Print Post Approved PP255003/10110
THE COUNTRY’S LEADING GOVERNMENT AND CORPORATE SECURITY MAGAZINE | www.australiansecuritymagazine.com.au Feb/Mar 2015
Terror Alert Levels Rising: A heightened state
Heritage for Sale: Return of priceless antiquities to India
Terrorism in China
Threat Management: A focus on the threat actor
Advanced Cyber Attacks Understanding privileged account breaches
Pseudo Science: Fraudulent security equipment
PLUS $8.95 INC. GST
TechTime | Movers & Shakers | Quick Q & A and much more!...
VB-M Series
VB-H Series
HD Range
Full HD Range
• PTZ w/ 20 X optical zoom • IP66 fixed dome w/ • •
optical PTZ-R during setup Fixed dome w/ optical PTZ-R during setup Wide angle full body w/ optical zoom during setup
• PTZ w/ 20 X optical zoom • IP66 fixed dome • •
w/ optical PTZ-R during setup Fixed dome w/ optical PTZ-R during setup Wide angle full body w/ optical zoom during setup
VB-S Series
Compact Full HD Range
• Compact PTZ
w/ 3.5 x optical zoom
• Compact PT dome • Compact fixed dome • Compact full body • Compact fixed dome (HD) • Compact full body (HD)
CAPTURE EVERYTHING IN THE HIGHEST OF QUALITY The VB-S30D is the world’s smallest* FULL HD Pan-Tilt-Zoom camera that features a Canon 3.5 X optical zoom lens, strong WDR performance utilising Canon’s exclusive ‘Smart Shade Control’ and 6 advanced intelligent functions at the edge. When Clarity Matters – Choose the Premium Quality Range you can rely on. 1
As at 1 January 2015
Available from:
For more information visit canon.com.au/networkcameras call 13 13 83 or email specialised.imaging@canon.com.au
Contents Executive Editor / Director Chris Cubbage Director / Co-founder David Matrai Marketing Manager Kathrine Pecotich Art Director Stefan Babij Correspondents Sarosh Bana Kema Rajandran
MARKETING AND ADVERTISING Kathrine Pecotich T | +61 8 6361 1786 promoteme@australiansecuritymagazine.com.au SUBSCRIPTIONS
T | +61 8 6361 1786
Editor's Desk 3 Quick Q @ A Managing Director ES2 4 Movers & Shakers 6 Cyber Security Feature Psuedo science International Heritage for sale Terrorism in China National A Heightened state Police tactics Is there a better way? Threat management Women in Security Commited to the truth Cyber Security Four Steps Advanced cyber attacks
8 10 14 18 20 24 28 32 34 36
TechTime - the latest news and products Book Shelf
39 48
*To protect the identity and tactical resources of serving police, The Australian Security Magazine has intentionally not used real imagery for our cover and for this story.
subscriptions@mysecurity.com.au Copyright Š 2014 - My Security Media Pty Ltd 286 Alexander Drive, Dianella, WA 6059, Australia T | +61 8 6465 4732 E | info@mysecurity.com.au E: editor@australiansecuritymagazine.com.au All Material appearing in Australian Security Magazine is copyright. Reproduction in whole or part is not permitted without permission in writing from the publisher. The views of contributors are not necessarily those of the publisher. Professional advice should be sought before applying the information to particular circumstances.
Page 14 - Terrorism in China
Page 20 - The Martin Place siege Police Tactics
OUR NETWORK Like us on Facebook and follow us on Twitter and LinkedIn. We post about new issue releases, feature interviews,
events and other topical discussions.
Correspondents Page 28 - Threat Management
CONNECT WITH US www.facebook.com/apsmagazine www.twitter.com/apsmagazine www.linkedin.com/groups/Asia-PacificSecurity-Magazine-3378566/about
Sarosh Bana
Kema Rajandran
Contributors
www.youtube.com/user/MySecurityAustralia
www.asiapacificsecuritymagazine.com Steve Furmedge
www.drasticnews.com
|
Fraser Duff
Emanuel Stafilidis CPP
Matthew Curtis
Read ASM Special Event E-Magazines online!
www.chiefit.me
www.asiapacificsecuritymagazine.com/e-mag/
Other Contributors Kevin Davies
|
www.youtube.com/user/ MySecurityAustralia
2 | Australian Security Magazine
www.cctvbuyersguide.com
David Harding
Paul Johnstone
Lee Meyrick
Dan Dinnar
Editor's Desk “We have the technological power, the engineering skills to save our planet, to cure disease, to feed the hungry, to end war; But we lack the intellectual vision, the ability to change our minds. We must decondition from 10,000 years of bad behaviour. And it’s not easy.” - Terence McKenna, This World…and its Double, September 11, 1993.
A
s we approached the seasonal end of year break in mid-December last year, the Monday morning ‘Martin Place Siege’ in central Sydney took national attention. The following morning many awoke to news of a fatal outcome to the siege and more, the massacre of 132 children in Peshawar, Pakistan. Paradoxically to these events, North Korea expressed fury over a Hollywood Movie, ‘The Interview’, a Sony Pictures comedy about a fictional CIA plot to kill Kim Jong-un, slamming it as an “act of terror”. North Korea then allegedly hacked Sony, with officials quoted to call the act a “righteous deed”. In retaliation, for the first time, the US imposed sanctions on another nation for hacking an American company. This is a game changer in the world of cyber war and cyber politics. And then, before many even returned to work in 2015, terrorism forced the military to be deployed across key European cities, following the massacre at the offices of Charlie Hebdo, a satirical magazine located in central Paris. Two men in their early thirties, brothers Said and Cherif Kouachi, claimed they were “avenging Prophet Muhammad.” For this, a dozen people died, including two police officers, stationed for security at the offices in response to numerous, credible threats. We must not confuse 24 hour news and social media coverage as an actual increase in world problems and terror risk everywhere, but these events and many others, in sum, do clearly indicate the ‘red flag’ security trends to expect in 2015. Terrorism and Cyber attacks. At the time of writing, partly in response to the European terror attack trends and more likely from intelligence picked up in the ‘chatter’, Australian police agencies have increased their own terror alert level to high, indicating an attack against police is likely. In this issue, we question the lack of consistency between the national threat level and other agency and infrastructure threat levels. Increasing terror alert levels recently by police should indicate to all other related alert levels to
increase also – transport systems, financial systems, communication systems and mass-gathering events, in particular should now, logically, start to operate and prepare for a high terror alert level. We must remain aware of the weakest link, the softer target. In my mind, we have a heightened sense of public anxiousness rather than a sense of collective resilience and preparedness. Much of the anxiety has been fuelled by an Australian Prime Minister, seemingly set on being the primary source of ‘terrorism’ updates, be they simply ‘chatter on the lines’ or visiting the ‘troops on the ground’ in Iraq. Indeed, Tony Abbott is a great case study on how to influence security messages in order to create social anxiety for national security awareness, with a view maybe of revisiting John Howard’s ‘tough on national security’ style, for political security in the process. But is Tony Abbott really harnessing a collective security mindset under the ‘Team Australia’ banner? Does another ‘slogan’ actually improve the nation’s resilience to terrorism or extremism threats? Or does it create more of a collective anxiety which if allowed, could splinter into more focused social anxiety based on religion, ethnicity or cultural sentiments? What is occurring in European cities should be a real concern and stark warning to Australia. The risk of not having a resilient community mindset will inevitably lead to a poorly structured and incoherent community. This creates an environment where splintered ‘mobs’ can form. These trends are already evident, with nationalism and anti-Muslim sentiments rising rapidly in some European cities. Policing is tough enough when faced with day to day street and traffic crime, drug and alcohol crimes, cyber-crime, organised crime, and corporate crimes. Adding a high terrorism risk to the mix stretches our agencies finite resources to the near maximum. Logically, the private security sector offers an overwhelming solution to resource shortfalls and skills development. Yet, at a time of heighted threat, Australian police and government security agencies still significantly
have few effective partnerships with the private security sector. Project Griffin, for example, still has limited application in Australia. The state-by-state lack of cohesion for regulating security legislation highlights that control of the private security sector remains ignored and problematic for many security training providers and restricts security professionals sharing their expertise across the country. There may even be relevance to the national domestic violence review, particularly with domestic security and surveillance technology now available via smart device applications. It is also the private security sector which does a lot of the heavy lifting for securing small and medium sized businesses and remains a significant national security resource being left underutilised. It remains well overdue for Australian police to start new partnerships with the private security sector. In contrast, European and US public and private policing is well advanced, and the theatre of terrorism preparedness and cyber security are the ideal platforms. If not now, when? In this issue we examine the police tactical response to the Martin Place Siege and have special articles on ‘The Heightened State’, Critical Infrastructure Protection, Threat Management and in contrast, an article on Terrorism in China. Along with our feature series for Women in Security, cyber-security, book reviews and Movers & Shakers, as always, we provide some thought provoking material and there is so much more to touch on. Stay tuned with us as we continue to explore, educate, entertain and most importantly, engage.
Yours sincerely, Chris Cubbage CPP, RSecP, GAICD Executive Editor
Australian Security Magazine | 3
....with Frederic Drouin Managing Director, ES2 What are some of the challenges you think the industry is faced with? My personal view is that the Security market is still very immature in Australia compared to Europe or the US as it seems that organisations are investing in Security for Compliance or Regulation or Legislation as opposed to using Security as an enabler to give them a competitive advantage. Another major challenge, which has impacted ES2’s tremendous growth, is the limited amount of ‘top gun’ Security Consultants although, at ES2, we’ve been fortunate as we managed to attract the likes of Steve Simpson, ES2 Security Principal, and Ben Bassett, PCI QSA. Where do you see the industry heading? With all negatives, there’s a positive and I think that the industry is quickly realising the implications of doing nothing or the bare minimum might be the answer in the short term but will be detrimental to any medium to long term strategy. Also, the shift of Security ownership, driven by the new Privacy Act, from IT to Business/Risk is a welcome ‘breath of fresh air’. How did you get in the security industry? Whilst I was the GM at the Wood Group, we hired a guy called Andy Battle, Security Architect, with a view to building a Security capability. Our initial strategy was to leverage Andy’s knowledge of networks and technical capabilities in order to sell Security related products. It didn’t take long for me to realise that we had someone special in Andy so I changed our Security strategy from commodity (aka product) to building a brand and associated offerings around Andy. The rest is history. How did your current position come about? Whilst I have held many senior management roles previously, I became very frustrated with the lack of focus on people, client satisfaction and delivery excellence. As a result, my current partners and I decided to create ES2 with a view to building a Company Ethos based on values that we truly believe in (Accountability, Outcomes Focus and People). My current role as Managing Director of ES2 has provided me with the platform for myself and my partners (Andy Battle – Enterprise Security Lead & Hanco Kachelhoffer – Enterprise SharePoint Lead) to make our dream come true … an organisation that values it’s people and clients. ES2 was formed on the 1st July 2013.
4 | Australian Security Magazine
ES2 is looking to replicate our success of consolidating the Security market in WA at a national level within the next 3 years and as a result, I invite anyone that considers themselves the best in their field to contact me at ES2, we want to be the best and to achieve this, we need the best. What do you do when not working? To the detriment of my family, I do work a lot but when I’m not working, I love having drinks with my friends, playing/watching sports and more importantly than everything is to spend time with my beautiful wife and three little girls.
Seagate Launches Data Recovery Services for Seagate Surveillance HDD Product Line We live in a very different world today. With security reigning as the top-of-mind issue, video surveillance and storage have seen staggering growth1. As businesses face increasing legislative pressures to store recordings for longer periods of time, there is a need to balance data protection with storage growth and total cost of ownership (TCO).
Surveillance HDDs that Go Beyond Storage This throws the spotlight on the reliability of surveillance hard disk drives (HDDs) – a topic Seagate is passionate about. While backing up one’s surveillance video seems natural, high deployment costs mean that much backup data remains vulnerable. When disaster strikes, the ability to recover any data is the real test − a critical lifeline for businesses running mission-critical applications. At Seagate, we understand these risks and are well-positioned to alleviate these concerns. Backed by more than 30 years in the HDD industry and having served the surveillance industry for more than 10 years, Seagate was the first HDD provider to launch surveillance HDDs in 2006. Keeping up with today’s new business needs, Seagate has designed the industry’s first dedicated surveillance HDDs that incorporate data recovery services via Seagate Rescue™ services — the Seagate® Surveillance HDD.
Seagate Rescue Services Delivers Additional Peace of Mind Offering enhanced data protection services, Seagate Rescue services (SRS) is automatically activated upon purchase. Requiring no further activation or registration, customers automatically enjoy three years of data recovery at a fraction of the cost of third-party recovery services. Supplementing backups, SRS extends additional peace of mind in the event of data loss or accident to both customers and system integrators − knowing that their video content is not just optimally stored, but protected with critical reliability in an easy, affordable solution. The Seagate Rescue services are delivered in partnership with Q Security Systems and Rhino Co Technology, key surveillance solution providers in Australia.
Seagate Surveillance HDD - the New Generation of SV Drive Seagate’s seventh-generation Surveillance HDDs offer capacities of up to 6TB, catering for storage of up to 600 hours of high-definition (HD) content. Customized for surveillance and video analytics applications, the industry’s highest capacity drives also offer optional rotational vibration (RV) sensors to ensure system vibration tolerance in systems with up to 16 drives − a boon for SMEs and growing companies with no in-house IT support.
“
Automatically activated upon purchase, Seagate Rescue services delivers peace of mind and cost savings – giving customers three years of data recovery at a fraction of the cost of third-party services.
”
Sam Zavaglia, Senior Field Applications Engineer, Seagate Customer Technical Services
Designed to support surveillance recordings from multiple cameras, Surveillance HDD supports up to 32 channels and easily handles the higher write workloads required by surveillance systems, while supporting large streaming workloads for longer periods of time. These features, coupled with the optional RV sensors and Seagate’s Rescue service, improve drive performance in multi-drive and RAID systems and increase the value of surveillance data – by delivering the highest data integrity possible.
Looking Ahead into 2015 2015 will see Seagate strengthening our position in the surveillance industry in Australia. As a trusted storage solutions provider, Seagate is committed to helping the industry manage storage growth, bolster data security and protection − all while cutting TCO. 1 Over 415 petabytes of data are generated in just one day by video surveillance cameras installed worldwide in 2013. (Source: IHS, October 2013)
For more information:
Visit us at http://www.seagate.com/au/en/ Email us at apj.sales.enquiry@seagate.com with email title “Enquiry <ASM, Feb>”. Call us at 1800 147 201.
AIG Travel strengthens global security team with new hire
AIG Travel, a global leader in travel insurance solutions and global assistance services, has appointed Adam Fitzpatrick as Regional Security Manager, Asia Pacific. Based in Melbourne, Australia, Fitzpatrick will work closely with AIG Travel’s Kuala Lumpur travel assistance service center, as well as AIG’s greater global security team in the Asia Pacific region, and the Houstonbased global security operations center. He will oversee client-facing operations, with a focus on sales support, client development, emergency assistance and incident management. “Adam Fitzpatrick is a welcome addition to our team,” said Eric Kloss, Assistant Director of Security Operations, AIG Global Security. “We look forward to utilizing his deep knowledge and expertise as our worldwide security services continue to expand.” With a 30-year career, Fitzpatrick has served in threat and risk management for commercial companies as well as government entities in Australia. Most recently, he managed security for a global defence, security and aerospace company. Previously, he directed risk management and business intelligence service firms with offices in Australia, New Zealand and South America. Fitzpatrick was named a finalist in the 2014 Australian Defence Excellence in Security Awards for outstanding contribution to security in the defence industry. His background includes service on various state executive committees in Australia related to risk management and security. Additionally, he served as an Australia Federal Police officer and served two tours of duty with the United Nations Forces in Cyprus (UNFICYP), where he received the Cyprus Medal and Police Overseas Service Medal. He was also a member of the Australian Special Forces Army Reserve, 1 Commando Company. Fitzpatrick holds diplomas in intelligence analysis, security and risk management, and government investigation. He is a member of the American Society of Industrial Security (ASIS), the Asia Crisis and Security Group, Australian Corporate Security Executives, and the Australian Institute of Personal Intelligence Officers. He has presented at forums on threat and risk management as well as terrorism and disaster planning, appeared on news programs discussing security issues, and contributed to a publication on the global challenge of food and water security.
6 | Australian Security Magazine
Strive to Succeed - ASIS International Dan Grove Scholarship Award Since 2012 I have been a member of ASIS International, and I have been a member of the executive team for the Victoria Chapter for the past two years. ASIS International is the pre-eminent global organisation for security professionals. Founded in 1955 has currently an excess of 38,000 members worldwide. ASIS International is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. Being a member of ASIS International has been an instrumental part of my career development over the past few years, in 2014 I took up the roles as Events Coordinator and Young Professionals Liaison for the Victorian Chapter. As the events coordinator I have organised events covering topics such as transport policing, security training and Enterprise Risk Management, the Victoria Chapter aims in providing comprehensive educational and networking events throughout 2015. Including the development of the ASIS Young Professionals program in the chapter whose core mission is to develop and educate young professionals in the security industry. Late November I was notified that the ASIS Asia-Pacific Advisory Council had selected me as the recipient of the 2014 Dan Grove APAC Regional Scholarship.
