Internet Volatility – The Never Ending Security Breach

The Internet is not as secure as we would like to believe.   1,378,509,261 records were breached in 2016 alone, with 1,792 reported incidences.  This is not surprising, considering you can take online courses to learn how to hack.

Basically everything on the Internet is, and will forever be, at risk of being hacked by Organized Crime, other States / Nations, Hacktivists, Script Kiddies, and the like, for various reasons and for some without restraint.  So I am encouraging the removal of our government, military, commercial, financial, social services, education, and economic backbones from the Internet.  My reasoning is that the Internet is forever being hacked / exploited.  Zero day exploits rule the day, with serious hackers coming and going without any notice what-so-ever.

Everyone likes the ease in on-line banking and bill payments, and the distribution of instant teller machines, yet all of this technology is based on systems that are growing impossible to secure.  Our economic engines are becoming quite dependent on the Internet.

It’s not hard to imagine what a well timed attack on their economic engine via the Internet could do.  In May 2016 the already weakened Egyptian economy took yet another hit from a second terrorist attack (airplane), negatively impacting their tourist based economic engine.

And we know that terrorists and organized crime both use the Internet and are combining forces towards common goals [Sources: NBC News, Security Intelligence].

In 2015, the Director of National Intelligence identified cyber-attacks as the biggest threat to the economy and national security of the United States, despite the threats of extremist terrorist groups and the growing nuclear ambitions of countries such as Iran, China, and North Korea.

Security is an illusion. Internet usage and reliance is increasing. Organized crime groups are becoming global, and are penetrating local interests. Organized Crime is using the Internet to store and launder their monies, while working to hack into sensitive locations for illegal gain. Even other countries hack our systems. All to a negative effect on our economy including loss of revenue, customer trust, availability / reliability, and costs to investigate, remedy, and rebuild trust.

With small scale intrusions and attacks continuously underway, I wonder as to how long it will be before a large, focused attack takes place? When this happens, depending on what is attacked and duration, I wonder as to how much damage will be ensued? And I wonder if we might start thinking then about creating a separate network – off the Internet – thus allowing greater security to our financial, government, and economic systems.

The number of articles published about our governments, research agencies, companies, and our infrastructure being hacked keep coming – and do not appear to be slowing.  Here are a random handful:

Why we continue to put our economy in risk is beyond me. A serious attack could cripple the nation’s finance and trading systems. One single attack could take out the top industry players, crippling them for a long time while another economy advances – or succeeds them through a legit business transfer.

As a country, to reduce our exposure to uncontrolled risk I believe we should:

  1. improve data and physical securities on our communication infrastructures (Bell, AT&T, etc)
  2. move systems off the Internet over to these dedicated networks
  3. implement hardened communications – like fiber connections that count the number of photons used in communications and examine latency times

With this move trust would be restored and issues reduced. This would require more serious attempts as physical access would become more of a requirement than today.  And it would seem that former CIA Director Michael Hayden and General Keith Alexander are also on-board, as they also called for a separate, secure Internet to shield vital systems (like the power grid).

So why do we delay?

Future Implications of the Inaction Against the Manipulation of the US Election Process by the Russians

Russia has tampered with the elections of many governments – including the 2016 US election [Source: Wikipaedia, Bloomberg, Wired].  Prior to this past US Election, Internet voting was deemed “too hackable” to trust [Sources: USA Today, The New Yorker], and Russia had hacked voting software [Source: VOX, NY Mag, France 24, Wired, Gobal News, The Guardian].

Prior to the election I read that Obama had called Russian President Putin and advised him that there would be an armed conflict if Russia meddled with the US election [Source CNN, NBC News, Washington Post].  As per the Tallinn Manual on the “International Law Applicable to Cyber Warfare” created by the NATO Cooperative Cyber Defense Center of Excellence, the tampering of the election should be treated as an act of war that should be retaliated against [Source: NATO Cooperative Cyber Defense of Excellence].

It is known that Organized Crime is penetrating our economy deeply, that Organized Crime groups often lend support to one another, and will work together and with Governments to a common advantage [Source: GeneralFox.com].  Prior to the election, Trump’s agenda was to reduce military power available to NATO and reduce US Military presence globally [Sources: CNN, Euractiv, Politico]. Did Russia and Organized Crime use the US Election to help Trump gain power to further their cause?

This poses very important questions that I would love to hear intelligent answers to, such as;

  • Why was voting reform not introduced prior to the election?
  • Who directly benefited from this inaction? Who helped? And why is nothing being done?
  • Why have there been no repercussions for this nation shaping action?
  • What will be the future repercussions to be suffered by the United States and other Allied Nation States due to this inaction?

Giving Our Economy Away To Organized Crime and Terrorists

Why are we giving our economy away? Under-developed countries and states would love to have what we have – yet we treat it with such disregard.

