22 Mar 2017

Using Big Data effectively in the fight against terrorism


The terrorist threat is global and severe, and governments around the world are seeking ways to reduce that threat. Defence writer Mark Lane spoke to one man, with years of experience in counter terrorism and in the use of Big Data, who has helped develop a prevention strategy.

Today terrorists are often ‘lone wolves’ or semi-autonomous operators, and the potential recruits to their ranks can be numbered in the thousands.

This makes the task of counter terrorism (CT) particularly difficult, as with even a huge deployment of resources there is always the risk of one or a handful of highly dangerous individuals remaining undetected.

Effective investigation, pursuit and arrest after the event is little deterrent, particularly when dealing with would-be suicide attackers. In counter terrorism, prevention is most certainly better than cure.

One man who has played a key role in developing the UK’s terror prevention strategy is John Wright, Global Director of Justice and Law Enforcement at US global information technology company Unisys.

He has an impressive CV. He spent most of his career with Derbyshire Constabulary, reaching the rank of Assistant Chief Constable. During his time, he was involved in major investigations using HOLMES (Home Office Large Major Enquiry System). This system operates across all the UK police forces, enabling them to share intelligence more easily and with compatibility and consistency, lowering IT costs and allowing more powerful investigation and detection capabilities. It also gives senior officers a real-time view of live operations. Wright worked on major cases, with HOLMES, at all levels.

“I did every role in the major incident room, from analysis to managing the incident, through to allocating resources and actions and doing the investigative side and using the HOLMES system as a toolkit when managing major crimes,’’ he says. “I know HOLMES from a user perspective in all its guises.’’

Ten years ago he was asked to take on a counter terrorism role, following a review of the 7/7 London bombings. This involved a review of the national Special Branch structure and how it could be reorganised to coordinate and consolidate 43 different police force operations. Following that, as national co-ordinator of Special Branch implementing his findings, his new role included a review of the way data was managed, collected, analysed and shared.

“It included things such as a new way of doing strategic threat assessments for national security threats against the UK and how that information was put in a format that decision makers could understand,’’ he says.

“We identified that there was a need for a significant increase in our IT and technology capability to manage all of the data that was kept in a range of different databases and all sorts of repositories nationally, and also how we interacted and shared data with our security partners within the UK and globally. We built a computer system to support that.’’

He explains: “It’s the sort of lessons you would learn in any organisation that deals with a huge amount of data. Some of our banking clients have incomplete data or duplicated data. In the counter terrorism world each police force had its own database and even within police forces data was kept in different databases.’’

It also involved a recognition of the huge amount of publicly available data, ranging from social media to other agencies.

He adds: “One of the things we learned very quickly as a result of reviewing CT incidents in the UK and more broadly was that there was a lot of information, not just in the counter terrorism world but also in partner agencies.’’

This use of Big Data helps anticipate future threats and allows counter terrorism forces to more effectively deploy what must always be limited resources to concentrate on the greater and more immediate threats.

With huge amounts of data on potential terrorist behaviour constantly being gathered, the challenge for intelligence agencies is to analyse it in near-real time. Data sources can include involvement in extreme online conversations, associating with others of an extremist disposition, withdrawing from mainstream activities and events, travelling to areas of conflict and unusual purchases.

Terrorists may pry on vulnerable and impressionable young people and exploit their experiences of racial abuse and profiling to radicalise them. Counter terrorism forces have to link these different behaviours, using data held across multiple disparate systems, and analyse them to identify patterns.

One solution that has been developed operates on a POLE-type data model (Person, Object, Location and Event) for the storage and recording of incidents and entities. The POLE model allows entities to be recorded in the system once; they can be linked to other entities and events as many times as is necessary, building up a complete profile and network of associations of the monitored subjects.

One of the four strands to the UK’s official counter terrorism strategy is Prevent, to counter the ideology of extremism. Wright was given responsibility for its development.

“It’s trying to identify at an early stage those people who may be attracted to ideologies that could potentially either lead to supporting or committing acts of terrorism and identifying methods by which ideologies can be transmitted,’’ he says. “It’s trying to manage the risk those people pose before potentially they reach a level where they contemplate acts of terrorism. It’s a recognition that just arresting people and prosecuting them only takes you so far.’’

Prevent provides a route for people who have concerns about an individual to have those concerns addressed before the individual in question goes too far down a dangerous road, bringing them to the attention of practitioners in areas such as health, social services, schools and universities.

The strategy has attracted global attention.

Wright says: “A lot of the things we developed here in the UK have been picked up, particularly by our partners in the Five Eyes [UK, US, Canada, Australia and New Zealand], but also more broadly than that; so, for example, the European Union’s counter terrorism strategy is very similar.’’

Unisys is heavily focused on IT security and applications that support government agencies. At Unisys many of the lessons Wright has learned and many of the systems he has helped develop can be used for the benefit of clients.

He notes: “We support some countries around their management of risk for goods and people moving in and out of their countries. There you are talking about vast amounts of data and the need to make those assessments as near real time as possible and also as far away from your borders as possible.’’

In Unisys Wright leads a ‘community’ of subject matter experts.

“I come from a UK CT background and we’ve got people here from the FBI and state police in the US, people who can understand some of the challenges that our clients and potential clients face. We have another group of solution architects who can take that understanding and convert it into products, solutions or capabilities that help them to manage those problems.’’

Unisys is organised to cover the three sectors of government, commercial and financial. In the government sector its biggest client is the US federal government where it supports agencies such as Customs and Border Patrol, the Army and the Federal Bureau of Prisons. The company also works for individual states, including Pennsylvania.

As technology develops at a bewildering pace, so does the nature of the terrorist threat. So what are the likely developments in the next few years?

Wright cautions: “One thing I’ve learnt is to expect the unexpected. One thing at the forefront of my mind in looking after the intelligence portfolio for the UK police Counter Terrorism Network was to try to get into the best possible position to try to anticipate where the next threats were coming from. ISIS, for example, probably wasn’t in a lot of people’s minds then – people thought Al Qaeda was going to be the threat for a number of years.’’

He can see that as pressure increases on ISIS in its heartlands of Syria and Iraq its fighters from European countries will make their way home and potentially present new terrorist threats.

There is also a growing threat from right-wing extremists, who often act as lone wolves and become radicalised under the radar. Again, in tackling this, Big Data has an important role to play.

Wright concludes: “For me, one of the more important tools will be how we manage that data. In my experience, a lot of this information is out there, if you know where to look.’’


If you would like to join our community and read more articles like this then please click here


The post Using Big Data effectively in the fight against terrorism appeared first on Defence Online.