The Dan Grove APAC Regional Scholarship recognises an emerging security professional and member of ASIS in the Asia Pacific Advisory Council (APAC) region with a commitment to the practice of security management as demonstrated through their ongoing security employment coupled with ASIS or other security industry volunteer service. Dan Grove was an FBI Agent for 25 years and a China specialist for much of that service. He opened the FBI liaison office at the American Consulate General in Hong Kong in 1966 and covered most of Southeast Asia, Australia and New Zealand from that post. On retiring from the FBI and after a short stint as Security Manager, Asia - Pacific for Levi Strauss & Co., Dan moved back to Hong Kong, where he was associated with Pinkerton Asia, Security Support Services Ltd. and Hill & Associates. Dan was active in founding the Hong Kong Chapter of ASIS and served as its first Chairman. This award is named in Dan’s honour in recognition of his contribution to the security industry in the Asia Pacific region, and his desire to develop future security professionals. To accept the award, I was flown to the 8th ASIS Asia-Pacific Security Forum & Exhibition held in Singapore. The Security Forum and Exhibition was held at Sands Expo & Convention Centre, Marina Bay Sands which brought high-level professionals from various backgrounds and disciplines to share industry experiences, best practices, and innovative ideas. I was privileged to join delegates, and special guests from across the Asia Pacific region and
the United States to hear speakers presenting on topics such as Crimes of the future, Emerging Risks from Islamic Militancy, Physical Security and global business issues to name a few. During the conference there were plenty of high-level opportunities to network with global security peers, other ASIS International members and volunteers where I got to share my own experiences as an up and coming security professional. Networking within the ASIS community is seen as highly valued as the members can connect globally. As I continue my professional career growth in the security industry, I will continue to be an active member of the ASIS International, including the Victoria Chapter. I highly recommend to any security professional to a member of ASIS International where their mission is to promote excellence and leadership in the security management profession.
Applied Intelligence appoints Dr Malcolm Shore as Technical Director for Australia
BAE Systems Applied Intelligence has appointed Dr Malcolm Shore as Technical Director, Australia. Dr Shore will be responsible for advising senior client executives on cyber security, driving technical research and the introduction and evolution of the global cyber solutions portfolio into the region. Dr Shore has more than 30 years of experience in the defence and information security sectors in Australia and New Zealand. He has strong expertise in applied IT security, with a focus on policy and governance. He joins BAE Systems Applied Intelligence from the Australian National Broadband Network Company, where he was the Principal Security Officer for three years, responsible for physical, personnel and information security and privacy. Rajiv Shah, Australia General Manager, IS&S, BAE Systems Applied Intelligence, said: “With this appointment, BAE Systems Applied Intelligence is reinforcing its commitment to technical leadership and profound technical experience in cyber security for Australia and New Zealand. Malcolm has extensive experience in telecommunications and operational security, which will assist our drive in those areas.” Malcolm has worked in senior roles in Government, at CES Communications, Telecom New Zealand (now Spark) and PricewaterhouseCoopers. He has held an adjunct position as Senior Fellow at Canterbury University, Christchurch and is currently an
adjunct Professor at Deakin University, Melbourne and at the Australian Defence Force Academy campus of the University of New South Wales.
Intel Security appoints industry leader Matthew Drake to head up ANZ Consumer Operations and announces additional appointments
McAfee, part of Intel Security, has announced a host of new senior appointments across its ANZ Consumer business, including Matthew Drake to the role of ANZ Consumer Director, David Berthelsen as ANZ Business Development Manager and Paul Puech as Asia Pacific Online Sales Manager at Intel Security. The announcement comes as Intel Security continues to invest in its Asia Pacific Consumer operations, a process begun earlier in the year with the appointment of ex-Symantec Consumer Vice President, David Freer. Bringing with him an outstanding array of experience, Matthew Drake joins the North Sydney-based McAfee team, taking responsibility for all of Intel Security’s routes to market including OEM & ISP partnerships, retail and online operations. Over the past nine years, Matthew has led Symantec’s Australia & New Zealand Norton consumer business and has previously held global marketing roles in the US as well as North American consumer and channel marketing responsibilities. Throughout his career, he has won numerous awards including the CEOs Champion’s Circle, Worldwide Consumer Salesperson of the Year, Worldwide Consumer Sales Leader of the Year, and was recognised in 2014 with the ARN Community Channel Champion award. Matthew comments, “The past year has well and truly brought global digital security to the forefront of public concern. McAfee is in a very strong position and I’m very much looking forward to building on this and driving further expansion across Australia and New Zealand.” David Berthelsen was the National Brands Manager for Oceania, leading major projects that developed brands and products for the app based ‘Connected Fitness’ market. Prior to his most recent role, David was Country Manager for
Symantec New Zealand’s Norton business and in addition had account responsibility for some of the largest retail accounts in Australia. He will report into Matthew Drake. Paul Puech joins from international mobile gaming company Gameloft, where he held numerous senior roles including Country Director Australia and Acquisition Sales for APAC. Prior to Gameloft, Paul worked across Brand and Product Manager positions at L’Oreal and Unilever. David Freer, Vice President, Consumer APAC added, “We are hugely excited to welcome Matthew, David and Paul to the Intel Security family. All three bring such a broad range of refined experience to Intel Security’s consumer business and are the perfect fit as we continue to drive the Asia Pacific region forward.” If you have an entry for Movers & Shakers please email details and photo to editor@australiansecuritymagazinecom.au
Australian Security Magazine | 7
International
Pseudo Scie Pseudo Science
On 2 May 2013, the England and Wales Central Criminal Court sentenced James McCormick to 10 years jail for fraud. His crime was the sale of a fake bomb-detector called the ADE 651. In his closing remarks, the judge, His Honor Judge Hone QC, said of the ADE 651 and Mr. McCormick, “The device was useless, the profit outrageous and your culpability as a fraudster has to be
placed in the highest category.” This paper is a case study of the ADE 651 as an example of the extreme danger pseudo-science can pose to people working in the security industry. by Kevin Davies
The claims
T
he Advanced Detection Equipment – 651 Remote Substance Detector was “developed” by James McCormick, founder and sole director of Advanced Tactical Security & Communications Ltd (ATSC Ltd or ATSC Ltd. UK), based out of Somerset, England in 2001. According to the ADE 651 – Frequently Asked Questions: The ADE works on the principal we call ElectroMagnetic Attraction, EMA. The principle for long range detection is based on substance excitation that needs to be detected, with an electromagnetic field that propagates on a long distance and is not disturbed by the “ electromagnetic noise” from the environment generated by such things like RF transmitters and other electronic equipments [sic] that use electric current or electromagnetic waves... …When the electromagnetic signal of the substance that the ADE is searching for is located within its detection range, the ADE’s receiving direction indicator, (the antenna), will move towards the direction of the existing substance. Essentially, the ADE functions like a hyper sensitive receiver. ATSC has incorporated EMA technology into its proprietary Substance Recognition Cards to specifically target either a specific substance, or group, or family of substances. For example, particularly in the case of Explosives, the Substance Recognition Card for “Plastic” can detect the family of Plastic Explosives including C4, C3, Semtex, etc. The ADE is able to penetrate all known substances which may be used to
8 | Australian Security Magazine
“camouflage” the target substance because it will “lock” onto the programmed target substance only and will “bypass” any substance(s) that may be in between the target substance and the programmed ADE card. Another [sic] example could be home-made explosives such as Ammonium Nitrate whereby the ADE could not distinguish [sic] the difference between this (as an explosive) and the same as used in farm fertilizer. In essence, the ADE functions like a hyper sensitive receiver. As the ADE receives an attraction signal from the target substance, its Indicator moves across the Operators’ body to form a 90 degree angle toward the direction of the substance. A hand-held, lightweight device, it was capable of operating without power sources such as batteries or mains power as it used electrostatic electricity generated by the user while s/he was in motion. One drawback of this was that the ADE 651 could not “currently be mounted in a stationary position to operate.” With a “typical 2% false positive rate”, it was able to detect substances up to 650 meters away, within less than 30 seconds and had a setup time of less than 1 minute. It was also capable of detecting substances while airborne, underground or underwater (detection ranges of up to 5000ft, 10m and 10m respectively). Physically, it resembles a bar-code scanner. Attached to the handle is a hinged panel with a telescopic antenna coming out of the base of it. An optional extra was a static meter. The price per unit for an ADE 651 varied from $US 2,500 to $65,000.
International
The Reality The reality of the ADE 651 is one far removed from the claims and it is difficult to believe that people conceive of such devices, much less actually produce and sell them. The ADE 651 was based on a novelty golf-ball finder called the ‘Gopher Amazing Golf Ball Finder’ and cost less than $50.00 each to build. Instead of using “Electromagnetic attraction”, the ADE 651 worked along similar lines to divining or dowsing. The reason why the antenna would turn and point at substances or objects thought to contain substances was due to the ‘ideomotor effect.’ According to the magician and sceptic James Randi, who, in May 2008, challenged McCormick to prove the ADE 651 worked under scientific testing, the ideomotor effect is:
ence …the psychological phenomenon that underlies dowsing, automatic writing, table tipping, and the Ouija board. Quite unconsciously, the participant is moving the hand enough to make the movement of the involved device occur, though he may attribute the motion to the divine or supernatural force in which he believes. In all these events, nothing in the way of information is revealed to the operator except what he already knows. The effect is very powerful with some personalities, and no amount of evidence will disabuse believers in the magical nature of the phenomenon.
A team at the University of Cambridge’s Computer Laboratory conducted scientific testing of the ADE 651 for BBC Newsnight during January 2010 and the results, according to Michael Sutherland, a member of the team, were that “After many trials we found that the ADE-651 device was no better than random chance at detecting explosives.” In addition, the team conducted tests on the ‘Substance Recognition Cards’ to see if there was any information stored on the cards. These cards also failed scientific tests and contained “nothing but a type of anti-theft tag used to prevent stealing in high street stores.” The ADI 651 is, as so bluntly put by Randi, a “useless, quack, device which cannot perform any other function as separating naïve persons from their money. It’s a fake, a scam, a swindle, and a blatant fraud.” The British Government banned the ADE 651 for export to Iraq and Afghanistan under the Export Control Act 2002 on 22 January 2010. Operational History Despite the pseudo-scientific nature of the ADE 651, the device has an extensive operational history with Governments and agencies buying over 7000 of them. Countries which purchased the ADE 651 included Iraq, Bahrain, Pakistan, Lebanon, Thailand, Kenya, Niger, Saudi Arabia and Belgium, as well as the United Nations. Images from the devices website show one detecting buried ordinance in Lebanon. Iraq was the largest single user of the ADE 651 with purchases totalling $US85 million dollars in 2008. Following a spate of car bombings in early December 2009 that killed 127 and wounded 450, the situation ventured into
The Alleged ATSC Ltd, ‘ADE 651,’ ADE651 remote substance detector
The Alleged ATSC Ltd, ‘ADE 651,’ ADE651 remote substance detector kit
the absurd when the man responsible for bringing the devices to Iraq, Maj. Gen. Jehad al-Jabri, head of the Ministry of the Interior’s General Directorate for Combatting Explosives, personally demonstrated how the device worked at a press conference. The Major General, along with two other Iraqis, later went to jail for their involvement with McCormick and the ADE-651. In 2010, security personnel used the ADE 651 at the Jinnah International Airport, Pakistan. Following the terrorist attack there on 9 June 2014, killing 13, Dr. Sutherland asked the Pakistani Government and airport operators if the ADE 651 was still in operation there but did not get a response, promptly speculating that it was.
Australian Security Magazine | 9
International
*Representation of the stolen Buddha statue 10 | Australian Security Magazine
International
H e r i ta g e for
Sale One positive fallout of the warming relationship between India and Australia has been the return of priceless antiquities to India that had surreptitiously ended up in Australian art galleries.
I Sarosh Bana Correspondent
n a move that sought to bring an end to an international art scandal of vast implications, the Australian government announced that it would be returning a stolen Kushan period Buddha statue dating back to the 2nd century BC that had surfaced in Canberra’s National Gallery of Art (NGA) in 2007. The Gandhara and Mathura schools of art had flourished during the reign of the Kushan dynasty that had ruled over most of the northern Indian subcontinent, Afghanistan and parts of Central Asia between the 1st and 3rd centuries BC, and which had been instrumental in spreading Buddhism in Central Asia and China. Canberra’s decision was prompted by New Delhi’s request for a service of process on grounds that the red sandstone Buddha, originally from the northern region of Uttar Pradesh in India, had been stolen and sold fraudulently to Australian authorities. Australian Prime Minister Tony Abbott has on several occasions stated that improving relations with India was high on his priority list and one of the ways he has reached out to the Indian government is by returning stolen artefacts smuggled out of India. Heeding a long-pending request from India, Abbott had used his state visit there last September to hand over to Indian Prime Minister Narendra Modi two antique statues of Hindu deities that were on display in Australian galleries, including the NGA, after having been stolen from temples in Tamil Nadu. One sculpture was of Ardhanariswara, which represents Shiva in half-female form, and dates back to the 10th century, while the other was of Nataraja, the dancing Shiva, belonging to the Chola dynasty of the 11th-12th century. The bronze statue of Nataraja was acquired by NGA in 2008 at a price of $5.1 million from Subhash Kapoor who ran the Art of the Past gallery at 1242 Madison Avenue, at 89th Street, in New York. Kapoor, an American citizen born in India 63 years ago, was arrested in Germany in 2012 and subsequently extradited to India on charges of burglary and smuggling of Indian antiquities. The Manhattan district attorney’s office also has a warrant for his arrest in the United States on charges of possessing stolen property, with investigators having seized more than $20 million worth of Asian antiquities from storage units in Manhattan linked to him. Many of these ancient bronze and sandstone statues
were found to have been looted from temples in India. The Ardhanariswara stone statue was purchased for $280,374 by the Art Gallery of New South Wales in 2004. “Returning the sculptures is a testimony to Australia’s good citizenship on such matters and the importance with which Australia views its relationship with India,” Abbott’s office has said. Modi and Abbott have a good personal rapport and this has given an impetus to bilateral relations. The 63-year-old Bharatiya Janata Party leader of India and the 56-year-old Liberal Party leader of Australia were elected to office within eight months of each other, and Abbott became the first head of government to be hosted for a standalone bilateral visit by the Modi government that came to power in May 2014. Last November, Modi also became the first Indian prime minister in 28 years to visit Australia. In a tribute to Abbott’s leadership, he said Australia was “no longer on the periphery of our region but at the heart of our thoughts”. While visiting India, Abbott had said: “The purpose of this trip, as far as I’m concerned, is to acknowledge the importance of India in the wider world, acknowledge the importance of India to Australia’s future, to let the government and the people of India know what Australia has to offer India and the wider world for our part, and to build on those stronger foundations.” The repatriation of the stolen Indian antiquities, however, raises a larger issue. And that is whether institutions like the NGA, which is a designated Australian Government Agency, can walk away from such episodes and be absolved of all responsibility, liability and criminality simply because they are returning stolen exhibits that they have purchased and/or publicly displayed. For instance, would Kapoor walk free if he were to return the ill-gotten antiquities? Illegal excavations and the illicit trade in cultural property have been flourishing just because this criminality, that desecrates a nation’s heritage and cultural wealth, is patronised, unwittingly or otherwise, by individual art collectors and national museums and galleries. Seeking to tighten its legislation of 2007 on the protection of cultural objects, the German government has noted that although it is “common practice for museums not to purchase cultural
Australian Security Magazine | 11
International
‘India’s Antiquities and Art Treasures Act of 1972 stipulates “imprisonment for a term which shall not be less than six months but which may extend to three years and with fine” for anyone exporting or attempting to export any antiquity or art treasure. ‘
12 | Australian Security Magazine
objects of indeterminate provenance”, the fact remains that “illegally excavated or illicitly exported cultural treasures are still being bought and sold”. Alarmed by this illicit trafficking of national history and by the fact that the widespread turmoil in civil war-torn Middle Eastern and African countries like Iraq, Syria, Egypt and Libya has led to the plunder of cultural sites and national collections, archaeological custodians the world over are urging for stricter protection of these treasures and effective norms for their recovery. India especially has an extraordinarily rich, vast and diverse cultural heritage in the form of built heritage, archaeological sites and ruins since prehistoric times. The sheer magnitude in numbers alone is overwhelming and these are the symbols of both cultural expression and evolution. A lot of this invaluable heritage was carted away to England as spoils of the Empire during the British Crown rule over India between 1858 and 1947, the most remarkable having been the diamond named Koh-i-Noor (meaning Mountain of Light in Persian), once the largest diamond in the world and measuring 793 carats when it was uncut. Installed in a temple of a Hindu goddess as one of her eyes, this stone, 105.6 carats at present, is now set into the crown worn by the female consort to the Monarch of the United Kingdom, and is on display in the Tower of London. Indeed, the Council of the National Gallery of Australia has itself initiated an independent review to address provenance issues of its Asian art collection. Provenance is the chronology of the ownership, custody or location of an historical object. Following a meeting last November, the Council appointed an independent reviewer to report to it on the interpretation of relevant cultural laws (Australian and country of origin), revised the gallery’s due diligence procedures to align with federal guidelines for collecting cultural material, and launched the NGA website provenance project for listing, and seeking further information about, all imaged sculptures from South Asia and Southeast Asia which the gallery is researching. The NGA’s Asian art collection holds approximately 5,000 items and a preliminary internal assessment has identified 54 significant South Asian works, now public on its website, for which further information and documentation are sought. The gallery expects detailed research of this kind to take several years to complete. “The NGA acknowledges that there are works in the collection whose provenance and legal status needs a renewed level of scrutiny,” said its Director, Gerard Vaughan. “The situation is regrettable, however we are now addressing these issues in a proactive and open manner.” Criminologist Duncan Chappell from the University of Sydney’s Law School has been quoted as saying that the NGA has probably not been able to do due diligence in a manner one would have expected of a major institution. Terming the gallery “naive” in the way it has handled this matter, he believes its suspicions about the artworks’ antecedents should have been aroused, because obtaining any Indian antiquities was in itself “always a highly hazardous position” in view of the antiquities laws prevalent there. In the case of the arrested Kapoor, he used his gallery website, since closed, to highlight the many prominent museums he used to
professionally deal with, including the Metropolitan Museum of Art, the Smithsonian Institution’s Freer Gallery of Art, the Arthur M. Sackler Gallery in Washington, and the Norton Simon Museum in Pasadena, California. This malaise appears to be far-reaching. The only really comprehensive study of provenance ever undertaken was in 2000 by British archaeologists Christopher Chippindale and David Gill when they systematically reviewed the reliability of the claimed provenance in the catalogues of seven important international collections of antiquities. To their consternation, they found that as much as 75 per cent of the 1,396 objects they reviewed had no documented provenance whatsoever. Over 500 of the antiquities did not have any kind of “object history”, which meant they appeared for the first time in those public exhibitions, underscoring the fact that they were sourced from clandestine excavations. The two researchers also found that items whose excavation sites had been specified as “unknown” in earlier exhibitions, had on subsequent occasions been assigned to particular origins, an indication that their provenances were forged. At times, countries themselves have been culpable of historical and archaeological neglect. “There is no comprehensive record in the form of database where such archaeological resources in terms of built heritage, sites and antiquities can be referred,” says Meena Gautam, Director, National Mission on Monuments and Antiquities, of the Archaeological Survey of India (ASI). “As a result, this finite, non-renewable and irreplaceable resource of our country is fast disappearing without any record for posterity.” She thus underscores “an urgent need” for a proper survey of such resources and, based on that, the formulation of an appropriate archaeological heritage resource management and policy. The National Mission estimates approximately seven million antiquities in India, whereas till now, it has managed to register only around 480,000 of them. Experts, however, believe the National Mission’s calculation of the antiquities is grossly underestimated. India’s Antiquities and Art Treasures Act of 1972 stipulates “imprisonment for a term which shall not be less than six months but which may extend to three years and with fine” for anyone exporting or attempting to export any antiquity or art treasure. Antiquities and art treasures have been notified as objects that have been in existence for not less than 100 years. The Kushan Buddha had reportedly been purchased for the NGA from art trafficker Subhash Kapoor “with the generous assistance” of billionaire Australian philanthropist Roslyn (Ros) Packer. The gallery was constrained to launch an inquiry once the Indian authorities took up the issue with Australia. It transpired that Kapoor had misled the Australian authorities into believing that the red sandstone idol had been purchased from a British collector in Hong Kong. The investigations revealed that the New York-based gallerist had travelled to India and acquired two Kushan Buddhas from a trafficker. Treasure-hunting collectors and galleries owe a moral responsibility to society – and to their own trade – by ensuring against participating in a plunder that impoverishes cultures.