We have allowed criminal organizations to penetrate every layer of government, the military, and policing / protection services available. Our inaction is alarming, and threatens our health, our safety, our way of life, our economy, our future, and our children’s future.

Just as the United States National Security Council has recognized, we should be viewing organized crime’s penetration into our economy as a threat to our National Security [source: USNSC]. Organized crime is rampant in Canada – over 900 groups – and it seems Ontario has become the place for them to ‘convert’ to legitimate business [sources: CBC News, Toronto Sun, National Post].

Organized criminals have long invested in legitimate business as both a base of operations and a means of laundering money from illegal activities such as drug trafficking, weapons dealing, prostitution, smuggling, counterfeiting and robbery [source: DailyMail, NY Times, Herald News, International Business Times]. It also helps them explain their wealth.

A national risk assessment by the RCMP recently identified the ’Ndrangheta (also known as Calabrian) Mafia in Canada as a priority threat [source: The Star]. The ’Ndrangheta is built on a confederacy of like-minded clans, each relying on family bonds. It is similar, but separate from the better-known Mafia of Sicily, called Cosa Nostra. Police around the world say the ’Ndrangheta has become the most dangerous and powerful Italian crime group.

As reported by the Post in 2010, Italian authorities said there were at least seven primary ’Ndrangheta clans in the Toronto area and that the organization had climbed “to the top of the criminal world,” by establishing a “continuous flow of cocaine.” [source: The Post].

Along with the ‘Ndrangheta, there are several other groups currently active in the United States. Combined, it is estimated that these groups have approximately 25,000 members total, with 250,000 affiliates worldwide. Beyond drug running, these groups are also involved in banking, illegal gambling, political corruption, extortion, murder, kidnapping, fraud, arson, loan sharking, racketeering, counterfeiting, prostitution, pornography, infiltration of legitimate businesses, stock manipulation schemes, bombings, and weapons trafficking. Industry experts in Italy estimate that their worldwide criminal activity is worth more than $100 billion annually. 

Organized crime’s penetration into our government (intelligence agencies, military, and officials) and its operation represents a significant threat to economic growth and democratic institutions, and is accomplished through direct bribery (but also by having members run for office); setting up shadow economies; infiltrating financial and security sectors through coercion or corruption; and positioning themselves as alternate providers of governance, security, services, and livelihoods.

Economic Penetration

Organized crime has many forays into legitimate business, with perhaps the most known being their trash-hauling businesses [sources: Telegraph, NYTimes]. To prevent competition from driving down prices, they fix prices, rig bids, and allocate territories in such a way that customers can’t choose who picks up their garbage. One well established organized crime gang has controlled the industry in Naples for about 25 years [source: The Slate].

Their disregard for public safety and the environment is obvious with their having illegally dumped toxic, industrial waste in Naples and other parts of the country [source: Independent, BBC]. In parts of Taiwan, gangs dig into the riverbank for gravel and sell it to construction companies. Then, they fill up the holes with waste they’ve collected [source: How Stuff Works].

They harass legit competition and extort their money; while their own companies do a shoddy job. They work their way into the Teamsters union, allowing them to dictate which companies drivers could work for, effectively pushing out non-Mafia operations. This concept was also employed in other unions, allowing their control of the construction sector [source: CBC News, The Star].

During the housing boom of 2002 to 2007 several organized crime gangs got in on the action through corrupt construction companies and unions. In New York City, organized crime linked companies have been subcontractors on most of the major projects of the last few years, including highway repair, the midtown office tower boom, the massive water treatment plant in the Bronx, even the rebuilding of the World Trade Center [source: CNBC].

Organized crime run construction companies are known to include union rates in the bids and win the contracts — then pay far less to their workers. Inside the union, organized crime cronies get top jobs, shake down the legitimate crews and sell jobs to the highest bidders, and there are even threats of physical violence. They also invest in and own companies that provide materials like steel or cement to other construction crews. These companies pile on the costs, making the price of building expensive.

But organized crime is not restricted to just garbage collection and the construction business. I offer a few examples of the thousands available below:

– theft of credit card numbers via Internet sites, money laundering through an energy drink company called American Blast, and ownership of a bottled water company [source: NY Daily], with profits feeding investments in a phone company, a bank, and more than 64 shell companies and foreign bank accounts [source: Guardian, The Times, NBC News].

– the forming of a fake hedge fund which conned hundreds of wealthy investors into putting their money in bundled mortgage securities (one of the major causes of the economy’s collapse), the cashing in on the wave of foreclosures through house-flipping schemes when the housing bubble burst [source: NY Daily News].

