Why Australia might be on the right encryption-cracking track

Posted on

This was originally published on 18th July 2017 by the Lowy Institute for International Affairs, Australia’s leading foreign policy think tank.

Much of the reaction to Malcolm Turnbull’s press conference last Friday has cast his comments as the latest, and possibly worst example of political technological illiteracy. And just another instance of anti-technology bluster and rhetoric without any firm policy foundation.

Based on the level of detail and technical understanding the Australian Government has revealed so far, this is an understandable assessment. But reading between the (admittedly very blurred) lines, I would suggest that an eventual policy destination is slowly emerging.

Before assessing this policy proposal, there are three broad questions that need to be answered: What problem is the current policy approach not solving? Is what is being suggested feasible? And if so, will it address the problem?

The status quo

Firstly then, why all the rhetoric? Because, despite significant investment and a series of legislative changes, Australian law enforcement agencies are unable to access communications content, and increasingly, communications metadata in a timely manner.

The former challenge, particularly in relation to encryption, is not new. What is new is the combination of ubiquitous end-to-end encryption, and easy to use, free communication apps, that are typically hosted and headquartered outside of the reach of domestic law enforcement agencies. Read the rest of this entry »


Taking the terror out of terrorism

Posted on Updated on

This was originally published in 3 parts between 17 and 19 January 2017 by the Lowy Institute for International Policy, Australia’s leading foreign policy think tank.

The current terrorist problem is, by most metrics, larger than ever.

There have been four successful terrorist attacks in Australia since September 2014. Outside of Australia, terrorist attacks are occurring more frequently and killing greater numbers. While the large majority of these have taken place in just a handful of countries, in 2015 and 2016 there were multiple attacks in Europe; South and Southeast Asia; North, West and East Africa; and North America.

Yet the terrorist threat is more than just the attacks that actually transpire. The actions of counter-terrorism authorities have thwarted planned attacks and prevented other terrorist offences from taking place. As a result, arrests associated with disrupted attacks, attempted travel to terrorist hotspots and other terrorist offences have become a frequent occurrence.

Thousands of individuals are currently under investigation for potential terrorist activity. In Australia, ASIO estimates indicate that almost 200 Australians are actively supporting Islamic State, with a further 110 overseas fighting in the Middle East.

The escalation in terrorism-related activity means that counter-terrorism is both a higher priority for governments, and of greater concern to the general public. As a result, governments across the world are communicating more frequently about terrorism and counter-terrorism. Read the rest of this entry »

How Islamic State controls ‘lone wolves’ in Europe

Posted on

This was originally published on 9th August by ‘The Interpreter’, a blog run by the Lowy Institute, a Sydney-based think tank .

The New York Times revealed more details last week about the activities of Islamic State’s external operations unit, the Amn al-Kharji. Central to the report was an extensive interview with returned German foreign fighter Harry Sarfo.

This isn’t the first time Sarfo has spoken to the media. Since his return from Syria in July 2015 and arrest by German authorities, he has given interviews to Der Spiegel and The Independent. And aside from including a (very worthwhile) video interview, little of what Sarfo said in the article was new.

What makes the story most noteworthy is that the events of the past few months are starting to make Sarfo’s testimony look worryingly accurate.

His claim that ‘hundreds’ of operatives have been actively sent back to Europe by Islamic State (rather than simply returning), seems less outlandish after a summer dominated by a series of terrorist attacks inspired or directed by Islamic State.

Sarfo’s claims are given further credence by unnamed US intelligence sources and other returnees. And Islamic State spokespeople (in contact with undercover journalists) have similarly referenced large numbers of trained and capable operatives in Europe.

I’d previously hoped that these figures were inflated. After all, consistency does not always equal accuracy. Terrorist groups seek to influence as well as inform those under their command.

But the more we learn about the importance of external operations within the Islamic State operational structure, the more feasible these figures appear. read more

Risk Aversion in Counter-Terrorism – How our quest for perfect security makes us more vulnerable to terrorism

Posted on Updated on

This was originally published by ‘The Interpreter’, a blog run by the Lowy Institute, a Sydney-based think tank, and is also available on the ABC website.

Australia’s intelligence agencies are busier than ever. Twenty-three people have been charged with terrorist offences since September 2014, 288 people have been prevented from leaving Australia to fight in the Middle East, and in the last three months 18 Australians have had their passports cancelled.

For Australia’s intelligence agencies, preventing current or future travel doesn’t free up resources. Investigation of those individuals will continue and potentially increase. And as investigations generate multiple intelligence leads, they can quickly mushroom. For agencies attempting to balance existing operations against new leads, there’s a danger that even despite recent funding increases, they will reach information overload.

The public wants to be reassured that the intelligence agencies are doing everything they can to prevent an attack. But it’s possible that external pressure is increasing the likelihood of an attack by increasing the risk aversion of intelligence and law enforcement organisations.

Why is risk aversion important? read more

Assessing the current threat – why we should be more worried about the ‘known knowns’ than the ‘known unknowns’

Posted on Updated on

The known knowns

It’s becoming an all too familiar story. A small-scale and relatively unsophisticated (but high-profile) terrorist attack; a scramble to identify the individual(s) responsible; and finally, a drip feed of information confirming that they were well-known to the relevant authorities.

This pattern has repeated itself over the past 2-3 years, from the murder of Lee Rigby in London, the Charlie Hebdo shootings, and most recently, last week’s attempted attack in Texas.

That individuals radicalised to the point of committing a terrorist attack are on the radar of intelligence agencies should not in itself be surprising; were the opposite true, we would be more concerned.

But these aren’t instances of intelligence agencies having too many leads to pursue, or making legitimate priority calls based on the available intelligence. The perpetrators of the attacks above – and indeed Jihadi John – were known entities, comprehensively investigated by intelligence and law enforcement agencies. And in each case, keep reading