Security Systems are going IT and
you don’t have to do IT alone.
SEKTOR LAUNCHES SECURITY DIVISION
Networking
Mobile Computing
Point of Sale
Security
Healthcare
Sektor is Australasia’s leading technology distributor to the Networking, Mobile Computing, Retail Point of Sale and Healthcare markets. Their world‑leading IT brands include: HP, AEROHIVE, ARUBA, HONEYWELL, DATALOGIC, EPSON, TOSHIBA, and ZEBRA. Recognising the trend of security solutions becoming more IT centric, Sektor established its Security Division to support resellers and their customers with these new challenges and proudly brings its extensive expertise to the Security market with innovative solutions from: *
**
Staying one step ahead of your competition is a constant challenge. Selling exclusively via integrator channel partners, Sektor’s ongoing research into emerging trends and technologies ensures its partners are ideally placed to bring the latest innovations and solutions to their customers. Sektor enhances integrators’ businesses via its online partner portal as well as expert advice, service and support from its team of highly skilled technicians with full IT experience. Sektor also provides integrator training programmes as new technologies are introduced to the market.
Find out how Sektor can help you keep on top of IT. p:
1300 273 586 | e: security@sektor.com.au |
* Bosch products only available in Australia ** Panasonic products only available in New Zealand
w:
www.sektor.com.au
International
F O E S I R E TH A N I H C N I M S I R O R R TE own
and its ’ r o r r e T n o ‘War
By Paul Johnstone
14 | Australian Security Magazine
A
gainst the backdrop of a rising number of domestic terrorist attacks, which bear significant human, political, economic, and social costs, China is confronted with the challenge of balancing its domestic and international obligations to protect its citizens, whilst balancing to manage and maintain effective human rights and international relations with the west. This paper seeks to place the recent significant increase in domestic terror attacks throughout China in a broader context by presenting a range of evidence that highlights China’s fragile history with its own Muslim population, its own views on terrorisms, it’s control over media reporting of attacks, and it’s reluctance to engage with the western community in the fight against Islamic terrorist groups. One of the difficulties with this report is that the Chinese Government clearly manipulates the media and information
about its domestic terrorism threats and consequently, to suit its own domestic and international policy objectives. Background While terrorism is well known throughout the world with the 9/11 attacks against America and subsequent attacks in the United Kingdom, and other western allied countries, China doesn’t receive the same international attention. Recent incidents of political violence are not an anomaly for China, as terrorist violence has been threatening the middle kingdom long before 9/11 and it has experienced a rising increase of terrorism incidents over the past decade with more than 200 attacks from 1990 to 2001 . In the aftermath of the 9/11 attacks on the United States, China launched its own war on terror against “terrorists”
International
fighting for an independent state in the north western autonomous region of Xinjiang Uyghur where the ethnic minority Uighur people are predominately Turkic-speaking Muslims and have long desired to have their own national ambitions separate of China control. This massive region of land is one-sixth of China’s total territory. On December 15 2003, China’s Ministry of Public Security issued a list of what it considered terrorists threats to its establishment. The list included the Eastern Turkestan Islamic Movement (ETIM), the East Turkestan Liberation Organization (ETLO), the World Uyghur Congress, and the East Turkestan Information Center. The ETIM is a Muslim separatist group based in China’s Western region that shares borders with Pakistan and Afghanistan. It has also been identified as a terrorist organisation that demands an independent fundamentalist Muslim state for the Uyghur ethic minority in northwest China. After 9/11 the Chinese Government warned the United States that ETIM had links to al-Qaeda. In August 2002, after months of pressure from Beijing, the Bush Administration decided to list the ETIM as a terrorist organisation and froze the group’s United States based assets. Since 2002, the United States has placed the ETIM on two terrorist blacklists-one for finance and one for immigrationand lobbied for its inclusion on a UN blacklist, but refrained from adding the group to the State Department’s high – profile list of Foreign Terrorist Organisations (FTOs). The Australian Government does not include ETIM on its list of terrorist organisations, however; it has listed the Islamic Movement of Turkestan, which has links to Xinjiang in Western China and its members include Uyghur’s. Some international observers have questioned if the ETIM remains active, or even if it has ever existed at all. In 2006, the United States captured over 20 Chinese Uyghur fighters in Afghanistan on suspicion they were fighting with Al-Qaeda. They were imprisoned in Guantanamo Bay (GTMO) Accused ETIM members detained at GTMO provided information that supported claims of the organisations existence, in part by volunteering the names of known ETIM figures as the leaders of their training camp in Afghanistan including ETIM leader Abdul Hag. After being reclassified as No Longer Enemy Combatant a panel of judges ordered their release, however; due to the China’s history of human rights and the uncertainly of their safety if sent back to China, the Uyghur’s were eventually resettled in Palau, Albania, Bermuda, El Salvador and Switzerland. Although Beijing claims there are harmonious ethnic relations between the Han and Uighur people, underneath this smoke screen China maintains a pervasive structured system of ethnic discrimination against the Uighurs. Many Uighurs complain that Beijing imposes discriminatory policies, curbs religious and cultural beliefs, and has increased Han immigration in an attempt to dilute the indigenous population. Like many Muslim minority groups living under non-Islamic rule, Chinese Muslims have faced problems of identity. Raphael Israeli, in his book, Islam in China Religion, Ethnicity, Culture, and Politics states that Chinese Muslims face acute problems of identity, so acute in fact that their survival has often hinged upon the clarity of their identity boundaries, their relationships with their host, and even the
In February 1998, Hasan Mahsum, a leader of the ETIM based outside China had sent 150 terrorists into China and that approximately a dozen training bases had been established in Xinjiang and inland regions. fabrication of myths to supplement their history of uneasy coexistence throughout their millennial existence in China. China’s links between its Muslim population and its stance on its war on terror stems from its own policy of involvement in international conflicts. Professor Rohan Gunaratna reports that at the height of the Cold War, China trained Muslim Uighurs to fight the Russians in Afghanistan, fearing that the old Silk Road along the Karakoram highway could come under Moscow’s domination if the Soviet Union was not dislodged from Kabul. As China’s footprint on the world stage continues to grow rapidly, so too is the threat that it will experience unprecedented terrorism over the next several years and into the unforeseeable future. Americans have been the most popular terrorist target because of its position as a superpower around the globe which has caused resentment and mistrust with other nations. Professor Robert Page of the University of Chicago has found that foreign meddling is highly correlated with incurring suicide terrorist campaigns. Until the recent IS and Al-Qaeda threats against China, it has elicited less violence among foreign terrorists due to its insular foreign policy. China is dominated by the Han ethic group; however in the north western region of Xinjiang, the ethnic minority Uighur people are predominately Turkic-speaking Muslims. Although Beijing claims there are harmonious ethnic relations between the Han and Uighur people, underneath this smoke screen China maintains a pervasive structured system of ethnic discrimination against the Uighurs. Many Uighurs complain that Beijing imposes discriminatory policies, curbs religious and cultural beliefs, and has increased Han immigration in an attempt to dilute the indigenous population. Example of Attacks The 1980’s and 1990’s witnessed horrendous acts of violence in Xinjiang including riots in April 1980 and the Uyghur Provincial Committee members dissented against the Chinese authority in 1981. In May 1989, Muslim students in Xinjiang University protested against the imposition of Chinese policy of birth control on non-Han people. On February 28, 1991, an explosion at a video theatre in a bus terminal in Kuqa Country, Aksu Prefecture, Xinjiang, caused the death of one person and injuries to another 13 people. In 1996 the official Chinese Xinhua news agency reported Public Security Ministry Communist Party secretary, Luo Feng as saying that since 1993, more than 300 police officers had been killed each year in China in the line of duty and that kidnapping, hijacking of planes, ships
Australian Security Magazine | 15
International
In July 2009 Xinjiang was shocked by some of the worst inter-ethnic violence seen in China, resulting in reports of 150200 people killed and the arrest of thousands and a security crackdown. The Chinese Government blamed the United States based Uyghur activist, Rebiya Kadeer and other hostile external forces for attempting to separate Xinjiang from the People’s Republic of China.
The Xinjiang province in China
and cars, explosives, robbery, murder, smuggling and drug trafficking as among the more serious crimes that are on the rise in China. In February 1998, Hasan Mahsum, a leader of the ETIM based outside China had sent 150 terrorists into China and that approximately a dozen training bases had been established in Xinjiang and inland regions. Chinese authorities’ reported a number of years later that Hasan Mahsum, who by then was at the top of its wanted list, had been shot dead in Pakistan, where he had allegedly been operating near the Afghan border. Following the June 2004 terrorist attacks in Afghanistan where approximately 20 armed insurgents attacked a Chinese workers compound, killing 11 Chinese nationals and injuring four others, Chinese President Hu Jintao reinforced China’s condemnation of terrorism. “China has always been firmly opposed to terrorism and strongly called for international cooperation in the fight against terrorism” Hu, said China “will not give up our responsibility in the fight against terrorism just because our citizens were attacked.” In July 2009 Xinjiang was shocked by some of the worst inter-ethnic violence seen in China, resulting in reports of
16 | Australian Security Magazine
150-200 people killed and the arrest of thousands and a security crackdown. The Chinese Government blamed the United States based Uyghur activist, Rebiya Kadeer and other hostile external forces for attempting to separate Xinjiang from the People’s Republic of China. In June 2013, nine members of the police and security forces were killed when armed attackers stabbed them to death and set police cars alight during attacks on police stations and other government buildings in Lukqun, a resource -rich region of Xinjiang. On October 28, 2013, two tourists were killed and 38 others were injured in Tiananmen Square, Beijing, when an SUV crashed into a crowded bridge outside the Forbidden City. Chinese authorities suspected that the attempted car bombing was carried out by Uighur separatists and that the vehicle, registered in Xinjiang Province, contained a container for petrol, two knives and a flag with extremist religious slogans on it. Chinese police arrested five people in connection with the attack. Several weeks later a series of explosions rattled the provincial Communist Party headquarters in the northern province of Shanxi, killing one person and injuring 8 others. According to China state media reports, ball bearings were scattered at the scene which indicates that the explosions were the result of improvised explosive devices. The ETIM claimed responsibility for the attacks and threatened Beijing with similar attacks in the future. Just before 6am on June 26 2013, nine members of the police and security forces were killed when a group of Uyghur men armed with knives stabbed them to death and set police cars alight during attacks on police stations and other government buildings in Lukqun, a resource -rich region of Xinjiang. Media reports indicated that 24 people had been killed and that police killed 11 of the attackers. On March 1, 2014, a group of eight assailants dressed in black and armed with daggers, knives and meat cleavers unleased a brutal stabbing spree at a railway station in the south-western city of Kunming resulting in the deaths of 29 people and wounding 143 during the attack which was later referred by Chinese state media as “China’s 9/11”. On April 30, 2014, assailants armed with knives and explosives carried out an attack at a railway station in Urumqi, killing one person and wounding 79. On May 22, 2014, at least 39 people were killed and more than 90 injured after two SUV vehicles drove into a busy street market in Urumqi, Xinjiang and one of the vehicles exploded. According to Chinese state news agency, Xinhua, five attackers were responsible for the blasts; four were killed in the subsequent explosions, and a fifth person arrested. All attackers were identified through DNA testing. Use of the Media and the Internet The media use the word terrorism as a term that will persuade people to read newspapers and watch television news programmes. Just as the Chinese Government manipulates the media and internet for its reporting of domestic terrorism in China, so too does the terrorist groups with a vested interest in establishing an independent fundamentalist Muslim state in Xinjiang. Whilst the Chinese Government
International
is creating electronic cyber measures to prevent internet exchange of information and communication with the free world, terrorist groups have increasingly utilised both media and the internet to reach out to a wider audience in its attempts to radicalise and spread its own propaganda. In the October 2014 edition of Al-Qaeda’s English-language magazine Resurgence, it describes China’s restive Xinjiang region as an “occupied Muslim land” to be “recovered into the shade of the Islamic State”. The magazine also features an article titled “Did You Know? 10 facts About East Turkistan, “referring to the name for Xinjiang used by those who advocate independence from China. The ETIM has utilised the media with its own media organisation called “Islam Awazi” in Uyghur, which means “Voice of Islam” in English and “Sawt al-Islam” in Arabic. The ETIM has also published online statements in English, Arabic and Uyghur in an effort to reach an international audience. However, just as the Chinese state media controls its media and uses propaganda in an effort to stigmatise ETIM and other Uyghur, it is highly likely that ETIM uses the same tactics. The threat from International Terrorist Organisations In early 2014, Iraqi military forces reported that they had captured a Chinese terrorist fighting with the Islamic State (IS). Further reports from Baghdad indicated that the captured terrorist was a Uighur from China. Iraq’s Minister of Defense posted photographs of the captured militant and stated that it was the first sign that Chinese nationals are answering the call of jihad and going into Iraq and Syria to fight for the Sunni group to establish an Islamic Caliphate. According to Wu Sike, China’s special envoy to the Middle East, China suspects that this alleged militant is but just one of an estimated 100 Chinese citizens from Xinjiang, who may be fighting with Islamic State. Al-Qaeda is not the only jihadist organisation to criticize and threaten the Chinese Government and its treatment of Muslims in Xinjiang. In July 2014, the self –styled Islamic State leader Abu Bakr Al-Baghdadi spoke out in relation to Muslim rights being forcibly seized in China in a call for Muslims around the world to pledge allegiance to him. He also stated that “Your brothers all over the world are waiting for your rescue, and are anticipating your brigades”. AlBaghdadi mentioned China as the first country on the list and shows a map that reportedly highlights the territory that IS plans to occupy in the next five years-which includes a portion of Xinjiang.
numbers of people including international tourists and western media. Whilst the ETIM itself represents no serious challenge of Beijing’s power, the group will continue to use violence against the Communist Party to provoke China into harsh antiterrorism and security crackdowns that violate human rights, incite further disharmony and ethnic tensions, and to increase further violence in Xinjiang and other regions of China. China will continue to experience unprecedented terrorism over the next several years however the international community needs to exercise caution when analysing terrorism related attacks occurring in China. It is a wellestablished fact that Chinese state media in conjunction with state censors are deliberate in their attempts to dissimulate information that suits a particular political objective and what information is released to its own public as well as the international community. Foreign diplomats and journalists are restricted in their attempts to independently research and verify information pertaining to terrorism related attacks. This in itself creates uncertainly to the accuracy of reporting by state run media outlets regarding terrorist attacks and activities with China. China’s openly denounces terrorism, however; its reluctance to join other countries such as the United States, United Kingdom and Australia in its fight against IS detracts from its international stance, it is anticipated that as the threat of domestic terrorist attacks on Chinese territory rises, the support from western countries will decrease.