– the running of a publically traded Texas-based financial company, “FirstPlus Financial Group” (FPFX), which was a one-time subprime lender that boasted former Vice President Dan Quayle as a board member and used NFL Hall of Famer Dan Marino in its advertisements. Thirteen people participated in the use of physical and financial threats to take control of the company in order to plunder the company for their own financial gain. The board of directors was replaced, and a lawyer helped them funnel millions back to the mobsters [source: US Department of Justice]. FirstPlus Financial Group and its shareholders lost at least $12 million due to the criminal activity [source: AOL, US Justice Department].

And their future is green, as around Europe organized crime invests in wind farms and other types of green energy as a way to launder dirty money, and take advantage of the environmental grants offered by governments. They take advantage of regulation in the industry, high prices for the product, and complicated financing [source: Telegraph].

In Rome, anti-crime units seized 27 restaurants and cafes, plus assets, worth $250 Million Euros. An estimated 70% of restaurants and bars in downtime Rome are controlled, or owned by, organized crime, producing more than $1.35 Billion Euro’s each year [Source: Daily Mail]. According to sources, organized crime controls one in five businesses [source: Explainer].

In looking at the bigger picture, organized crime is also heavily involved in the banking industry with ties to HSBC being widely known and publicized [source: Mafia Today, Rolling Stone, Le Monde, 60 Minutes]. From ties to the Mexican Drug Cartel [source: Thailand Business News, This is Money, HSBC Whistleblower, RT], to arms dealers [source: ICIJ], infringing Iranian sanctions [source: DailyMail], funnelling cash to terrorists [source: DailyMail], providing accounts to international criminals and corrupt businessmen [source: The Guardian], they are even being sued by families of Americans that were murdered by the Mexican Drug Cartels that they were laundering money for [source: Forbes]. Of course, while HSBC takes the focus at this time, it is known that other banks are also affected, Citigroup, Wachovia, and Western Union [source: Guardian].

Global Penetration

Even penetration into other countries or states offers organized crime a tactical advantage in that through time they build legitimacy and create ties to other economies through political means. As they expand, their networks threaten stability and undermine free markets as alliances with political leaders, financial institutions, law enforcement, foreign intelligence, and security agencies are built.

Organized crime’s existence exacerbates corruption, which undermines free governance, rule of law, judicial systems, free press, democratic institution building, and transparency, and is a movement towards the elimination of our freedoms. With this in mind they position themselves able to threaten legitimate government and free society’s economic interests and cause significant damage to the world financial system through its subversion, exploi­tation, and distortion of legitimate markets and economic activity.

Organized crime has become internationalized, with branches of organized crime establishing themselves in other countries and taking over, or amalgamating, with existing organized crime gangs (including Biker Gangs)[source: Vice News, Globe and MailFrontline]. In most amalgamating, territories are respected, with minor changes to reporting as per levels of support being offered. Criminal gangs are also diversifying, resulting in the convergence of threats having an explosive and destabilizing effect on our own, and the global, economy.

United States business leaders have advised that companies are being put at a competitive disadvantage by organized crime and corruption, particularly in emerging markets where many perceive that rule of law is less reliable. The World Bank estimates that $1 trillion is spent each year to bribe public officials, causing economic distortions and damage to legitimate economic activity.

Globally business costs are increasing as companies budget for additional security costs, having a negative impact on the global economy and foreign investments. Organized crime activities can lead to disruption of the global supply chain, diminishing economic competitiveness and the ability of legitimate industry and transportation sectors to remain resilient.

Organized crime groups leverage relationships with state owned entities and industries to gain influence over key commodities (such as gas, oil, aluminum, and precious metals), along with exploitation of the transportation sector.

Members of the American Mafia have been brought up on sex trafficking and prostitution charges, while the Russian Mafia is said to favor the high profit margins found in trafficking sex slaves from economically poor areas in the Ukraine and Romania [source: In Public Safety, How Stuff Works]. In all cases, all of the families use the Web to enhance their multi-million dollar illegal gambling empires through offshore betting shell corporations.

Other governments are also trying to infiltrate our governing bodies and influence them. A CBC National News segment discloses that governments are recruiting students from our schools. If aligned with a properly motivated organized crime gang, this would allow deeper penetration into our economy and greater steering capability [source: CBC National].

Joining with Terrorists

Organized crime has joined forces with terrorism – leveraging each others strengths. Organized crime is currently taking advantage of the threats posed by terrorist groups, which are being played up by the media, allowing them to continue to silently take a firm foothold into our economy [source: Security Intelligence, AWD News, Daily Beast].

Just as we are seeing with ISIS, developing countries with weak rules of law are susceptible to penetration, or even conquering by terrorists and organized crime. Reviewing the events in Somalia show how criminal control of territory and piracy ransoms generate significant sums of illicit revenue and promote the spread of government instability [source: US National Security Council, CNN]. This same happened in Iraq and Afghanistan, when rebels turned to organized crime for supporting in acquiring weapons, ammunition, communications devices, and shifting money.

