Very interesting piece looking at how slow intelligence agencies can be at adapting to new and emerging technologies. Here they highlight how the LeT terrorists, which undertook the Mumbai attacks in 2008, built a global battlefield communication system from a few mobile phones and some commercial software. Yet the knee-jerk reaction of simply demanding access to these systems means that they are discarded by terrorists for something else long before monitoring can even begin. The author offer suggestions that deal with the legal and ethical issues around the monitoring of suspected terrorists and that it can be done with some thought, while also not giving the game away to the terrorists. This seems to be the better direction to go in and may even be the path of least resistance, but I would worry that budgetary constraints will have the final say.
By V.S. SUBRAHMANIAN AND AARON MANNES
The war on terror came closer to home this month, when the Indian government pressured Canadian company Research in Motion to hand over encryption keys for its popular Blackberry device. New Delhi claims terrorists are using the company's secure networks for covert communications. The United Arab Emirates, Saudi Arabia and Indonesia—all of which face significant terror threats—have also expressed concern. But such moves may do more harm than good.
According to the U.S. National Counterterrorism Center's Worldwide Incident Tracking System, Pakistan-based terror group Lashkar-e-Taiba (LeT), perpetrator of the deadly 2008 Mumbai attacks, is responsible for over 700 fatalities in India during the last five years.
But publicly browbeating RIM into providing its encryption keys is a Pyrrhic victory. Terrorist organizations can only survive if they study the capabilities of their adversaries and adapt. Terrorist organizations backed by intelligence agencies tend to be even more sophisticated. If terrorists know that Blackberries are monitored, terrorists will not employ them—or will do so only in combination with other channels of communication in order to evade intelligence agencies. The much-publicized nature of India's threat to Blackberry thus may well have compromised potential operational gains.
According to the publicly released portion of an Indian intelligence dossier, the LeT terrorists were in continuous communication with their Pakistani handlers using a mix of mobile phones and an obscure Voice over Internet Protocol provider called Callphonex. Handlers based in Pakistan were able to monitor Indian security efforts, providing real-time intelligence to the terrorists that prolonged the attack for three days and provided the terrorists with the media exposure they craved. In other words, using readily available commercial technology, the Mumbai terrorists created an effective battlefield communication system.
Intelligence agencies, on the other hand, are often slow to develop the monitoring mechanisms needed for new communications media.
The technical and analytical requirements of monitoring Voice over Internet Protocol, for example, are very different from those needed to monitor photo-sharing sites. Monitoring mechanisms must be grounded in systematic research about how people actually use communications media and how new forms of communication can be monitored.
The development of monitoring mechanisms is a technical issue, distinct from the legal and ethical question of when a nation should monitor electronic communications. However, well-designed monitoring mechanisms can help intelligence agencies operate ethically and within the laws and discern appropriate targets for surveillance from legitimate, legal online activity.
While there are legitimate security needs that require communications companies to provide access to their systems, simply obtaining more data without developing both a process and technology to monitor emerging communications media is a losing proposition even for the most capable intelligence agencies. As new communications technologies proliferate, smarter intelligence strategies are needed to get ahead of terrorists and prevent rather then react to the next attack.
Mr. Subrahmanian is the director and Mr. Mannes is a researcher at the University of Maryland's Laboratory for Computational Cultural Dynamics.Read more at terrorwonk.blogspot.com