Conclusions Historically, western nations including the United States, United Kingdom, Australia and the European Union have been the preferred target of terrorist attacks both internationally and domestic. Whilst China has been spared internationally, the Kunming attack and Tiananmen attacks are symptomatic of new trends in domestic terrorism throughout China and militants may be inspired to conduct future attacks, especially at symbolic sites that attract large
Australian Security Magazine | 17
National
Critical Infrastructure Protection “A Heightened State” “Terrorism threat: Australian alert level raised to high; terrorist attack likely but not imminent”
by Steve Furmedge
O
fficially on September 12, 2014, Director-General of ASIO, David Irvine stated that he signed off on the recommendation to raise Australia’s national alert level, following three to six months of increasing concerns over the likelihood of a terrorist attack on home soil. This act would stimulate much concern, confusion and discussion within Government, industry and the community. After almost a decade of preplanning, the time had come for Australia to “Break the glass in case of emergency” and access our security plans to implement the inescapable. What does an alert level status change mean in the context of Critical Infrastructure (CI) and its operators? In the first instance, it was time for implementation and an end to contemplation. A simple, but official Friday afternoon announcement led to CI operators around the country cancelling weekend plans, as they scrambled to ensure enhanced security provisions would be initiated and implemented with some form of immediacy. National Critical Infrastructure The Australian Commonwealth Government defines its national Critical Infrastructure as, ‘those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic wellbeing of the nation, or affect Australia’s ability to conduct national defence and ensure national security’. This, by definition, creates an extensive list of operators and organisations. Moreover when the National Alert Level was increased/raised to “High”, resembling an actual terrorist
18 | Australian Security Magazine
event, executives and security director’s phone lines rang hot. Email traffic within the organisations and across state lines increased dramatically and priority meeting requests for the following week thrust their way into already over-burdened appointment calendars. Each relevant pre-planned security enhancement was implemented, with further improvements recognised by the day. As the dust began to settle, the implications of an increased National Alert Level made way for the analysis of individual industry and sector threat levels. As an example, after further risk assessments were conducted, the Transport Sector Threat Level remained at medium: meaning that there were no specific threats against the sector or Public Transport in general. Whilst this could offer some comfort to the affected operators, places of mass gathering remain globally predictable targets for terrorists. It would be remiss of any organisation to consider the sector threat level in isolation without the National Alert Level context. It would be incongruous if we, as a country were asking our community to become more alert and aware, without recognising that the community expectation on public sector organisations would also increase accordingly. This paradigm can be simplified by using a traditional business continuity approach. It is an opportunity for public accessed service industries to respond and enhance public confidence in times of uncertainty. Prior to the historical national security announcement, the Commonwealth Government had already produced preparedness guidelines that offered crucial support for operators to advance their security plans and counter terrorism arrangements. (Guidelines @ www.nationalsecurity.gov.au)
National
Whilst the Commonwealth Government has generated the guidelines to assist operators, they are not regulatory and their intent is to identify a methodical security planning process within a consistent national framework. The ultimate responsibility for the protection of critical infrastructure still resides with the operators themselves. With this in mind, individual operators need to demonstrate a true responsiveness to risk/threat, and discernible risk mitigations must be formulated. As specific security provisions are not prescribed or regulated, the rule of reasonableness, and due diligence would then apply. A heightened national security level status stimulates CI operators to review and implement, if required, enhanced security provisions, and can be best articulated and demonstrated through following a systematic phased approach to Counter Terrorism and alert level planning. Review and Assessment-gauging current effectiveness and future initiatives Organisations primarily need to review and assess that their current documented security provisions for “medium” had been implemented before instigating the subsequent higher level provisions. With the contrast of a High national level and lower individual sector levels, CI operators should consider the appropriate partial or wholesale implementation of pre-planned provisions consistent with those threats i.e. internally the organisational provisions may be at medium but after thorough analysis, the implementation of several high alert level provisions may be appropriate. The consequences of an actual terrorist event that results in the loss of lives is extreme, both from an ethical and legal standpoint. As accountable organisations, any prearranged current security provisions, need to be identifiable and qualifiable to withstand external or judicial scrutiny. (“Esse quam videri” To be, rather than seem to be) This assessment phase provides the opportunity to review all security polices, procedures and training to test their effectiveness and rectify any vulnerabilities prior to an actual event occurring. Communication and Liaison-maximisation of resources and developing assurance If the London transport bombings of 2005 taught the world anything, it was about post event recovery. Feedback from the investigation process has shown that interagency cooperation and long established relationships proved crucial in business continuity. In times of heightened risk or alert status, organisations need to adopt a holistic ‘one in, all in’, approach and not be hesitant to share security strategies and information with other trusted CI operators. (Hydra approach: many heads, many ideas) Operators should not be constrained in its networking by imaginary geographical borders. The opportunities arise to test and open all communication conduits, both internally and externally; employees as well as the general public require a suitable level of understanding to have confidence in the individual organisation and their own personal safety. Terrorists rely on cells and networks to be effective, CI operators should do the same. As the social framework within the security risk realm evolves, it presents opportunities for organisations, and businesses to form symbiotic relationships
“It is not the strongest of the species that survives, nor the most intelligent, it is the one that is the most adaptable to changes in its environment” with comparable businesses for joint benefit/resourcing. Some organisations utilise enhanced private security patrols, and employ a shared contract and resource arrangement with other like parties. Development of a Security Culture-engagement and acceptance of a new role for all staff Management and the workforce at all levels need to be engaged to truly understand the need for proactive security. The development of security plans, policies and procedures are reliant on implementation and adherence. Both of these principles will always contain a human component. The security wise culture is fashioned by small sequential steps, but all in the same clearly defined direction. A culture of pride and best practice can be created by engaging staff through the acknowledgement of their current role and communicating a potential enhanced function building up to this event, and beyond. All Australians must recognize that evolving global threats have penetrated our domestic front; it requires us all to embrace a security facet to our daily role no matter what we do. When an organisation is responsive to change, it begins to develop tangible resilience and resistance, to threats and risks. One interpretation of Charles Darwin’s “The Origin of Species” and the theory of evolution affords lucidity when considering future proofing. “It is not the strongest of the species that survives, nor the most intelligent, it is the one that is the most adaptable to changes in its environment” Any impingements to our daily lives created due to the terrorism threat are now a reality. We cannot live in the past. We can only embrace strategies to ensure our future. Learn from historical experiences, develop your organisational culture; develop your contingencies and most of all be proactive in leading the industry, don’t follow. About the Author Steve Furmedge is a 28 year Law enforcement/ security professional. During his career with the Western Australian Police Service he spent 13 years with the Bureau of Criminal Intelligence in the specialist field of Covert Operations. After completing university degrees in Judicial Studies and Corporate Security Management, Steve further enhanced his studies in Criminology, Psychology and behaviour modification techniques. In 2002, Steve was appointed to his current position, and is the Director of Security Services in charge of all security provisions for the Public Transport Authority of WA.
Australian Security Magazine | 19
C I L
O P National
Police Strategy
A review of police tactics in light of the Martin Place siege by Fraser Duff
20 | Australian Security Magazine
T
he public may be very interested to have a more detailed appreciation of how the hostage incident could have ended without the loss of innocent lives. I note an article which appeared in the Sydney Morning Herald seeking feedback on the tactics used by Police, citing support from a former Deputy Commissioner Clive Small. While the former Commissioner discounted the use of Police Marksman, the Police mindset on how best to respond to ideological terrorist affiliated individuals may need to change in view of the tragic event in Martin Place. There are other viable options available to Police, which could have been used on the day including the use of Police Marksman. However, engaging these options would require a strong commitment and courage from the Commissioner of Police. I say this because there would be considerable political fallout and public criticism of senior Police and Politicians from some minority groups. As a former founding member of the Tactical Operations Unit which carried out the Emergency Action response to recover the hostages, I have a detailed understanding of what options were available to Police on the day. This takes
After September 11 the world changed, hostage takers were now consumed with the taking of innocent lives at whatever cost, while sacrificing their own for their beliefs and for martyrdom. nothing away from the incredible courage of the officers who exposed themselves to extreme danger to protect the lives of the innocent. However it may challenge the conviction of Senior Police and Politicians. The options available to Police are varied, but I will refer to the tactical options and Iâ&#x20AC;&#x2122;ll explain them in detail so the public can be the judge of what they feel would be in the best interest of the innocent. The most favoured Police option in a hostage situation is
National
the Contain and Negotiate. This has been a very successful tactic for domestic related criminal type incidents i.e. hostage incidents and robberies gone wrong etc. It was developed in the 1980’s primarily through the FBI hostage negotiators to deal with incidents that were not necessarily ideologically and terrorist based. However with the rise of Al Qaeda and the September 11 attacks it is not adequate to put all your faith behind one approach at the exclusion of engaging other tactics. In a changing ideological environment with new and unique circumstances it is not necessarily going to produce the best outcome with terrorist minded individuals. After September 11 the world changed, hostage takers were now consumed with the taking of innocent lives at whatever cost, while sacrificing their own for their beliefs and for martyrdom. The Contain and Negotiate works very effectively when you have a person who is perhaps distraught and suffering mental illness, suicidal and possibly holding a family member or themselves hostage and threatening to cause themselves or others harm. They often need help, support and clarity in thinking and the Police negotiators can provide this support and achieve a peaceful resolution and have done so on many occasions. However, 17 hostages and a fanatical ISIS ideology is a different equation and you can’t just apply the same model over and over again in the hope that it works in all circumstances. To do so would suggest a lack of situational appreciation. With the rise of the “Islamic State” (ISIS), the world has changed even further in terms of terrorist incidents, but the Police Command may have not. If the predominant view is that we believe we can negotiate an outcome in such circumstances, then you need to consider; what ultimate outcome are fanatics really pursuing? Is a call to the prime minister and an Australian flag really what they are after when they align with ISIS….surely not. In terms of Tactical Policing there are two options. The first is referred to as a Deliberate Option (DO): This option gives Police the greatest advantage as they make a decision to end the siege at a time of their choosing by engaging all tactics available to them including having marksman (sniper) and Police Assault Group coordinated actions. Police make a decision to end the siege which is planned, deliberate and rehearsed. In the case of a terrorist incident where hostages are taken and harm or death is imminent then this option affords Police the greatest tactical advantage and the hostages the greatest chance of survival. Marksmen can initiate the assault and create surprise and tactical advantage, which is then capitalized on with speed and accuracy. If the media had a clear view of the gunman through the window, then more than likely the Police Marksman with their resources and the available intelligence (especially in light of the escaped hostages) would have an even better view of the gunman and he would be well covered with a range of specialist equipment and imagery. Police Marksman are exceptionally well trained and more than capable of successfully engaging a target from that short a distance even through safety glass with hostages in close proximity as documented by research. The engagement of the target via marksman affords the hostages the greatest chance of success, but it means the inevitable demise of the hostage taker and
The Bullet is stable and will produce consistent and predictable groups under 5 inches in diameter at 5 metres glass-target distance. A quote from the research author, “If a marksman had to make a shot where the available target area is small, a 90 degree shot would result in an accurate and predictable impact. the associated political fallout. I note that the Police Commanders and Politicians would not use the word ‘Terrorist’ in their discourse even though this individual openly displayed and declared his affiliation with ISIS. A group of Islamic radical fundamentalists who purport to kill any non believer; non Muslim or Muslim alike who doesn’t align with their ideology. After declaring his allegiance to this cause, the implications towards the hostages become far more significant. He even told the hostages he was going to kill them and one of the hostages was seen on TV drawing a finger across her throat to the cameras signaling in desperation what was inevitably going to happen. This is a desperate plea for help, signaling that the situation is now dire. It’s a virtual call of “please save us now before it’s too late”. By continuing to treat this threat as a domestic hostage incident tactical police who were on standby were in my view ultimately deployed for the least desirable option. The option of last resort, which takes away any tactical advantage the Police Assault Group may have. This is the Emergency Action (EA) where the hostage taker starts killing / shooting hostages. At this point Police are coming off the back foot and have lost any advantage. They and the hostages are now exposed to the greatest level of risk as the Police scramble to try to gain entry and save the surviving hostages. Why is it that innocent people have to die before we engage with deadly force? Why do we care so much about the hostage takers? Are their lives really more important than the hostages? It’s not about being right…it’s about doing the right thing in such circumstances to protect the innocent regardless, that’s our commitment to them. If an incident is declared a terrorist incident then more options become available to the state to resolve the matter, including engagement of the military. Their tactics are to use deadly force and they will engage with a Deliberate Option Plan and have their Emergency Action in waiting until they are ready to strike. This option has without a doubt the highest chance of success for saving lives where death is imminent. This act however requires the Commissioner to hand over control to the military commanders. No State Tactical Police Team would ever consider their capability to be comparable to that of the military for this type of operation. The military develop all the tactics and help in training the Police. They specialise in these operations and train day after day until they can do it with their eyes closed. They measure success on how many lives are saved through
Australian Security Magazine | 21
National
‘The penetration research indicates that, subject to angles and distance, a coordinated and simultaneous multiple marksman option may not have been critical to the success of the outcome’ executing speed, precision and accuracy. I firmly believe from experience that the Martin Place incident could have ended with all hostages alive, as opposed to the unfortunate circumstance whereby two innocent people lost their lives. It seems we are more intent on protecting the hostage taker from meeting a violent end. The Commissioner was not prepared or perhaps, with the limitations established by current thinking, able to realize the threat, including it’s probable implications to the lives of the hostages and act accordingly. he all important question now is would the same decision making frameworks be applied to future incidents? Critical reflections must accompany this incident. Detailed review of decision making and the logic applied to deductive reasoning for situations that reflect the current and future environment must all be re-considered. Hard questions will need to be discussed and less popular options considered to ensure key lessons are learnt. The Commissioner can’t afford to be content with current thinking if the end result only duplicates what has just been experienced. In terms of providing another perspective aside from that of Clive Small as reported by the Sydney Morning Herald with respect to the use of snipers. I’d like to highlight some very interesting research that was collated with the assistance of a colleague of mine, himself a previous police officer and designated police marksman. Central to the discussion about whether a sniper option can be credibly considered, and to assist efforts for future strategies, it is worthwhile highlighting the researched results from studies on rifle bullet deflection against commercially tempered glass. A 1994 study was carried out as a thesis presented to the Faculty of the Department of Criminal Justice at California State University and utilising facilities, equipment and ammunition courtesy of Edwards Air Force Base Combat Arms Training branch. All results published. The study used a.308 calibre (marksman) ammunition fired against 1/4 inch tempered glass. Ammunition can have many different design characteristics. Figures related to this study were carried out on full metal jacketed rounds (including comparisons to soft point and hollow point rounds). Other rounds exist that are more capable of penetration without these deflection, deformation and fragmentation issues. The equipment augers well as a good comparison perhaps to the scenario at Martin Place. There are finer points regarding round jacket and core separation, loss of velocity, deflection and fragmentation spread, but the summary I’ll recite gives quite a comparative picture. Findings confirm firstly at distances anywhere between
22 | Australian Security Magazine
4 metres and 100 metres separation between the shooter and glass, that the rates of deflection, deformation etc are all consistent. Assuming that this was an equivalent range (unlikely a marksman will be firstly firing through glass immediately in front of their position) - these findings will apply. So long as the distance between the target and the glass is within 5 metres, then again, these statistics can be considered to apply. Basic result – The Bullet is stable and will produce consistent and predictable groups under 5 inches in diameter at 5 metres glass-target distance. A quote from the research author, “If a marksman had to make a shot where the available target area is small, a 90 degree shot would result in an accurate and predictable impact. A preliminary shot to eliminate glass would not be necessary.” Furthermore the bullet is predictable at all strike angles between 45 degrees and 90 degrees - with differing predictable effects based on the angle of strike. Firing 90 degrees to the glass (straight on) has produced consistent figures (with variables taken into consideration) of a core deflection of .59 inches (at 5 metres glass-target) with a lethal circle (fragments incorporated) of 2.94 inches. This is certainly giving credence to the acceptability of a marksman option if these angles, distances etc were presented. Beyond the anecdotal, it’s scientific studies on rounds and predictable effects on glass that best inform the sniper option. I think you’ll agree that the opportunity to employ a Marksman option would have been a very realistic option in the Martin Place incident, by either the Police or Military with due consideration to the likely impact of a round on glass in varying conditions as cited above (despite what others say). Due to its broader arc, lethal fragmentation is the only real concern, and this is only really a factor if hostages are within very close proximity. At a tactical level, consideration needs to be given as to whether to use an orchestrated 1st and 2nd Marksman shot or single Marksman. The penetration research indicates that, subject to angles and distance, a coordinated and simultaneous multiple marksman option may not have been critical to the success of the outcome even though it would be preferable to further support success for the most important outcome of all – to save the lives of all hostages. (i.e., immediately immobilizing the threat to best minimize further harm to innocent hostages).
Good News:
Bad News:
this employee loves working in an open office environment.
she’s working on confidential payroll information.
Keep visual hackers in the dark. With today’s privacy concerns and regulations, organizations can’t afford to take chances. Help protect confidential data from prying eyes by requiring 3M™ Privacy Products on all your screens. Learn about all our products to prevent visual hacking at 3Mscreens.com/VisualHacking. Privacy is the best policy.
Privacy Solutions for Organizations 3M is a trademark of 3M. ©3M 2014. All rights reserved.