In reviewing the trends of terrorist acts versus organized crime business penetration, I wonder as to whether there is a greater connection than has prior been discussed. Italy reports that the Mafia’s murder rate has fallen by 80 percent between 1992 and 2012 [source: Telegraph]. The rate has also fallen in the US. Yet terrorist activities have been increasing significantly since 2001 [source: WikiPedia]. With organized crime willingly doing business with terrorist groups, this makes me wonder if organized crime is funding terrorism and using them as a way to deflect attention away from them? [source: NYTimes, National Post].

Giving Our Economies Away

Our allowing this to happen is likened to giving away our economy and also silently sentences innocent individuals to harsh lives or even death – and this includes children [source: Mirror, Independent, International Business Times, I am Syria].

By allowing organized crime to flourish, knowing that they are connected to terrorist activities, we are therefore sentencing individuals to be ruled by terrorist groups or corrupt governments, with their ways of life being forced upon them; forcing them to leave their country for better lives and in the process leaving everything behind and often facing death in the process [source: World News, Spiegel, Guardian, International Business Times].

We turn a blind eye to those economies being strangled by organized crime groups, and even to our own slow, quiet absorption.

And it seems that the governments make it worse. Understandably investigations are kept secret in the hopes that the crime groups will be brought to justice and not become aware of their being monitored. However, due to the difficulty in bringing them to justice, and the time spent along the way, these organizations only continue to strengthen, making it even more difficult to be exposed.

I do not wish to support companies run by organized crime. I want to stop purchasing from companies in Canada and abroad that have been penetrated by, or are owned by, organized crime. I want to stop buying oil from those companies supporting the terrorist groups by not impeding its introduction into their supplies [source: CNBC, International Business Times, Observer, Financial Times]. But without any advise as to whom these companies are, I purchase products blindly.

I also want to stop selling known state sponsors of terrorism our airplanes [source: US Department of State, Bloomburg]. Why and how this could be legitimized is beyond my understanding, but clearly outlines the allegiance of those in favor of the deal.

Research and Development – for Criminals

Financial means

Just like our government, organized crime groups generate large amounts of revenue, using sophisticated methods of generating revenue. To the general public they seem to be portrayed as being uneducated, approaching opposition using physical force, or lacking a focused plan and long-term vision. In fact, it seems now to have become the opposite – here is an instance where they wrote a software application to help them [Source: Security Intelligence].  And they have been in silence and without announcement, growing their power and wealth, in Canada for years now.

Most people are unaware that organized crime takes Billions of dollars from our economies; and therefore has an “unlimited” amount of money to spend on research and development into any types of weapons and technologies that can be used to their advantage [Source: Fortune.com]. While true that governments also collect revenue, they do have to pay for the supporting of the infrastructure provided to their citizens – organized crime does not. Therefore, organized crime has more money to spend on Research and Development than governments do!

Organized crime can also gain details of any government research (including classified) through acts of espionage and bribery.  They can also steal it (perhaps via the Internet), or purchase it from other organized crime groups or Nation States. And we must remember that organized crime partners with terrorists, leveraging each others capabilities in revenue generating activities, and thus sharing in the profits of their activities [Source: AWD News].  They can also obtain funding from a competing Nation State that, for varying reasons, is sympathetic to them – in fact Qatar and Saudi Arabia have both been accused of funding terrorists [Source: MSNBC, MSNBC 911 Lawsuit, MSNBC Qatar].

Ethics

While our governments are generally tied to ethical boundaries and human rights, organized crime is not – enabling them to perform research bringing physical or mental harm to individuals.  Test subjects need not be difficult to source – in India they found a hospital where babies were being bought, sold, and swapped [Source: Metro, RT, News.Com.AU].  And in more public places, such as a tourist town in Southern Mexico, where twenty-three children were rescued after being abducted and forced to sell handicrafts. According to official statements, the children’s age ranged between three months and 15 years, had been abducted from their families and were forced to work selling handicrafts under threat of “physical and psychological violence”. Unrestricted and unethical experimentation could occur leading to advancements at rates faster than an ethically challenged setting could ever achieve.

So then what are they researching?

Well, our military and governments are making weapons like this:

  • the CIA’s Secret Heart Attack Gun, which fires a dart fully made of a poison that causes an heart attack.  It cannot be detected during a autopsy, can penetrate clothing, and only leaves a tiny red dot on the skin [Source: Military.com, CIA]
  • The US Military is currently researching “Silent Talk” for the battlefield [Source: Wired, Army Technology]
  • Directed Energy Weapons, which were used in the Iraq war [Source: Wikipedia]
  • CNN Report back in 1985 on Directed Energy Weapons

Recent news articles point to “sonic weapons” that induce illness, make it difficult to concentrate, cause a loss of hearing, difficult to speak, and even cause mild brain damage – with the most publicly mentioned were the 21 American Diplomats in Cuba and China [Source: 60 Minutes, Independent, CNN, New Scientist, The Times, Popular Mechanics, DR DK News, {translated}, Business Insider, South China Morning Post, The Guardian, News Week, CNN, Associated Press, Daily Caller, Fox 13, Foreign Policy, Miami Herald].  And notice that this technology goes back to 1953, where it was found that the Russians subjected Diplomats to Microwave attacks for over 20 years [Source: Boston College International and Comparative Law Review, CIA Archives, US National Library of Medicine, LA Times, Association for Diplomatic Studies and Training, Foreign Policy].

