of an intrusion than what's been being done in every state with anti-drunk-driving roadblocks.

Show me one american citizen who has had their civil liberties stripped. Regardless of whether you approve of current methods, no thought police are breaking down doors, so you may want to cool the rhetoric for when it's really needed. Remember the boy who cried "wolf" or the pundit who cried "nazi" one too many times.

Poohbah isn't bad. Beware of being called "Ayatollah", though - it could shorten your career significantly.

Tom GrantJuly 17, 2006 11:30 AM

@ derf

"Show me one american citizen who has had their civil liberties stripped..."

Anyone else on the no-fly list care to comment on this?

Oh...and what happened to the pundit?

I'm not saying every decision we've made is wrong, nor that we are completely stripped of civil liberty...but rest assured that we are making more mistakes than seem reasonable, and liberties are slowly (if not systematically) being eliminated in the guise of "security". Take a day and read the Patriot Act...seriously. If it doesn't cause you to shake your head at least a dozen times you should pick up and re-read the Bill of Rights, the US Constitution, and the Declaration of Independence. Then remember that the Patriot Act has been passed, ratified and approved TWICE by the leadership of this Country.

Is the current course of action making us any safer? Usually the answer is an outright "no", sometimes it's a "maybe", and rarely is it "yes". If you want references just scroll back through Bruce's archives...this site is packed with examples.

I have higher expectations of my Government and its leadership than that. Don't you?

I don't expect 100% efficiency, mind you, but appropriate action that actually results in a safer Country would be nice.

And the thought police aren't breaking down the doors, but have you a good handle on all the wiretapping that is going on? Or is that no concern of yours unless it's your phone being tapped or your e-mail being read?

Is it ok to invade the privacy of ten people to secure the country? A hundred people? A thousand? Fifty thousand? All of Chicago? Where do you draw the line, or do you? Perhaps it's a "don't ask - don't tell" situation for some, but I expect the United States to lead the world in Freedom and civil liberties, as well as many other areas.

My earlier point is that our security is up to US, not the terrorists.

And Bruce for Cybersecurity Poohbah would be an excellent first step. I heartily second (or third) that nomination. Even Privacy Comissioner has a nice ring to it...

TG

XellosJuly 17, 2006 3:21 PM

--"So far Al-Quaida has succeeded in making the US government waste an inordinate amount of US citizens tax money on programs that strip them of their civil liberties, do not protect them from terrorism, sow paranoia and breed corruption under the cloak of National Security."

I disagree with two words in that comment. "Making" and "waste". Exchange them with "allowing an excuse for" and "to spend" and you'll be much closer to the mark.
The former correction should be obvious. The latter is simply that you wouldn't consider it a waste to spend other people's money to achieve your goals.

BrainwashedJuly 18, 2006 3:00 AM

derf,

"Regardless of whether you approve of current methods, no thought police are breaking down doors, so you may want to cool the rhetoric for when it's really needed."

"When it's really needed" it will be too late, especially with today's and tomorrow's surveillance technology. The earlier you begin to fight for Freedom and Liberty, the less bloody it will be. Once a dictatorship is up, it won't retire on a voluntary base.

But there are just too much sheeps out there who never learned a single lesson from the history of mankind...

Mr PondJuly 19, 2006 10:31 AM

While the article may have had some valid points to make, I intensely disliked it's tone and indeed some of the specific comments made.

I couldn't help but feel that the article wasd written with a tone that is shockingly flippant given the subject matter. Furthermore, having been in London last July and having attended one of the memorial ceremonies on the 7th this year, I found the suggestion that the Metropolitan Police somehow wishes for a huge terrorist attack to be bluntly insulting.

Lastly, the concept that the security services should be ridiculed for over reacting to a given threat does not take in to account the fact that NOBODY KNOWS exactly what the capabilities of the terrorists are! Who would have thought prior to this week that Hezbolla would be in possession of medium range ballistic missile? Is this the capability of a techincally and operationally incompetent terrorist group? Of course not!

Basing security on a perceived lack of capability is utter folly and invites disaster.

ACJuly 19, 2006 10:56 AM

Mr. Pond

If you look at the capabilities of Private Military Firms
you can derive the capability of a dedicated terrorist group.

You can not protect any public infrastructure
against an infantry platoon with modern equipment.

Modern equipment and armament is available on the free market.

So you are out of luck regarding capability on the level of damage
a platoon of modern infantry can inflict on infrastructure and the population.

Because you will most probably not be able to
handle the damage inflicted by an intelligent enemy.

And Hezbollah may be called a terrorist group
but is actually a well-trained and equipped special forces group.

AnonymousJuly 21, 2006 8:16 AM

AC:

While I agree Hezbollah may well be well funded, describing them as a well trained special forces group is laughable.

It's one thing to know about certain special forces techniques, but being trained in them by individuals with a wealth of actual operational experience, and then practicing them for hours a day, every day; is quite another.

Please note that I'm not saying that Hezbollah is not well trained in strictly terrorist techniques - they may well be so. But well trained in special forces techniques? I hardly think so.

AnonymousJuly 22, 2006 10:13 PM

Hey, get a clue, theres a war on. solders are dieing. Get over the poitcal b/s, it's gonna happen.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..