National
Is There A Better Way? by Emanuel Stafilidis CPP
24 | Australian Security Magazine
C
ritical Infrastructure operators are quickly discovering that to adequately protect their premises, more electronic systems are required. The traditional security systems such as Intruder Alarm & Access Control Systems, CCTV, Perimeter Intrusion Detection, Pedestrian, Vehicle & Car Park barriers & Systems, Duress systems and Intercom systems are not the only systems that are required. The security monitoring location (onsite security control room) also must monitor the Visitor/Contractor Management system, Building Management system for Mechanical & Electrical incidences, Fire & EWIS, UPS & Power Back Up systems & Generation, Lighting and Ethernet network for any changes that may impact the site. Security managers must also concern themselves with the Asset Tracking and Social Media activities that relate to facilities and the organisation generally. Of course the security personnel will need to communicate with each other and all other parties on site so they will also use the phones, 2 Way Radios, Intercoms and the Public Address systems. The above doesn’t mention add on systems used to better protect the facility such as Biometrics and Video Analytics. There may also be other site specific systems that may be installed such as Key Safes, RFID systems, Mobile Phone Detection systems, etc. The list of systems mentioned here are the obvious ones that are generally installed in most critical infrastructure sites. Depending on the site, even more systems may be used. This is a large number of systems for security operators to manage and monitor.
With all these systems there are a number of issues and complications that must be addressed. • How easy is it to learn all these systems and operate them? • How many monitors must the operators keep their eye on to make sure they don’t miss anything? • When an event occurs, how stressed does the operator become and therefore how many mistakes could be made under pressure? • How many policies and procedures relate to all these systems and how confused are the operators? • Most importantly, what is the speed and precision of the current security staff to action alarms and events? • How difficult is it to conduct an investigation? Is there an efficient method of gathering the information from all these systems and collating them into time order so as to create a clear picture of the event? Basic High and Low Level Integration of systems does help by improving the speed and precision for some alarms and events but certainly not all. Integration also decreases the number of screens to be viewed and reduces the number of tasks to be performed by the operators. Integration however, does not assist with training, stress, policies & procedures and investigations. Alternative methods must be used to solve these issues. To solve these issues the security industry globally is turning to Physical Security Information Management (PSIM) systems. PSIM has become an accepted term within the security industry and this acronym is starting to pop up
National
everywhere, even in technical specifications. Other similar reference names include; Security Management System, Command and Control System, Central Supervisory System, etc. PSIM is typically a software solution that has been in the security industry for about 10 years. Originally PSIM’s were purpose built for specific applications and clients, however as the technology advanced and duplication was realised, PSIM’s have become a commercial off the shelf solution that fit many industries in todays’ security market. A true PSIM has the ability to integrate with any system or device and is therefore non-proprietary. PSIM’s add tremendous value to organisations that have a number of disparate security systems as they are a single human machine interface for all the security systems. Essentially PSIM’s are a single Graphical User Interface (GUI) for the multitude of disparate security sub-systems that are managed by security operators providing tremendous situational awareness. Understanding if the facility/operation/client needs a PSIM can be determined in a number of ways however generally the answer lies within a few requirements. First, the speed & precision required to respond to critical events and the second is the number of sub-systems. Sure there are many other things that can help determine if a PSIM is required and there are many benefits however generally if the customer has a number of sub-systems (say 4 or more) and it is critical that operators respond quickly and accurately to alarms and other critical events, then it is likely that a PSIM will add considerable value to the point where the purchase is required. It must be understood and appreciated that some clients just don’t need the speed and precision delivered by a PSIM. At some locations the security is just not as important as other systems and this may influence the purchasing decision. The major benefit of a PSIM is that it integrates ALL security systems regardless of old or new make, model and class. Be aware that not all systems are actually PSIM’s. An easy way to differentiate between a PSIM and other systems that are marketed as a PSIM, is to identify if multiple security systems such as Access Control systems and/or multiple Video Management systems can be integrated. If the PSIM manufacturer will not easily and openly integrate competing products, then this system is not a PSIM and therefore may not deliver all the features and benefits desired, and may also lock you into proprietary solutions at the sub-system level. As an example, some access control manufacturers market their software head end as a PSIM, however when pushed to interface a competing access control system there are a number of complications. Firstly, will both companies release their interfacing module to each other, as they are competitors. Secondly, multiple databases need to be managed. Thirdly, multiple technologies need to be interfaced, not just video, analytics, perimeter detection and/ or a key safes, but also Intercoms, 2 way radios, lightning detection systems, RFID, mobile phone detection, building management including lighting control and much more. For many reasons including; acquisition, expansion, procurement guidelines, etc. a security operation can have multiple security sub-systems such as Video Management Systems that form part of the overall solution. All these
PSIM is typically a software solution that has been in the security industry for about 10 years. Originally PSIM’s were purpose built for specific applications and clients, however as the technology advanced and duplication was realised, PSIM’s have become a commercial off the shelf solution that fit many industries in todays’ security market. disparate systems need to be operated and managed by the security personnel. A PSIM gives an organisation the tools to seamlessly integrate all disparate systems so the organisation can meet its key operational business needs. Control Room personnel can simply learn and control a single system, the PSIM, eliminating the need to understand and operate multiple systems, and providing the opportunity through integration to customise the look, feel and response process across multiple systems to meet the customer’s needs. Irrespective of how large or small the protected area, a PSIM delivers a Security Ecosystem that provides complete situational awareness. At a glance security personnel can immediately see if there are any alarms or if maintenance is being conducted in any location, the status of the subsystems, number of alarms in the stack from all systems, any intercom calls that need to actioned, etc. Personnel can apply an adaptive workflow including clearly defined procedures to follow, for each event. Best practice is applied with real time information presented, regardless if the sub-system is old or new. There are many functions of a PSIM and obviously the requirements for each client will vary, however as a minimum the solution should collect and analyse the data gathered from all the sub-systems. This information should be presented to the operator in a predetermined format enabling the operator to efficiently understand and action any situation. As all the systems are present in the single GUI, the operator could receive data from these sub-systems in various formats but typically the data is displayed as text or by way of icon changes on a map. When the operator chooses to action the event, the operator will click on the text or icon and they will automatically be provided all the information associated with the event and realise the benefit of integration. The information from various systems is presented at the same time providing the operator a complete picture. A really good example of this is the activation of a mobile duress alarm by a patrol guard. The PSIM should display the location of the guard on the map and automatically present the live images of 2, 3 or more cameras in the area of where the guard is located. The system should also take any other automated actions as may be deemed appropriate such as locking doors. The location of other patrol staff in the area should be visible, access control doors and other security devices that may be of assistance/controlled should be visible. The PSIM should eliminate the need for the control room operator to think about where the patrol guard is located and
Australian Security Magazine | 25
National
therefore eliminate the need to think about which cameras to select, who is close by to provide assistance, where additional resources are currently located, etc. All the information required to manage the alarm is immediately presented and ready for action. A common integration is the connection of audio systems including 2 way radios, intercoms, public address and phone systems. The control room operator utilises their desk top microphone and speakers (or headset) to communicate with guards on their 2 way radios, intercoms and answer phone calls. In the example posed above, the control room operator could click on the icon depicting the guard and instantly establish verbal communications. With a further click or 2, the control room operator could make an announcement to all guards to their 2 way radios or to the entire site via the public address as required. Unprecedented value is added by the PSIM when the integration of contractors 2 way radios is integrated at the touch of a button. The PSIM should provide the operator the ability to respond to any situation more efficiently with additional information, which is presented in a clean and well-laid-out display. The benefits of integration to a dedicated GUI should be realised with the management of every single event. The PSIM should include all the Security Operating Procedures (SOP’s) and present only the relevant SOP’s for each event. I.e. When a Duress Alarm is activated the SOP’s for this event are automatically presented so the operator can perform the task as efficiently as possible. The operator should also have the ability to enter notes and detail their actions into the PSIM. These comments should be stored and recorded with the event for future reference. The PSIM must retain a complete audit trail in chronological order of everything that happens on the PSIM and every sub-system in a single repository. The system should also list or show the actions taken by the operators of the PSIM. A clever system may even record the workstation displays like a camera input. In this day and age Geo-Mapping should be provided as a standard feature. This mapping feature should essentially operate like Google Earth or Google Maps, however the load times should be virtually instant. There should not be any delay waiting for pages or maps to load. The PSIM should update the status of the points from each sub-system every second or faster. Delays resulting from systems updating, such as map loads should not be tolerated. The PSIM should facilitate alarm and event searching as all recordable movements from each sub-system are stored within the PSIM’s audit trail. Investigations are easier, more accurate and conducted in a more speedily fashion simply because all the information is available in a single location. Many PSIM’s provide a Training simulator which replicates system behaviour. The connection of sub-system equipment is not required and generally there is no specific separate development required to provide the training system. There are many benefits with having a training simulator. Firstly, training can be made available prior to real system completion and secondly, any changes to the operational system are reflected in the training system. Often an overlooked benefit of a quality PSIM is that it
26 | Australian Security Magazine
In this day and age Geo-Mapping should be provided as a standard feature. This mapping feature should essentially operate like Google Earth or Google Maps, however the load times should be virtually instant. There should not be any delay waiting for pages or maps to load. will eliminate desk top clutter within the control room. As all the systems are integrated and operated from a single system, the result is that an operator simply uses a few monitors, keyboard, mouse, joystick, intercom and/or telephone. All other devices such as multiple 2 way radios, paper based SOP’s, intercoms, keypads, switches, little sticky notes, etc. are all eliminated to reveal a clean and efficient control room. De-cluttering the control room always results in wellorganised, capable & happy control room operators and a safe & secure premise. Emanuel Stafilidis CPP has over 25 years experience in the Security Industry and is Business Development Manager at Saab Australia. www.saabgroup.com/au
27th
ConferenCe
Security riSk management getting it right ! 31 August – 2 September 2015 National Convention Centre Canberra for registration enquiries:
SIG@conlog.com.au for furtHer information:
www.ag.gov.au/sig
the annual sig Conference and exhibition is the largest gathering of government and private sector protective security practitioners in one conference in australia.
the sig 2015 Conference program will: • consider the evolution of security risk management in recent years; and • focus on case studies, best practice and current and emerging strategies available for getting security risk management right. senator the Hon george Brandis qC, attorney-general, will give the opening address at sig 2015.
Australian Security Magazine | 27
National
Threat Management:
An organisational intelligence led approach that focuses on the threat actor. by By Matthew Curtis and David Harding
28 | Australian Security Magazine
O
n the 2nd of June 2014, two armed attackers threatened staff and robbed the Mortdale Hotel in Mortdale Sydney Australia. On the 5th of June 2014, at the Wentworth Park Hotel in the Sydney suburb of Homebush, armed attackers stormed the hotel carrying machetes and pistols and conducted a robbery. During the robbery several staff and patrons were threatened, some were injured. On September 11, 2001, in co-ordinated and simultaneous attacks on various aircraft, a terrorist group was able to use the aircraft as missiles attacking four buildings in New York and Washington, in the United States of America. Finally as referenced below the Australian Institute of Criminology, has identified that professional criminals are not deterred by risk and security mitigation strategies. The above examples highlight the fact that although each site had appropriate and applicable security and risk management procedures in place that were specifically designed to mitigate such attacks, the criminals or terrorists were still successful. The case of the aircraft hijackings illustrates the difficulty within risk assessments of predicting the low probability but high harm incident rates. The case of the hotel attacks illustrate that professional criminals can circumvent security and risk mitigation procedures through good planning, preparation and intelligence gathering. Given the extensive cost in both human and financial terms of the above examples, it might be prudent to utilise additional concepts and methods to prevent such attacks. One way to achieve this is to supplement current risk and security management strategies with additional strategies that focus on the person, or persons, that could make the attack. This concept is called Threat Management, and to understand this
concept, it is first necessary to appreciate how it differs from Risk Management. Dictionaries generally define the word ‘threat’ to be the intention to cause harm. This implies that a threat is made by those with the ability to make rational and conscious choices. This means that threat arises from a person’s, or group’s conscious decision to cause harm. Threats are measured by assessing a person’s or group’s capabilities, their past performance and history as threat actors, and other indicators such as media statements, public rhetoric and levels of community support. Conversely, the generally accepted Risk Management standard (AS/NZS ISO 31000:2009 Risk managementprinciples and guidelines) defines Risk to be the ‘effect of occurrences on objectives’. Risk focuses on occurrences or events. Risk is event driven and measures the likelihood of a particular event and the harm that that event could cause. If the two concepts are to be compared, Threat focuses on the intention to harm, Risk on the specific events or occurrences. Threat is assessed by measuring a person’s or group’s intentions and their capabilities. Risk is assessed by determining the likelihood of a particular event or conceived scenario, and the harm that that event could cause. The two concepts are distinct, as are the methods needed to assess and manage them. Threat Management can be defined as ‘the coordinated management of resources to guide, counter, or neutralize the behavioral process taken from the development of criminal intent up to the point of actuating a crime or other harmful action’. Threat Management focuses on human-centric threat actors. This means that one of the first priorities is to
National
identify the threat actor, their intentions and stage they have reached in the attack planning cycle that consists of planning, preparation and intelligence gathering. Once identified, resources can be assigned that can guide, disrupt, counter or neutralise the threat actor’s intentions and capabilities. Traditional risk and security management concepts would suggest the questions, “Why focus on the person who is going to commit the crime?” and “Shouldn’t Security Risk Management strategies mitigate the criminal intentions?” Unfortunately, Security Risk Management Strategies do not. No matter how thorough the security and risk mitigation strategies are, they will be static in both time and location. This gives the professional criminal the opportunity to develop their own strategies to overcome or circumvent the security and risk strategies that have been put in place. As Smith and Louis of the Australian Institute of Criminology identified in the report ‘Armed robbery in Australia: 2007 National Armed Robbery Monitoring Program’, professional criminals are not deterred by security and risk mitigation measures put in place by an organisation. Professional criminals will simply plan a method to overcome the security measures. For the organisation that must develop strategies to counter the professional criminal, investing resources to identify and disrupt the actual criminal are called for. This is especially so in the current security environment that is becoming more ambiguous for all, including law enforcement and national security authorities. Potential targets need to take much more responsibility for their own security in relation to threat actors.
method of attack, the identification of resources required, and perhaps undertaking some form of general intelligence gathering into types of and applicability of targets. Preparation may include the gathering of resources necessary to carry out the crime. For example, a terrorist group intent on placing an improvised explosive device at a particular location will need to gather and prepare the explosive materials, and also place it at the chosen location. Intelligence gathering by the threat actor may occur at two points during the criminal development process. Initially the threat actor may need to identify a target that is appropriate to the threat actor’s aims and competence. This form of intelligence gathering could often be achieved through the routine activities that criminals engage in. For many criminals the target locations are those that they have had some form of exposure to. In criminology this is called Routine Activity Theory. The criminal or terrorist will also need to gather specific intelligence that is relative to the intended target. Ultimately, the criminal will need to have knowledge of the security arrangements around the target, its vulnerabilities and how best to exploit them to attack the target. This level of detailed intelligence can only come from specific surveillance and reconnaissance of the target. In some cases this information can be gained through legitimate cover engagement with the target and its personnel. In addition, and of particular importance, the threat actor may conduct reconnaissance and intelligence activities in person, so as to gain a first hand, and eye, knowledge of the potential target.
The Criminal Development Pathway Model
Organisational Integration
For managers with responsibility for the protection of assets and persons from deliberate attack by criminals, terrorists, or other hostile threat actors, an understanding of the processes and pathways exploited by these groups is vital. Understanding the development of criminal intent to cause harm, the types of groups that these individuals will gravitate towards, and the planning, preparation and intelligence gathering that is undertaken prior to an attack, can suggest interventions that can prevent criminal, terrorist or other attacks. Threat actors, such as criminals and terrorist often follow an identifiable and predictable pathway of development. This development commences in the community that the individual originates from, where there is an acceptance of a particular illegal activity. However, such acceptance does not necessarily mean the intention to commit the crime, rather that the community accepts a particular behaviour. An example may be as sublime as “It is all right to take something from someone that can afford it”. Potential threat actors tend to seek out other likeminded individuals. Here, the potential criminal will further reinforce the belief system that the conduct of a particular activity is acceptable behaviour. Individuals at this stage will gravitate towards gangs, groups, chat rooms or in the case of radicalisation, religious sub-groups. The next stage will see intentions turn to actions. Here the potential criminal commences physical actions to plan, prepare and gather intelligence on an appropriate target. Planning may consist of the development of an appropriate
However, understanding the criminal development pathway is only one segment of Threat Management. By utilising this knowledge, an organisation can integrate an intelligence gathering process that incorporates direct feeds of information from the varying communities that the organisation has contact with. In today’s dynamic security environment, an organisation that proactively responds to changing threat actors and risks will have the best outcomes. Good intelligence processes are a critical factor in organisational response and resilience. In addition, implementing processes to enable these strategic goals is recognised as good corporate practice. At the strategic level, such a system would detail enterprise-level intelligence requirements, feeds and analytical processes to provide management with early outcomes. Operationally, localised intelligence could focus on the security domain of the organisation itself and draw from the surrounding community where possible. Also, a wholeof-organisation approach with a trusted insider focus could maintain a clear commonality of purpose to the vectors or enablers of strategic threat. Such a system could provide intelligence feeds via tailored intelligence networks that could inform judgements about strategic threat. This is an all-sources approach, and for major organisations could include Government (National and State security and law enforcement authorities), members of the business community (like-minded organisations) and the wider community in relation to local and localised threats and
The criminal or terrorist will also need to gather specific intelligence that is relative to the intended target. Ultimately, the criminal will need to have knowledge of the security arrangements around the target, its vulnerabilities and how best to exploit them to attack the target.