So, if this is what ‘we’ are making – then what type of research could ‘they’ be making?  While smaller picture things come to my mind, like hacking ATM’s to push out money for money mules to pickup at 3am at various branches, I like to think of larger, more intelligent things that would help them to quietly penetrate more lucrative markets, such as technologies enabling them to have greater influence over people, eavesdrop, and have the ability to communicate ‘silently’.

How they use the Internet

On June 15, 2016 NATO officially declared cyber-space a war zone [Source: New Scientist].  The cyber-security landscape is heading in the wrong direction, criminals are becoming more aggressive, more sophisticated, and effective [Source: CIO Magazine]. We all are aware that other countries also hack our systems to steal our Intellectual Property, having a negative effect on our economic health (loss of revenue, customer trust, policing, monitoring, availability / reliability, and costs to investigate / remedy / rebuild trust). Organized crime is also using the Internet to store and launder money, and hack into sensitive locations for illegal gains. 

Organized Crime is using the “Dark Web” (Deep Web), for profit, co-ordination efforts, propaganda, recruitment, providing of cell phone applications, and communications.  Here is a good article, published by Europol, describing overall usage (here). Europol published a document in 2014 and 2015 advising of the threats posed by organized crime groups on the Internet, with some of their activities being: crime as a service, malware, online child sexual exploitation, payment fraud, online criminal finances, crimes relating to social engineering, data breaches, and network intrusions [Source: Europol 2014, Europol 2015]. With organized crime partnering with terrorists, we should not be surprised to learn that terrorist are also using the Internet for those same reasons, and also for: intimidation, coordination, secure communications, remote drone piloting, reassurance, choreographed video’s and mass executions, civic forum boards and battlefield drones, documentaries, press releases, propaganda, online magazines, and targeted enlistment [Source: Aljezeera, Twitter, Defense News].

Some of the Internet technologies used are: [Source: Gizmodo, Popsci, Huffington Post]

  • TOR and Opera (Internet browsing).
  • Hushmail (encrypted e-mail communications).
  • CyberGhost VPN (access VPNs).
  • Locker (deletes files on mobile device after pass code retry count exceeded).
  • FAKE GPS, (users can choose a false location).
  • Telegram, Skype, Silent Circle, Kik, and WhatsApp (for communications and selling slaves).
  • ISIS uses Hashtags and Hashtag hijacking.
  • Twitter bot armies.
  • Radio station apps (created by people inside ISIS to spread propaganda).

Some solutions were made to be available on Android devices [Source: Security Affairs, PC Mag, CTV News]. Oddly, only for combating terrorist activities, a US Military research institution called, “Darpa“, modified their Memex application to help in the fight [Source: Defense Tech]. I wonder why this can not be used against organized crime?

Vulnerability

How vulnerable are we? Well, it is super easy to hack nowadays – it is taught on-line [Source: Academy E-Hacking Net].  Cyber crime is behind the greatest illicit transfer of wealth in history [Source: Reuters]. Meanwhile, both the Canadian and Indian governments have fallen far behind the rest of the world in their fight against cyber crimes [Source: CBC News, Times of India].

Our economic, government, military, and education infrastructures are subject to attack from Organized Crime, Nation States, and Terrorists on a daily basis.  For years, the US National Security Administration had been branded as having superior hacking skill sets and having access to tons of hacking tools.  But in 2016 their website was hacked, exposing vulnerabilities in their public facing architecture [Source: Fox News]. Here are, what I would believe, to be some of the more vulnerable targets that could be exploited:

  • It is suspected that the US Nuclear Submarine Fleet could be subject to attacks [Source: Homeland Security Newswire].
  • ISIS had hacked security cameras around the globe and was able to watch live footage [Source: Security Affairs].
  • Our public protection systems are vulnerable – a 911 Call Center was taken down by zombied cell phones calling 911 [Source: Broader Perspectives].
  • The hacking group Anonymous hacked into the Greece central bank and announced that they would hack into banks around the globe [Source: The Economist].
  • The US FDA recalled nearly half a million pacemakers for fear of their being hacked [Source: The Hacker News].
  • ‘Unpatchable’ vulnerabilities have been discovered in an industrial control system (ICS) that is used in many power plants.  The bad news is that the flaw has been publicly disclosed and the exploit code has been already released [Source: Security Affairs].
  • The Qatar National Bank was hacked with their taking a 1.4 GB trove of internal documents, files and sensitive financial data. The massive data dump appears to contain hundreds of thousands of records including customer transaction logs, personal identification numbers and credit card data [Source: International Business Times].
  • Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water [Source: The Register].
  • The American public utility Lansing Board of Water & Light (BWL) announced that the company became a victim of Ransomware attack knocking the utility’s internal computer systems offline.  BWL quickly shut down its networks – and suspended power and water shut-offs [Source: The Hacker News].
  • Hackers stole 2 Million dollars from Taiwan bank machines without even having a bank card [Source: Money CNN].
  • Hackers took 13 Million dollars from a South African bank using credit cards [Source: Money CNN].
  • 50 Russian hackers were arrested using the Lurk Trojan in Russia [Source: Cyber News Group].
  • A payment terminal botnet comprising of over 100 infected systems collected over 1.2 million card details [Source: Null TX].
  • The US Pentagon was also found to have weak network security that allowed access to internal US government systems for at least eight months [Source: ZDNet].
  • Holes in US computer network security enabled North Koreans to steal some US defense plans [Source: Endpoint Security Solutions Review].
  • The Military has been slow to adopt appropriate security measures in securing their networks and computerized battle systems.  Some microchips used in the majority of military hardware was purchased from a supplier in China that had a ‘backdoor’ encoded on the chip [source: Scribd.com] – easy to read article here.
  • Other articles: Ukraine Power Plant Hack, US Power Plant Hack, German Power Plant Hack, Israeli Power Plant Hack.

It seems that criminal activity is always one step ahead of any policing activity, and from what I see there are not enough deterrents in place to impede their growth – so I am curious as to just what it will take before serious actions are taken and meaningful deterrents put in place.

Using Software or AI to Detect the Penetration of Organized Crime into a Legit Business

Organized Crime is a threat to our National Security

In 2010 the United States National Security Council advised that organized crime is becoming a threat to their National Security. In 2013, Europol concluded that the Italian Mafia has the capability of manipulating elections and exploiting loopholes in legislation. They further stated that the Mafia is a clear and present threat to the European Union. In 2012, the RCMP’s top Mafia-hunter in Canada advised that the Mafia organization called the ‘Ndrangheta had been raised to a “Tier 1” National Threat.

It has also been reported that organized crime (Mafia) have become aligned with terrorist groups – working together for a common benefit. And finally, organized crime is known to be supported by Nation States that would like to see our nations crippled and weakened – and worse yet it is known that they have worked to penetrate our every level of government and to have connections with our military.

There has been a significant increase in the amount of organized crime infiltration into legit business. In 2016 just one single mafia group, the ‘Ndrangheta, was reported as having a portfolio involving billions of euro’s, thousands of companies, and tens of thousands of properties. Policing this is almost impossible, as there is limited insight into the workings of each company at the Government level. As well, the number of people, and the time it would take to detect and catch every single instance of illegitimate penetration into legal businesses, would be astronomical.

Tactics to infiltrate a small to medium business

  • offering support to the companies when they become in financial need
  • bribing or otherwise influencing high ranking people into ‘joining’
  • using businesses already influenced by organized crime to absorb competitors
  • choking legit businesses ill-favored by organized crime (eliminate the competition)
  • weaken the competition so that they can be merged or acquired

Financial Support / Loans

When cash strapped, both publicly traded and privately run companies run risk of becoming infiltrated or controlled by organized crime. Companies can become cash strapped when other companies already controlled by organized crime ‘chokes’ them, or by their taking advantage of an economic downturn. Financial support can also be shown through the actions of a companies purchasing department – by their favoring other organized crime controlled companies. Or by ensuring that those having controlling shares of a company are influenced by organized crime.

Infiltration

Individuals are hired in, or individuals are bribed, or coerced into joining. Once a business has been infiltrated by a person sympathetic to organized crime, that person will then use political means inside that company to ‘out’ individuals in key departments to ensure loyalty, with their intention of steering the company. This will continue until the business has either: become weakened and is requiring financial assistance, or has grown stronger providing more political power to those new ‘members’. Of course, organized crime will favour organized crime; therefore company contracts and suppliers will be changed accordingly but not made obvious.

Companies that grow tend to expand their business and will grow their geographical footprint as opportunities arise. This includes absorbing already established competitors. Of course, once a company is absorbed, key players are usually replaced or are absorbed into the new ‘culture’, with politics taking care of the remaining – and those remaining often not having any idea as to what is going on. Of course, companies hope those being hired bring a capacity to increase profits and applaud their efforts when this happens – they would have no knowledge that the newly hired person has illegal motives, connections, or loyalties.