Australian Security Magazine | 29
National
threat actors. Additionally, in today’s multimedia environment the monitoring of data from social and other media in the public domain should also be considered. The principle driver of intelligence activity needs to be an evidence-based understanding of the security, threat and risk environment. Such an understanding could also identify gaps in the organisation’s knowledge of threat actors and risk, and in its ability to obtain intelligence on threat actors and risk events. An understanding of intelligence needs within the organisation, its decision-making processes, business units and individuals that require intelligence support could be the basis for definition of intelligence requirements and in turn, the most appropriate sources to be developed for that intelligence. This will require the development of policies and conventions to execute an intelligence cycle within the organisation. The intelligence cycle will typically include the implementation of processes that will enable intelligence targeting, intelligence acquisition, reporting, analysis, distribution to those who have a need to know, and feedback. The Application Process The next stage is to apply this knowledge and system to a process that will identify the threat actor, and then develop strategies that will guide, counter or neutralise that actors intentions. This process commences with the identification of the communities that an organisation comes into contact with. Each organisation will inherently have a variety of different communities that the organisation is geographically located in, communities that come into the organisation including through the internet, and those communities that the organisation has had business dealings with, including competitors. Each community should be assessed for their potential to harbour persons that could have intentions to harm the organisation. The community assessment should identify the list of threat actors that could have intentions to harm the organisation. This list, although it may not specifically identify threat actors by name, should have the actors identified with sufficient detail to allow appropriate decisions on whether to act and what actions should be commenced. Following the identification of threat actors, an assessment of each individual threat actor’s progress along the criminal development pathway can be undertaken. To make this assessment, intelligence gathering activities could be conducted by the organisation. In addition, this assessment could discover what targets the threat actors may have identified. Finally, through the utilisation of counter-surveillance, the organisation could be able to identify the stage that the threat actors are up to in their development pathway. In combination, these assessments can provide an intelligence-based picture of the threat actor’s intentions and plans. When the above information is gathered, an intervention plan can be developed. In essence, the organisation will have three options available to it, to guide, counter or neutralise the threat actor. If identified at the early stages of the criminal development pathway, the organisation may be able to implement strategies to guide the potential threat actor away from their intention to cause harm. Should the threat actor have already commenced their planning and preparation then
30 | Australian Security Magazine
strategies that counter or disrupt the threat actors planning can be developed. Finally, should the threat actor have conducted surveillance and be in the final stages prior to an attack, the only viable option may be the neutralisation of the threat actor. Following the implementation of the intervention plan, the organisation would be able to assess the results of the operation. Ultimately, the results could be that there was no event, or that the event was managed. If unsuccessful, and the threat actor was able to achieve their objective, then the event was unmanaged. This assessment could then lead to additional corporate learning, organisational responses and better business resilience. Conclusion This article has introduced the concept of Threat Management. The article has identified the Criminal Development Pathway that criminals and terrorist’s follow in their development of harmful intentions up to the point of actual physical attack. Understanding of this pathway could provide vital opportunities for the organisation to identify the level of intent and timing of intended attacks of the threat actor. Also introduced was a strategic plan for the integration of Threat Management into a corporation. Such an intelligence system could allow the organisation to determine the allocation of specific resources at specific and required times. This could provide the organisation with advance flexibility in the competitive marketplace. The intelligence system identified could provide managers with the opportunity to have better understanding and control in an increasingly ambiguous security environment. Finally, the process that an organisation could follow to identify the communities where a threat actor may originate from was introduced. By following the outlined process an organisation may be able to develop strategies that can guide, counter or neutralise a threat actor’s intent and actions. The model and process outlined in this article comes from a more detailed body of work that has been published in the Journal of Applied Security Research, titled Threat Management: The Coordinated Focus on the Threat Actor, Their Intentions and Attack Cycle. Or by following this link: http://bit.ly/1DbK6nK About the Authors Matthew Curtis Matthew is the Principal of Curtis Incorporated (www. curtiscorp.com.au). He has provided strategic security advice in the private and public sectors for 15 years, and has consulted extensively across these sectors in security risk, security and intelligence, national security and emergency management. David Harding David has over 30 years experience working within government and private security fields, including service in the Australian Army’s Special Air Service Regiment, and the Australian Federal Police’s Air Security Officer Program. As Director of Anshin Consultants, a Threat Management consultancy, David conducts threat management operations across the Middle East, Asia and Australasia.
A premier platform bringing Australia's leading industry practitioners together to share best practices in risk management strategies & frameworks across industry sectors
Melbourne | 20 April 2015 (Conference) & 21 April 2015 (Post-Conference Workshop) Sydney | 23 April 2015 (Conference) & 24 April 2015 (Post-Conference Workshop)
Featured Speakers Include: MELBOURNE Kate Hughes, Chief Risk Officer,
Telstra
Muir Watson, Chief Risk Officer,
Medibank Private
SYDNEY Shaun Dooley,
Executive General Manager, Enterprise Risk,
National Australia Bank
CLN Murthy,
Managing Director – Country Risk, Consumer,
Citigroup
Catherine Dube,
Alan Bardwell,
AIG
ASX
Chief Risk Officer,
Chief Risk Officer,
Geoff Alway,
Scott North,
Victoria Police
Credit Union Australia
Chief Risk Officer,
Patrick Ashkettle, Chief Risk Officer,
Chief Risk Officer,
Michelle Mott,
Following the huge track record of success, the 3rd Annual Australian Risk Management Leaders Forum is back for the third time, bringing Australia’s most influential risk management leaders together to provide you with the latest industry thinking, topical issues and practical risk strategies. Delivered by an esteemed line-up of CROs and heads of risk management from the nation’s leading organisations, this forum will provide you with an unrivalled networking opportunity, awareness of the most pressing risk management issues and the opportunity to benchmark against industry best practices.
Don’t miss the Post-Conference Workshop:
How to manage risk more effectively
Chief Risk & Compliance Officer - Pacific,
Mercer
Melbourne | 21 April 2015 Sydney | 24 April 2015
Kerrie Noonan,
Diona Rae,
National Australia Bank
GPT Group
Masterclas Leader: Grant Purdy
bankmecu
General Manager, Enterprise Risk,
Chief Risk Officer,
Associate Director
Broadleaf Capital International
Lucienne Layton, Executive General Manager, Corporate Services,
Superpartners
Kevin Bates,
Group Head of Risk and Insurance,
Lend Lease
Bronwyn Friday,
Jason Breton,
John Holland
Downer
Group General Manager, Enterprise Risk Management,
General Manager – Risk Management,
Mathew Hancock,
Andrew Monaghan,
Rio Tinto
Qantas
Principal Advisor - Risk Management, Group Risk,
John Yiannis,
Group General Manager Compliance and Risk,
Transfield Services
Media Partner:
Executive Manager – Group Risk and Audit,
KurayAslan,
Director, Group Risk Management,
Optus
REGISTER NOW! info@aventedge.com 612.9955.1495 REGISTER ONLINE WITH VIP CODE MP-ASM AND GET 10% EXCLUSIVE DISCOUNT!
www.riskmanagementleaders.com
Organised by:
Women in Security
Committed to the truth Sheila Ponnosamy
S By Kema Rajandran Correspondent
32 | Australian Security Magazine
heila Ponnosamy made history last September by being the first Asian woman to be elected president of the Council of International Investigators (CII), a US-based association that brings together more than 300 members from over 50 countries that network, share resources and refer work to each other all with an emphasis on quality. As Operations Director at Mainguard International, this 43-year-old Peranakan Indian woman may have had her destiny set out for her long before she was born. Daughter of Mr Ponnosamy Kalastree, a well known Singaporean investigator and security expert and Mrs Dora Kalastree, also a private investigator, both of whom have been in the field for over 40 years, it would be safe to say that it was only a matter of time before Ms Ponnosamy gravitated towards private investigations. With a Double Major in Management and Marketing and a Masters Degree in Business Administration, Ponnosamy worked as a conference producer in Perth for 10 years before returning to Singapore and becoming part of the investigations business. “This happened by chance as I was helping dad prepare an investigations report. He realised then that I had an interest and aptitude for the work so he gave me an opportunity to move to the investigations side of the business,” Ms Ponnosamy said. “Fortunately, I think we share the same passion for investigations so I don’t feel like I was being forced to be in the investigations industry.” Passion isn’t all they share, Ms Ponnosamy and her father clearly possess the right skills to pursue and solve cases as well as network and lead in their field. Mr Kalastree, who won CII’s International Investigator of the Year in 1998, became the Council’s President in 2001. Nine year’s later he would witness his daughter win the same award for her investigation
into an international human trafficking case. “I was very surprised to win the award. I do hope it was my father’s proudest moment.” “It was a 10 year investigation and the case was referred to me as the Subject of investigations was last spotted in Malaysia.” The subject was a woman with dual US and French citizenship who had disappeared from a healthcare facility in France with an Egyptian man. Her American mother had been trying to track her down for 10 years. Ms Ponnosmay was contacted in 2009 when the subject was traced to Malaysia. The woman was seemingly in good health but emotionally unstable and thought to be aggressive when approached. But it wasn’t just Ms Ponnosamy’s extensive investigative skills that helped her solve this case; her determination and passion also played a crucial part. “The case went pro bono as the client ran out of money so I worked on it in my own time for a year until the case was closed. I do attribute it to a lucky break though.” “Finally we located the subject and due to my efforts at persuading her “kidnapper” – she already had Stockholm syndrome – he put her on a flight back to the USA. I did not expect him to, but for me, anything is worth a shot, if you never try, you never know!” And it’s this ‘trying’ attitude that has seen Ms Ponnosamy’s career flourish in a male dominated industry. “Honestly, I do not really think too much about being a woman and being Asian, though of course, most investigators especially in Asia are men.” As my work is focussed in the Asia-Pacific region, I do tend to be able to provide more input from an Asian perspective.” Living and working between her two homes in Perth
Women in Security
“A lot of information is public in the USA and for them a due diligence is database checks. In Asia, I always encourage them to do ground work too as our databases are not always accurate, updated and accessible.” and Singapore, she says while it is a bit of a ‘Boy’s Club’ she doesn’t worry too much about building a profile or climbing the ranks, instead she just does her work. “It is more important to me to serve my clients’ needs as they are paying for our service.” Mainguard International’s clientele are mainly from USA and Europe resulting in plenty of challenges for the team based in Asia where most of the work is done. “A lot of information is public in the USA and for them a due diligence is database checks. In Asia, I always encourage them to do ground work too as our databases are not always accurate, updated and accessible.” As Operations Director, Ms Ponnosamy is involved from beginning to end of each case. She manages everything from the tasks that need to be undertaken, how to retrieve the information, she reviews all the information and then presents it to the client. “What I enjoy most is being involved in the case from A to Z. I secure the business as I serve as the client liaison.” Ms Ponnosamy’s involvement is exhaustive. For those wanting to move into private investigation be prepared for very long hours and sacrificing weekends with your family and friends. And don’t dream of becoming rich, it isn’t an industry that will rake in the dollars quickly. “I am blessed to have a supportive husband that knows my passion for the business. We have a similar work ethic so, we motivate each other with our time management schedules and he helps me with the domestic chores.” But don’t let all the hard work and limitations of being a millionaire put you off; private investigations really is as interesting and varied as it looks on TV, albeit without the glamour. “Every case that you get is different. Hence is it never boring. Every case has different requirements and you are constantly stimulated in your work,” she says. “There are so many cases in the past 15 years that do stand out. Too many to mention but some of them briefly: • Locating US singer-actress, Leandra Ramm’s cyberstalker • Working undercover as a fashion buyer in Indonesia to get legal evidence in a breach of contract case • Researching counterfeit cigarettes and locating the factory in Indonesia • Getting thrown out of an offshore bank in Singapore (I needed to proved that the bank was defrauding its customers and being unco-operative) • A missing persons case where a wife from Thailand turns out to be married to another man in Singapore and using a different identity • Finding people alive after they have been certified dead in several countries in Asia in insurance investigations cases.”
So what’s next for this hard working, ambitious, selfconfessed lover of crime thriller novels? “Hopefully I can do a PhD in my later years and if I do, I’d like to focus on the role of private investigations in combating hideous crimes such as human trafficking.” For now she is happy thriving in her role at Mainguard International and loves working with her parents. The combination of qualities they each bring to the table is evidently successful for the company that was established 30 years ago in Singapore. “We definitely need new and young blood in the investigations industry. To survive, you need to have an interest in the type of work – a desire to unearth the truth. “
Australian Security Magazine | 33
Cyber Security
Four steps to becoming an information good shepherd by Lee Meyrick
34 | Australian Security Magazine
D
ata breaches are expensive for organisations and hugely profitable for those in the business of identity theft, credit card fraud and cyber-espionage. The costs of a single high-profile data breach can be millions of dollars and take months to resolve even after being detected . One of the main reasons organisations take so long to detect and remediate breaches is that they are unsure where their high-risk data is stored and can’t target those systems for investigation. Instead, they must take the time to collect data from a wide range of sources which may include employees’ ‘bring your own’ devices. Alternatively, they can collect from a random sample of devices, but they risk missing the compromised systems. To further complicate the search, typically 80% of an organisation’s data is unstructured human-generated information including email and the contents of file shares. It often lives in proprietary formats such as email databases and archives that are difficult to search and understand. Meanwhile, the clock is ticking: data has gone missing, costs are building up and there is an ever-present risk that someone could exploit the same vulnerability again to do more damage. Knowing this, information security, information governance and records management specialists must become ‘good shepherds’ of their data to reduce the costs and extent of cybersecurity breaches. In this model, data shepherds know where all the sheep are, segregate them into separate fields, make sure the fences between fields are sound and regularly check to ensure the sheep are healthy and not due to be made into shepherd’s pie. In this way, even if a wolf manages to get
into one of the fields, most of the flock will be safe. Applying this model can have huge impact on how secure your organisation is from data breaches and how effectively you can respond to incidents – internal or external, deliberate or accidental. It also gives you a clearer understanding of what data is worth so you can concentrate on protecting the high-value data and easily calculate the return on your security investments. Here are four steps to becoming a good shepherd: 1. Defensibly delete data that has no business value Organisations store large volumes of electronic detritus. That’s data that has no business value because it’s duplicated, trivial, no longer used or past its retention period. It may contain unknown business risks or confidential information. While most organisations have strict compliance rules around how long they must retain data, once the retention period is over, the risks and costs of keeping that data greatly outweigh any residual value. Deleting this low-value data, according to predefined and legally sanctioned rules, reduces risks and also minimises the volume of data that could be compromised. This, in turn, reduces the scope of a postbreach investigation. 2.
Herd valuable data Many organisations have intellectual property and company records stored inappropriately in file shares or email attachments. Records managers and end users alike struggle to find the time to ensure records
Cyber Security
are always filed correctly. Information governance technology can locate these records ‘in the wild’ and move them to controlled repositories with appropriate security, access controls and retention rules. This makes it much harder for anyone to gain unauthorised access, and makes them easier to gain use or value from. 3.
4.
Enforce data security Increasingly strict regulations around data privacy and financial information make it imperative to hold personal, financial and health details of your employees and customers in the strictest confidence. But even when organisations set up controlled repositories for this information, it regularly escapes, whether through poor policies or employees not following the rules. By conducting regular sweeps of email, file shares and other unprotected systems, organisations can quickly locate and remediate unprotected private data. High-risk data should then be protected with appropriate encryption and access controls.
1)
2)
Maintain appropriate access controls Organisations should apply policies to ensure the only staff members who have access to important data are those who need it to do their jobs. It is also essential to regularly audit access controls on important systems and employees’ security profiles to ensure the policy theory matches reality.
A change of mind-set
Through these efforts organisations can minimise the opportunities for malicious or accidental breaches of important information. If you know where your data is, you can respond efficiently to breaches by first targeting the high-risk storage locations. This in turn means you can close information security gaps quickly before they can be exploited again. Lee Meyrick is Director of Information Management at Nuix. He has worked for more than a decade in planning and implementing data discovery and compliance systems and advising organizations how to use eDiscovery techniques to retrieve information from unstructured data. Lee has extensive experience with the US Foreign Corrupt Practices Act, the UK Bribery Act and discovering high-risk data for remediation. He has also trained organizations on using Nuix for corporate investigations and eDiscovery
3)
4)
Australian Security Magazine | 35
Cyber Security
Advanced Cyber Attacks: Understanding Privileged Account Breaches
By Dan Dinnar Vice President, Asia Pacific, CyberArk Software, Ltd.