Choking ill-favored legitimate businesses

By far the easiest tactic to hide from watchful radar, as companies are free to change suppliers as they deem fit. But the economy changes quite negatively when companies sympathetic to organized crime favour other companies with those same sympathy’s, as it starts to eliminate competition by reducing the number of legit companies. Volumes will increase at those companies, prices will be reduced, making everything look well run – but all at the expense of legit business who would be viewed as incapable of competing in that market.

Detection

Is there any way of monitoring business transactions, or the way that they are reported, to detect suspect illegal transactions? Or perhaps things such as sudden or significant changes in profitability? Financial institutions use software that monitors transactions to check for fraudulent transactions – could elements be transposed to other business models? If so, then is a possibility of policing this via the introduction of a data monitoring system (AI) built right into the business software used by companies – or by monitoring the transactions as they are committed to the database. If this data was gathered and analyzed across all of the companies operating inside our borders, then we could obtain a good footprint of criminal activities.

Perhaps this software could produce some sort of a report advising of the likeliness of suspect transactions – along with some pertinent details – for review. It would also be of benefit to know whom in the company performed the transactions. Criminal records and current suspects could also be drawn into this analysis – allowing a better footprint to be generated.

It is known that a significant number of communications are recorded, and transcribed into text for review by artificial intelligence or simple text searches. Perhaps this technology could be tied into this analysis? Privacy would not be a factor, as the software would only report suspicious data occurrences.

I believe the use of a software solution would reduce on the number of false positives generated using standard tactics employed today. This would reduce the cost of investigations and reduce manpower requirements.

Brazilian Anti-corruption Law – Should we also enact one?

It takes more than our simply talking about the threat that organized crime offers us and throwing a small task force at it – it takes significant action. We are competing with organized crime groups that have annual turnovers higher than some small nation states. On January 29, 2014, Brazil implemented the Anti-corruption Law, which mandates that legal entities will be held liable for illegal acts committed by any of its employees or by third parties, without the need to evidence intent or that the company’s management had actual knowledge or approved the specific improper acts. The authorities only need to evidence that the illegal acts were committed in the benefit or interest of the company. This could be considered one of the Brazilian Government’s biggest steps in its efforts to combat corruption and bribery. Companies are required to have a compliance officer, who is charged with the monitoring of the decisions of officers and directors, from an anti-corruption perspective, to ensure that decisions are in line with the company’s Code of Conduct and other policies.

Here, in Canada and the United States, I am curious as to just how far we would be willing to go to stop Organized Crime’s penetration into our legitimate businesses? Will we take a strong stand to protect our economy like Brazil has, or will we become another Italy where it was reported back in 2000 that the Mafia controlled approximately 20% of all businesses and had an annual turnover of about 15% of the GNP. Or Rome, where it is estimated 70% of all restaurants and bars are controlled or owned by organized crime.

As we pass the torch over to the next generation, how much of it will we actually own? How bright of a future will they have?

Using AI to Detect Organized Crime’s Communications

Organized Crime is a threat to our National Security

Various countries and states have recognized organized crime as being a threat to their National Security, or very close to. For instance, here in Canada the RCMP’s top Mafia-hunter advised that the Mafia organization called the ‘Ndrangheta had been raised to a “Tier 1” National Threat.

Telephone Communications

It is well known that the US Government has the ability to eavesdrop in our voice and fax communications. First was Echelon, a spy system that was shared by the US with other allied countries. It was capable of recording conversations that could be reviewed at will. Following this was Mystic, which was capable of recording an entire country’s communications and storing them for 30 days – this is only limited by the storage capacity of the Department currently running the project!

In some cases, collected information was used to help detect or determine those responsible for, or having knowledge of, terrorist attacks. This was determined through an examination of telephone calls made prior to the attack – ‘spikes’ in the number of, or location of, telephone calls made around the globe.

But now it is known that the US Government has been tracking communications since the early 1980’s, at first primarily to track the drug cartels, and then later to help with on-going high level investigations, and now terrorist activities.

Movement to Internet Based Communications

But just as with us, organized crime has also expanded on its capabilities and tech savvy. They have moved away from telephony communications and now focus on Internet tools – using chat, instant messenger, and other forms of communications.

Building Custom Applications / Tools

It is known that Terrorists, of which Organized Crime is becoming partnered with, is using tools such as GMail, Yahoo, Facebook, and Twitter to communicate through. As well, a short while ago it was found they were using their own “customized” tools to communicate. Terrorists created an encrypted email application called “Mohahedeen Secrets”, a mobile app called “Tashfeer al-Jawwal”, and an Android-based news app called “Alemarah”.

Considering the longevity that Organized Crime has had, and their long-term and stable profits, I wonder if they have also done the same? If so, how would you detect new forms of digital communications? Or find ‘hidden messages’?