P
rivileged accounts have become the largest attack vector that cybercriminals use to breach organisations for a variety of purposes such as data theft and cyber espionage. These accounts are the most powerful in any company, which is why attackers seek to exploit them in every advanced attack. In fact, privileged accounts are exploited every day by advanced and insider attacks to steal billions of dollars’ worth of sensitive information. This can be seen from the high-profile attacks that highlighted the recent cybercrime landscape. Therefore, if companies step up measures to protect privileged accounts, they can significantly reduce their network’s exposure to cyber attackers. The what and how of privileged accounts breach Privileged accounts have a set of credentials to access a particular system or several systems on a network. However, their credentials provide elevated, non-restrictive access to platforms that non-privileged users do not have access to. Privileged accounts are also used by system administrators for management and troubleshooting of network systems, running of services or enabling applications to communicate. This means that the accounts can be leveraged by malicious actors or insider threats to damage an organisation and its network. Sophisticated cyber attacks, regardless of the nature and motivation of the attackers, rely on exploiting privileged accounts to penetrate organisation’s networks and stealthily harvest data. If attackers access a company’s system through its privileged accounts, they are almost guaranteed to succeed. Having greater visibility and actionable intelligence on privileged accounts within an organisation’s IT environment will increase its ability to detect and disrupt breaches. A cyber security report “The Role of Privileged Accounts
36 | Australian Security Magazine
in High Profile Breaches” compiled by consulting firm CyberSheath, and commissioned by CyberArk, also found that malware variants are developed consistently to penetrate systems. The report noted that in recent times, cyber attacks that exploit privileged accounts also caused the greatest damage to both large and small organisations. It was found that the many accounts within organisations faced the following challenges: • • •
Local administrator accounts share the same passwords Privileged service accounts that do not expire and enable users to log on interactively Privileged account usage has poor accountability
Cyber attacks lever aged privileged accounts Several high profile data breaches had resulted in theft of intellectual property and financial losses last year. Majority of these breaches involved attackers exploiting privileged accounts, in spite of the different targets and attack motivations. The most well-known case of privileged account abuse was when the former NSA contractor Edward Snowden convinced his co-workers to give him their system credentials. According to Reuters, Snowden was working as a system administrator and might have asked close to 25 NSA employees for their usernames and passwords, claiming that he needed them to perform his job. This enabled him to use his elevated administrator privilege to scale to other part of the network to steal classified information. Over in Asia, there is also the case of a malware attack taking down the computer networks of three South Korean banks and two TV broadcasters in the country. The attackers
Cyber Security
had obtained an administrator login to a security vendor’s patch management server. They then distributed the malware as a software update, leading to an interruption in bank transactions, shutting down of ATMs and bank customers being unable to use their debit cards. Attackers targeting privileged accounts are also getting more advanced. According to a November 2014 CyberArk report which analysed the forensic experiences of the top cyber threat investigators, attackers are becoming more sophisticated in their exploitation of privileged accounts. Their methods include repeated exploits in service accounts, to embedded devices in the Internet of Things to establishing multiple identities in Microsoft Active Directory to ensure redundant access points and backdoors. What happens if you do nothing? Should companies decide not to secure their privileged accounts, it could result in their data being stolen, heavy financial losses, and loss of reputation. For example, a case study explored in the CyberSheath report was a fast growing company with more than 40,000 employees globally and annual revenue exceeding US$20 billion. This company had given almost all employees administrative rights to foster greater productivity. This resulted in 100,000 privileged accounts, of which 30,000 were traditional accounts that shared the same passwords. Unknown to the company, an Advanced Persistent Threat (APT) had resided in the company’s network and taken advantage of the situation to breach the network. The shared administrator password and lack of management and monitoring enabled the APT to stay hidden. This resulted in more than 200 compromised machines, more than 10,000 man hours of overtime, and a total breach cost of more than US$3 million over a period of six months. The company could have avoided the losses with an enterprise privileged account security solution. If the company had been able to manage their privileged accounts, they would have been able to avoid resource drain and data loss. When it comes to privileged account security, the cost of being reactive is measured once a company realises it has been breached. Despite continuous education and expert recommendations, many companies are still not taking precautions until they have been compromised, ultimately having to pay the price. Why companies are not doing anything This raises the question of why organisations are not making it a top priority to protect, manage and monitor them in the first place. Firstly, there is the issue of shared responsibility. The authority and management of these accounts does not usually reside with the Chief Information Security Officer (CISO) but the vice president of IT Infrastructure, or someone with a similar title. Companies also often think that doing nothing is the path of least resistance when it comes to striking a balance between ease of administration and protecting access to these accounts. Many organisations have not taken advantage of the solutions that protects both privileged accounts and
‘One method is manually protecting, managing and monitoring privileged accounts. However, it is not feasible for larger companies to manually audit the numerous privileged accounts on a daily basis.’
facilitates ease of administration through workflow approvals, mobile access and direct connections to managed devices. In the past, we had to wait for forensics to be conducted to discover which privileged accounts were compromised, but today such information is available with privileged credential management solutions. CISOs have also prioritised their resources to products that integrated new security solutions with their existing security investments. This approach breeds failure since more tools are purchased than can be effectively deployed by the existing staff. Organisations are also pushing the data they get from privileged session exploits into their security information and event management solution for real-time operational intelligence. It’s time to act Hence, protecting, managing and monitoring privileged account access is not only a business enabler for the IT delivery organisation, but also a critical strategy in the protection against advanced and insider threats. There are solutions for organisations regardless of resources and budget. One method is manually protecting, managing and monitoring privileged accounts. However, it is not feasible for larger companies to manually audit the numerous privileged accounts on a daily basis. It can also be prone to human error, which can result in millions of dollars spent on incident response, recovery and lost productivity. While it is the least mature and effective solution, manual auditing is better than having zero protection. A more effective approach would be to purchase and manage their own privileged account security solution or contract a managed service to provide a solution. The solution that protects, manages and monitors privileged users, sessions and applications while integrating with existing security investments brings the best value to large companies. Regardless of the approach, it is important to rollout a company’s security solution in a phased and organised manner. Otherwise, it will be overwhelming, especially for companies that do not have privileged account security solution in the first place. To conclude, majority of cyber attacks that resulted in data loss within large and small companies had their privileged accounts compromised. If CIOs and CISOs invest in safeguarding these accounts, they will be able to reduce risk and gain return on investment at the same time. Securing privileged accounts through automated solutions can help win the fight against APTs by reducing human error, overheads and operational costs.
Australian Security Magazine | 37
Available online! See our website for details
1 YEAR SUBSCRIPTION TO THE AUSTRALIAN SECURITY MAGAZINE
6 print issues per year for only $88.00 SUBSCRIBE TODAY... DON’T MISS AN ISSUE Yes! I wish to subscribe to the Australian Security Magazine, 6 issues (1 year). ☐ ☐
AUSTRALIA INTERNATIONAL
A$ A$
88.00
(inc GST)
1 YEAR
158.00
(inc GST)
1 YEAR
Yes! As an additional bonus I wish to receive direct to my inbox the Asia Pacific Security Magazine (emag), 6 issues (1 year).
No business or government organisation survives in a vacuum. Sharing knowledge is fundamental to the development of successful security planning and implementation. That is the role of our magazine: sharing knowledge of developments in security management for public and private sector organisations, both for internal management and for external obligations in public safety and security.
MY DETAILS
PAYMENT
Salutation: __________First Name: __________________________________________
Please find enclosed my cheque/postal order (made payable to MySecurity Media )
Surname:______________________________________________________________
for $ __________________ or debit my:
Job Title: ______________________________________________________________ Company: _____________________________________________________________ Postal Address:__________________________________________________________ Suburb: _____________________State: _________ Postcode: ____________________ Country: ______________________________________________________________ Email: ________________________________________________________________
38 | Australian Security Magazine
Card Holders Name: __________________________________________ Signature: _________________________________________________
Interested in our e-news service? Phone: +61 (8) 6465 4732 during business hours AWST (Australia Only)
Expiry Date:________________ Todays Date: ______________________
PRIORITY FAX Credit Card Details Australia +61 (8) 9467 9155
FREE POST My Security Media 286 Alexander Drive, Dianella. W.A. 6059
Email subscriptions@mysecurity.com.au
GST This document will become a TAX INVOICE for GST when payment is made. My Security Media Pty Ltd ABN 54 145 849 056
Within TechTime you will find the very latest information, news and products from a wide variety of security industries, ranging from cameras, computers, software and hardware.
AXIS Q6000-E Network Camera
To have your company news or latest products featured in our TechTime section, please email promoteme@australiansecuritymagazine.com.au
Latest News and Products Australian Security Magazine | 39
TechTime - latest news and products
Ethernet Australia introduces BrickCom bullet series network cameras Ethernet Australia has added Brickcom’s high grade network Bullet series surveillance cameras to its extensive range of communications and networking hardware. These cameras are IP67 rated, with high mega pixel sensors delivering clear and detailed images. With automatic focus, motion tracking and optical zoom the Brickcom Bullet series surveillance cameras are the perfect outdoor camera for neighbourhoods, school campuses, and parking lots. Each camera is equipped with a SD/ SDHC memory card slot for local storage offering HDTV Quality (Full HD 1080p @ 30fps Streaming), efficient H.264/ MJPEG/ MPEG4 codec compression, built-in IR Illumination effective up to 25m and SmartFocus® to easy remote focus and zoom. With six models to choose from - OB-500Ap V5, GOB-300Np V5, OB-300Np, OB-300Ap V5, GOB-200Np V5, OB-200Ap V5 the BrickCom bullet series has a camera to suit a wide variety of outdoor surveillance applications For more information visit www.ethernetaustralia.com.au
Artesyn Embedded Technologies launches two series converters for industrial equipment Artesyn Embedded Technologies announced two new series of 1 x 2 inch (25.4 x 50.8 mm) isolated DC-DC converters for industrial applications where high power density is required: the new AEE 40 W and 50 W series. A fully potted and shielded metal case construction makes the two new Artesyn AEE series an ideal choice for harsh environments and enables the modules to operate between minus 40 and 80 degrees Celsius. An optional clip-on heat sink is available to extend the thermal performance of the unit in a convection or forced-air environment. Both new series of Artesyn AEE modules cover an ultra-wide 4:1 input voltage range of 9 to 36 Vdc and 18 to 75 Vdc to cover 12, 24 or 48 V nominal input rails and tight output voltage regulation. The output voltage of the single output versions can be trimmed by plus or minus 10 percent of the nominal output. The 40 W series offers single-output voltage of 3.3, 5,12, 15 or 24 V or dual output versions offering
40 | Australian Security Magazine
plus or minus 12 or 15 V and efficiency levels of up to 90%. The 50W series offers single-output voltages of 3.3, 5,12, 15 and 24 V and efficiency levels of up to 92%. The converters feature low ripple and noise,
overcurrent protection, and isolation up to 1500 Vdc. An industry-standard pin out simplifies PCB design and the mechanical design of customers’ end product.
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Mojo Barriers designs new high fence product for the G20 Summit A brand new reinforced barrier system was designed by Mojo Barriers to help keep politicians, dignitaries and heads of state including Barack Obama and David Cameron safe during the G20 Leaders’ Summit in Brisbane, Australia from 15-16 November 2014. With over 4,000 delegates and 3,000 media descending on Brisbane to discuss a wide range of global economic issues, the system was required to create restricted zones across the city and form protective walls around the event’s venues, including the Brisbane Convention and Exhibition Centre. Coates Hire contracted Mojo Barriers to supply and install a unique barrier solution as specified by police and government officials. The resulting product, High Fence, consists of 1m wide and 2.4m high sections of reinforced aluminium barrier – the standard crowd control equipment from Mojo’s product range – with a see-through Polycarbonate upper, which is a durable and high impact resistance material, easily withstanding destructive attacks. Over 2,000m of the product was installed across the city by the company’s Australian team. Doors and gates were also manufactured which integrated into the barrier line, to ensure fire safety and access and egress regulations could be met. Cees Muurling, managing director at Mojo Barriers, explains: “The brief was to create a product to act as a deterrent and keep the public out of restricted areas. High Fence is quick and simple to install, exceptionally strong and durable and the clear upper section gives security personnel uninterrupted views of the surrounding areas. Its unique aspect is that it is not weighted or pinned to the ground, therefore is completely self supporting, and can withstand significant crowd pressure and deliberate attempts to breach the barrier line. “It underwent extreme testing against pressure and targeted attacks. It was proven to be extremely strong and is the ideal solution for events and occasions where crowd and building segregation is an integral part of the security process.” The installation for the G20 was one of the toughest on Mojo’s records, with limited overnight shifts to install all barriers and transparent panels, snaking in a complex grid across the city. Craig Edwards, Mojo Barriers’ Australian operations and account manager, explains: “The tough timeframe and sheer scale of the
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
operation meant it was the most complex and challenging project the Australian Mojo office has faced to date. We assembled a skilled team of nine local and international supervisors, managed over fifty truck movements and directed a crew of over one-hundred hands. Coordinating simultaneous legs of the installation required accurate planning.” Over 2,500m of the product is now available to the international event, security and police industries. Cees Muurling expresses the importance the product will play in opening up a new market sector for the company, which was established 25 years ago and is a global leader in the supply of state of the art crowd control solutions to festivals, tours, concerts and live events. He says: “Post event, we will have 2,500
metres of High Fence available across all of Mojo Barriers’ offices; UK, Europe, Australia and the USA. It’s ideal for the police, security and protection industries as well as future political, government and cultural events. We’ve already had interest from parties across these sectors.” High Fence is aesthetically attractive compared to the usual perimeter fencing used at major events and this was essential considering the media and broadcast attention garnered by the Summit. For more information, images of interviews please contact: Brooke Nolan at Plaster Creative Communications on half of Mojo Barriers brooke@weareplaster.com 0117 953 0320
Australian Security Magazine | 41
TechTime - latest news and products
Reebok athletic technology takes tactical footwear to the next level Warson Brands, manufacturers of quality military and tactical footwear and exclusive licensee for Reebok military and tactical boots, recently announced a new line of Reebok branded tactical footwear, the Dauntless UltraLight Series. “These boots are a perfect fusion of Reebok athletic technology and Warson’s tactical/ military experience,” said Jimmy Maritz, Warson Product Innovations. “Seamless technology gives you upper support, flexibility, and a glovelike fit. And an injected EVA midsole adds stability and comfort while removing weight. That’s the athletic technology. All this is built on top of our long-wearing Dauntless All-Terrain rubber outsole with 360-degree traction on any surface. These are high performance boots designed for the extreme demands of law enforcement and military use.” The Dauntless Ultra-Light Series is available in an 8-inch tactical boot, 5-inch athletic hiker – both with side zips – and in an athletic oxford. Each style is all-black. They offer NATO laces, moisture wicking nylon mesh liner, removable injected EVA cushion insert, dual density rubber bottom, and lightweight injected EVA cushion midsole. They are 100% non-metallic. The athletic oxford has a TPU bruise plate, which
provides additional stability and protection on rocky terrain. Also available in coyote and limited edition Kryptek-Typhon camouflage. Reebok military and tactical footwear is available now through select duty uniform retailers throughout the United States. For more information, visit ReebokWork.com Bill Mills, President, Jim Maritz, CEO, and Warson Brands sales and production teams will be available at SHOT Show® 2015, booth #10179 to answer any questions.
Digiever series provides increased storage capacity for IP video surveillance solutions Ethernet Australia has released the Digiever Pro+ series, Digiever NVR Pro+ and Pro series to meet the increasing storage space demands for high resolution IP video surveillance. As surveillance video resolution increases exponentially, with 4K Ultra HD becoming the norm, so too does the demand for large storage capability. With enough capacity, storage will never become an issue for IP surveillance systems. Digiever NVR Pro+ and Pro series supports WD PurpleTM 6TB or Seagate Enterprise Capacity 6TB 3.5HDD to vastly expand video storage capacity and allow users greater flexibility to save recorded videos for longer. Digiever NVR Pro and Pro+ series also support Enterprise Capacity 3.5 HDD series and WD Purple series providing a range of storage options from 1TB to 6TB high capacity HDDs. Ranging from 1-bay to 8-bay HDD storage
42 | Australian Security Magazine
capacity, the Digiever Pro+ and Pro series offers a diverse choice to build a perfect DIGIEVER NVR surveillance system to a maximum storage capacity of 48TB in a single server. With the addition of a DIGIARRAY storage expansion unit Digiever NVR can support up to 96TB the maximum total storage capacity per unit.
Users can confidently record videos to desired time period in 4K UHD quality and display 4K UHD videos on local display without any latency. For more information visit Ethernet Australia or email sales@ethernetaustralia.com.au
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
How biometric cards improve the security and extend the life of proximity systems More and more, security professionals using card-based front ends for their access control systems have been worried about the security of their proximity systems. They know, that for $200 or less, their proximity system can be violated. After all, proximity systems do not offer a challenge response; they only use passive authentication. The card simply sends the exact same 32 bits each time. A proximity card is easy to mimic. Just record an AM broadcast and replay it. An AM transmitter costs only $30 to build. It is straightforward to read a proximity card from close range with standard lab equipment. The card can also be easily read from several feet away. Inexpensive card sniffing devices can be bought online that will effortlessly pull the card number and replay it at critical access points. Meanwhile, they have a slew of proximity readers installed and the CFO is not going to be happy to hear they need to tear out all your proximity card readers to secure their facilities. Add a PIN, someone advises. That means adding keypads to all the readers, which means there needs to be some type of switch out plus, as everyone knows, PINs have security issues of their own. Adding Biometrics Will Help Secure the Facility - But, At What Cost? Only biometrics provides the solution for authenticating “who” is at the door and stopping sniffing. In a perfect world, facilities would have a biometrics reader at every door that would need higher security. Of course, that would still mean ripping out the present proximity card readers and having to budget the money for new biometric readers plus the investment of making sure that the biometric integrates into the present access control system. However, what if the biometric was put directly on the card? The proximity card credential with on-card fingerprint reading would provide all the assets of the proximity card and eliminate its most glaring deficiencies, not knowing who is holding it as well as eliminate the problems of sniffing. A biometric card quickly reads the user’s fingerprint in less than a second. Eliminating the problems of solely deploying proximity cards, the wirelessly powered biometric card lets users authenticate themselves directly on the card through something they are, a fingerprint
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
or thumbprint. Only then will the card system activate the lock. This is much more secure than simply using a standard proximity card, which verifies only something the user carries and can easily be duplicated. The precept is simple. An on-card fingerprint scanner with 3D capacitive technology resides on the contactless card which has universal compatibility with all ISO 14443 readers (the standard contactless card reader) from the leading brands. The biometric card is DESFIRE EV1 and MIFARE Classic compatible, meaning it works with proximity card readers as well as smart card readers. Without having to change out an organization’s existing readers, the biometric card provides an easy, low cost way for security manager to provide a biometric upgrade to access control systems using card readers. Importantly, the biometric card is more secure to use than other available ID and authentication solutions on the market today. The fingerprint data is captured by the on-card fingerprint scanner and is thereafter encrypted and stored only inside the card. No exchange of data is conducted with external systems. This provides secure template management since the fingerprint never leaves the card. It also eliminates user concerns with privacy issues. The card is unique to the user and only the authorized card holder can activate card communication with the reader. When a positive
match occurs, the biometric card activates encrypted communication with the lock or reader in the same way as other ISO 14443 contactless smart cards. Problem Solved - Keep Using Your Proximity System No longer do security professionals need to worry about quickly replacing their proximity card readers to secure their facilities. With a biometric proximity card (or biometric smart card) security managers and their integrators can use biometrics on high security openings, such as a hospital pharmacy, IT server room or special research lab, without having to switch out their proximity readers for biometric readers.” Biometric cards can be issued to key staff and personnel providing the enhanced security benefits of 2-factor biometric authentication without any changes to their existing access control system software or proximity readers. They simply add the biometric card into their system in the same way they incorporate their present proximity cards, all the while extending the life and return on investment of their installed proximity card systems.
TechTime - latest news and products
Hills launches new professional IP CCTV series Hills has announced the introduction of the Hills Video Security Professional IP Series to its security and surveillance portfolio, targeted to commercial and high-end residential use. Hills Chief Technology Officer, Leica Ison said the Professional IP Series strengthens the company’s CCTV offering and follows the successful launch of Hills VSD1 in July this year. “The new Professional Series consists of commercial grade and feature rich NVRs and IP cameras to suit professional installations. We’ve developed this solution after extensive research into customer needs,” she said. “All cameras in the range offer exceptional HD video footage through high quality 3 megapixel lenses. Low light illumination and true day/night technology provide optimal viewing capabilities in difficult conditions, especially night recording.” Customers will have the option to purchase bullet, eyeball, dome or mini-dome cameras and a 4, 8 or 16 Channel NVRs, making the
professional series perfect for commercial, retail, warehouse, and educational applications where users require differing scales of surveillance and monitoring. The Professional IP Series has been designed to make it as easy as possible to install and operate the cameras and NVRs. Plug and play and Hills auto-config set up allows the NVR to be found online using a QR code – removing the need for port forwarding and saving integrators time and money. A mobile app for iPhones and Androids allows users to log on to see live footage from 4-16 cameras. It’s also simple to upgrade the NVR firmware once it’s installed through Hills’ new one-click process, over the network using the Hills Firmware server. KEY FEATURES AND BENEFITS Hills Network Video Cameras (NVCs) • 3 megapixel
• • • • • •
Up to 2048x1536 resolution Full HD 1080P real-time video Infra-red (IR) DWDR/3D DNR/BLC PoE connection Plug and Play with Hills NVR
Hills Network Video Recorders (NVRs) • Up to 5MP recording resolution • HDMI & VGA @ 1080P • 3TB storage built-in • Built-in 4/8/16 port PoE switch (NVR-CH4/ CH8/CH16) • Firmware upgrade via Hills Firmware Server • Hills Auto-Config – P2P application for remote access The Professional Series will be exclusively available through Hills branches from the end of October. Contact your local branch for more information about this product or visit www.hills.com.au/branches
Australian consumer security risks multiple threats in a multi-device world With every third of the world’s inhabitants a global network user, Kaspersky Lab, together with independent company B2B International, regularly conducts global studies in order to evaluate how Internet users react to online threats and how prepared they are against them. The survey, which looked at consumer attitudes to and behaviours around IT security, was conducted across 23 global markets, with 405 Australians surveyed. “The study highlights that Australians have a general awareness of a host of online threats, and are mindful that the businesses they entrust their information with are subjected to the same online threats as home users. While this awareness has revealed some positive trends, this is tempered by consumers developing skewed ways of viewing what is ‘secure’,” Andrew Mamonitis, Kaspersky Lab’s ANZ managing director said. Webcams Users are adopting a range of tactics to avoid their devices becoming effective tools for cybercriminals. Globally, 21% of users cover up their webcams because they fear cyberspies could be monitoring them via their computers. In some countries this figure is even higher, with 40% of Chinese respondents playing safe in this way.
44 | Australian Security Magazine
In Australia, this figure sits at 14% and is significantly lower for mobile devices, at 5%. Overall, 84% of Australians surveyed have never covered the camera/webcam on their digital devices. This practice however, is much more likely to be used when dealing with desktops/laptops than with mobile devices, and is more common amongst younger respondents, more conscious of the interception of their online activities. Cybercriminals have used webcams to steal company secrets or gain access to financial services, with one in ten respondents admitting to writing down their credentials on a piece of paper next to their computer. To ensure that users are always aware of which applications and processes “see” via the webcam and thus protect their privacy, Kaspersky Lab has developed a special Webcam Protection module integrated into its latest 2015 security offering, Kaspersky Internet Security – Multi-Device. Online security when using mobile devices Over a quarter of Australians surveyed - 27% said they “would never consider using Internet banking on their smartphone or tablet.” This is up from 17% a year ago. While 23% of Australians “feel absolutely safe from online threats when using their mobile
device for web browsing,” 67% of Australians “believe that mobile devices are just as vulnerable as desktop/laptop computers when it comes to cybercrime.” Online security when using social networks 16% of Australians believe they “share more information than they probably should on social networks.” The global average is 21%. Despite the rise of dating apps, only 6% of Australians surveyed indicated a tendency “to speak with strangers online about private topics/issues,” a figure that sits at half the global average. Heartbleed With the recent disclosure of serious security bugs, “HeartBleed” only registered with a small proportion of global consumers, with the recent vulnerability forcing only 36% of respondents to think again about the security of passwords they use. In Australia, 30% of Australians are either not aware or partly aware of software exploits and attempts to compromise their device using vulnerabilities in software. Of the Australians who are aware, less than half - 45% - are concerned about this issue.
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
TechTime - latest news and products
Axis announces innovative surveillance solution with full 360° overview and detailed zoom AXIS Q6000-E Network Camera is an innovative network camera offering a 360° overview provided by four 2 megapixel camera heads, and when integrated with AXIS Q60-E it simultaneously offers high detail optical zoom on areas of interest, with just one click. Axis Communications, the world leader in network video, announces AXIS Q6000-E, an outdoor-ready 360° network camera that integrates seamlessly with the AXIS Q60-E Series of PTZ dome network cameras, providing a unique surveillance solution. With just a single click, operators can optically zoom in on details of interest with high precision while at the same time being able to maintain an overview of large areas of up to 20.000m² (215,000 sq. ft.) – about the size of four football fields. This makes the AXIS Q6000-E ideal for city surveillance applications such as monitoring of public squares and parking lots, as well as food courts in shopping malls and other open areas. “The AXIS Q6000-E addresses the need for a simple way to monitor a wide area and, simultaneously, be able to optical zoom in on details,” says Wai King Wong, Country Manager, Oceania, Axis Communications. “The seamless integration with AXIS Q60-E Series of outdoor PTZ cameras provides a smart, innovative and space-efficient solution offering new and unique video surveillance possibilities.” This new product will open up new opportunities to solve a common problem, for example in the city surveillance field where there is a need for both a PTZ camera to provide detail, and for a full overview camera to cover the entire area. A single click on any object in AXIS Q6000-E, using the one-click PTZ control feature, will trigger the AXIS Q60-E allowing operators to optically zoom in on the specific object of interest. The use of two screens gives a full 360° overview from AXIS Q6000-E, and a zoomedin view from AXIS Q60-E, providing operators with a high level of detail while simultaneously being able to maintain an overview of the entire monitored area. AXIS Q6000-E provides multiple, individually configurable video streams in H.264 compression to greatly optimize bandwidth and storage without compromising image quality. Motion JPEG is also supported for increased flexibility. Any AXIS Q60- E camera is quickly and easily mounted inside the AXIS Q6000-E, allowing also existing AXIS Q60-E installations to be upgraded to monitor wide areas, while simultaneously capturing every detail of interest,
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
with just one click. There’s no need for any mounting brackets or extra equipment as AXIS Q6000-E uses the same brackets and network cable as the AXIS Q60-E, minimizing time and cost of installation. Furthermore, AXIS Q6000-E is supplied with Power over Ethernet Plus (PoE+) through AXIS Q60-E, eliminating the need for power cables. AXIS Q6000-E is supported by the industry’s largest base of video management software through the Axis Application Development Partner Program. The camera includes support for AXIS Camera Companion, AXIS Camera Application Platform, ONVIF specification for interoperability of network video products and AXIS Video Hosting System (AVHS) with One-
Click Camera Connection. AXIS Q6000-E is planned to be available in Q4 2014 through Axis distribution channels. For photos and other resources, please visit: www.axis.com/corporate/press/press_material. htm?key=q60
Australian Security Magazine | 45
TechTime - latest news and products
Predictions for 2015 2014 has been an exciting year for the security. Some are calling it the ‘year of the breach’ – just a few weeks ago, Sony Pictures suffered the most damaging hack in the company’s history. To combat such threats, we’ve seen legislation really toughen up in recent months. There has been a significant increase in regulations, but more importantly there is also a higher proportion of ‘regulators’ being employed. This shows that the Australian government and industry bodies are taking such enforcement seriously. The Office of Australian Information Commissioner (OAIC) continues to ensure that Information Policy, Freedom of Information Act and the Privacy Act 1988 are suitable and enforceable for purpose. Global regulations will also play a part in the sharing of personal and health information – the UK will be introducing the new European General Data Protection Regulation, due for final agreement at the end of 2014. This means to access any personal information in the UK you must prove you meet the new EUDPR standard or face fines of up to 5 per cent of worldwide revenues or €100 million if they breach the regulation. In the face of, but not solely because of, these measures the security landscape of security is changing. I predict that 2015 will see certain trends come to the fore… Security will embrace digital Millenials are joining the workforce, and the businesses that embrace them will be the most successful. Many organisations will continue to use existing working practices as the base from which to grow businesses. However, although you don’t have to reinvent the wheel, you may be able to make the wheel more attractive to a different audience. The new generation has a huge amount to offer, but businesses need to make themselves attractive by seeing what is in front of their faces: Adapting to the new generation means that organisations should start to ‘value people on their potential, not their history’ (Businessman and author Bo Bennett). The millennials are digital natives and are not only the managers of the future but they are the buyers of today. Reciprocal education is the key to make the most of having multiple diverse generations in the workforce. Ensure you engine a situation where the ‘baby boomers’ and ‘Gen X’s’ teach the millennials about the organisation, its values and offerings, in return the millennials allow the older generations into their heads to understand why ‘less is more’ (twitter), TV is so
46 | Australian Security Magazine
noughties (2000’s) and how they can reduce the six degrees of separation down to 3 degrees with social media. Security will evolve Organisations that can simplify their operations will retain, grow and acquire clients in 2014. The barriers to simplification are increasing with customers experiencing pressure from areas such as; budget cuts, cyber-attacks, commercial diversification, information growth, increased supply chains, mobile working and internet connected devices (IoT). The security industry is evolving faster than ever. Simplicity through integration is what customers demand – and technology will evolve to meet today’s threats whilst providing a simple user experience. Clearswift is doing exactly that with our Adaptive Data Loss Prevention (DLP) solutions, by addressing the elements of DLP that waste resources and restrict business operations, whilst also mitigating many of the pressures from cyberattacks, insider threats, information growth, information sharing and increasing employee awareness of critical information protection in real-time.
The industry will look to start ups for innovation Organisations should look at Australian startups both for innovation and economic benefits. Clearswift acquired Jedda Systems Ltd in 2013 because of their innovation solutions worldwide. A surprise flanking movement could see end users leap frog the incumbent vendors and invest in a start-up to gain real advantage in ICT execution. This could be a way for start-ups to gain access to much needed funds without the commercial pressures, balanced with government grants and incubator organisations. But also keep an eye on the big guns Companies should keep a close eye on the big IT vendors as they start their divorce proceedings; HP into HP Enterprise and HP Inc. and Symantec into separate security and information management organisations. There are also rumours that the solicitors are waiting to file proceedings from EMC, Cisco and Oracle as they come under pressure to transition their businesses to be [supposedly] more nimble. The industry should keep an eye if this is just for shareholder value or [hopefully] ease of doing business with Australian companies.
Information presented in TechTime is provided by the relevant advertiser and are not necessarily the views of My Security Media
Drones Robotics Automation Security Technology Information Communications
www.drasticnews.com Like us on facebook! www.facebook.com/drasticnews
By Chris Cubbage, Executive Editor
W
Mercenary Mum by Neryl Joyce
www.nerobooks.com
ith an Iraqi insurgent attack killing members of her security team, the opening chapter of Mercenary Mum underlines just how dangerous Iraq and indeed all Close Personal Protection (CPP) work can be and the challenges of hostile war state environments. The daughter of an infantry officer, Neryl Joyce has given a gutsy, raw account of her life and career, starting as a mundane Woolworth’s ‘checkout chick’ in Queensland, and written with a natural sense of personal insecurity and a female perspective of trying to be “accepted in a man’s world”. It is a crucial, yet rare perspective based around Neryl’s life experiences, from beatings at home, bullied at school and unorthodox treatment from teachers add to Neryl’s grounding inclination to pursue a potentially violent and dangerous career after joining the Australian Army. Following the opening chapter, the narrative moves into a chronological order of life’s events and challenges, and does dull slightly in tempo but provides a necessary account of what drives Neryl to become better and stronger. With a sense of disappointment, there are accounts of work affairs, illicit drug use and rape. Indeed, at times there is complete dis-functionality in the work environment and there is a sad account of ‘cow boy’ tactics which became synonymous with private security contractors in Iraq. This is a story worth telling and also highly suitable to aspiring women who are challenged by ‘Alpha’ male
personas and dominated environments, as well as for male colleagues to understand the difference in sensitivities and perspectives of the opposite gender. In a stressful and challenging hostile environment, there is an interesting blend between men and women at the best of times, add these to a dangerous occupation requiring team skills and trust and you have the contents for an interesting story - Mercenary Mum is one such story. Worth a read and will be appreciated by anyone for its raw and honest insight, with a female perspective into the CPP profession, as it was in Iraq, circa 2005. As a recommended read my copy has been passed on to my 17 year daughter, a Woolworth’s casual ‘check-out chick’ finishing Year 12 – hopefully it enlightens her on how to, and how not to, deal with male influenced vocations.
n appreciation for giving a presentation on ‘Crimes of the Future’ for BAE Integrated Systems in Perth recently, I was fortunate to have received a signed copy of John Green’s The Trusted, a thriller novel introducing the main character, Tori Swift’s exploits as a grommet Sydney surfer, Nuclear Scientist and former CIA Operative. To my delight, Green has not only delivered his third novel as another fast paced thriller, but provided a detailed and thoroughly researched piece of work, worthy of awareness across the security domains and acknowledged with input from Australian cyber security professionals. As Tori Swift recounts her surfing past and Sydney University days, it corresponds with her insertion to the birth of a 10 year sleeper cell of individually motivated eco-terrorists, known as the Nine Sisters or 9S. The link to the number ‘9’ within Myan and Egyptian theology shouldn’t be lost. Each of the aptly named and globally dispersed 9S, has set about to work their way up their respective vocations to become trusted insiders and with the intent and capability to cause catastrophic global events, including ultimate compromise of cloud computing systems, data
destruction, financial crisis, medical homicides, major maritime and transport disruptions and each with their interdependent scenarios and vulnerabilities being realised. The scenarios are extreme indeed, however the method of attack from the inside and delivered with dogged patience over a decade appears as the most plausible. As an entertaining thriller, this is a splendid read, but with the mind-set of a security and risk planner, this creates scenarios which are worthy of contemplation and consideration. A recommended read for any thriller lover and an excellent text for business disruption and system security scenario planning.
I
The Trusted by John M. Green
48 | Australian Security Magazine
www.panterapress.com
Neryl Joyce
Have you recently published a security related book? Or have you just read a new, great security book? Please email us at editor@australiansecuritymagazine.com.au
w
w
w
.
c
h
i
e
f
I
T
.
m
e
CIOs, IT Leaders and decision makers • Big data • Communications • Cloud computing • Technology systems • Interviews with industry thought leaders plus much more.
FOR SECURITY. FOR JOBS.
F-35 LIGHTNING II
FOR AUSTRALIA. Lockheed Martin’s F-35 Lightning II — the right security partner for Australia, its people, and its future. Providing thousands of high-technology jobs for Australia and billions of dollars in industry contracts over the next 30 years. SEE THE FUTURE IN ACTION AT: F35.COM/AUSTRALIA
AUSTRALIA
THE F-35 LIGHTNING II TEAM NORTHROP GRUMMAN BAE SYSTEMS PRATT & WHITNEY
LOCKHEED MARTIN