Detect Hidden Data / Information – A Partial Solution

In an attempt to instantiate a system to help thwart these types of threats, Darpa created Memex, which serves to index information that is not currently being indexed by search engines. While a step forward, this has done only a little in the ability to map out the Internet, and bring to light some criminal activity (that could have been detected via other means). The real question becomes, “How do we find Organized Crime’s networks, network traffic, and messages on the Internet”?

Potential Full Solution

The NSA can break almost any data encryption methodology currently in use today. Even the anonymity and IP protection provided by TOR has been compromised. Considering the credible threat Organized Crime provides, I wonder if we should monitor, or better yet record the data present on the Internet and analyze it to see if there are any data patterns (representing information), hidden messages, or new communication methodologies being employed by Organized Crime to facilitate hidden communications in “plain sight”?

While the information would still need to conform to a standard TCP/IP packet, the data inside could yield anything. You could mount sniffers on routers functioning on the backbone of the Internet and use analytical software to detect new communication methods. You could extract the data in the packets and reconstruct the full data stream, to then apply pattern recognition to find hidden messages / meanings in larger data segments.

I am proposing that we create an AI that is capable of reviewing ALL of the information available on the Internet and bring to our attention only that information that is suspect for review. Of course, the response of the review would serve to ‘fine tune’ the system – serving to improve the systems ability to detect patterns or information that is meant to be hidden from us. I don’t think this would constitute a breach of privacy, as any data would only be read by an AI application – which would only be reviewed should the system detect something.

Putting perspective on this – we are at a disadvantage that must be reversed. Having the same fiscal resources, yet without the limitations imposed by a dependent public (health-care, transportation, education, etc.), Organized Crime is able to spend more money on the research of technologies that invade our privacy, gather our information, and use it to their advantage. Of course, taking advantage of the same computer exploits as Nation States, they would also be able to infiltrate our communications networks – just as we do them.

I wonder if they are also holding back on the development of privacy defeating technologies, showing us the same respect that we seem forced to show them???

Improving the Economic Health of our Nation

I believe espionage, hacking, malware, and ransomware, are being used to undermine our economy, national security, and ability to compete globally.

As I live in North America I am an advocate for the prosperity of those of us living in North America – but I do not believe it has to come at the expense of other nations. I believe, properly managed, as the economy strengthens so will its peoples, thus increasing the amount of ‘disposable income’ available, leading to greater prosperity.

In support of this, I believe there to be a few critical ‘systems’ that provide the framework necessary for prosperity:

  1. Government Services and Agencies
  2. Military
  3. Policing Services
  4. Utilities (Energy / Waste / Communications / etc.)
  5. Commerce / Trade / Foreign Ownership

Government Services and Agencies

Responsible for leading the nation and world-wide representation from a social, political, cultural, and economic view. Providing services such as health care, transportation, financial aid, and education, that are critical to daily life.

For this to work as expected, those working in these institutions must remain loyal to the nation and work towards meeting its objectives. Government agencies must work as seamlessly as possible and in the most cost effective way possible, while ensuring contracts are serviced by those sharing our loyalties

In 2010 the Canadian National CSIS Director raised concern that foreign governments were infiltrating local and provincial governments [Source: CBC News]. I am unaware of any corrective measures having been specified or enacted by the government – failing to raise the confidence level felt by anyone paying attention. More recently there was concern over Russia’s alleged interference with the recent US election, further lowering confidence in our leadership [Source: Council on Foreign Relations, CNN]. Spies also play an important role in the weakening of our government – in 2017 an expert suggested that there could be up to 100,000 foreign agents working for between 60 to 80 nations in America alone [Source: Wikipedia, CNNNY Post]. As well, foreign spy agencies are secretly recruiting students at educational institutions hoping to build long-term relationships with them [Source: New York Post, Town and Country Mag, Washington Post]. With such interference, who is to say how much turmoil felt within the government is caused by this? How much, and what type, of Intel is being leaked? What is the total financial cost associated with this?

Military

Responsible for the nations (and allies) protection, both from a local and world-wide perspective. Those working in the military must remain loyal to the nation. They require their technologies and communication infrastructure (computers / software / weapon systems / communication devices / etc.) to have been obtained from sources allied with the nation, who are themselves secure and loyal to their nation. Tactical information must be held secret, and only available as required.

We must remember that China and the US are not allies – they merely have strong economic ties. So we should not be surprised when we discover that China manufacturers had installed a ‘back-door’ on microchips made for the US Military. Why would not this manufacturing be outsourced to an Ally [Source: Military.com, Business Insider, Cyberscoop]? Just as with the government, espionage plagues the military, with our secrets being sold or freely provided to those working against our interests [Source: RealClear Defense]. Our military strength requires that our tactics, equipment, and communications remain secure, available, and the supporting Intellectual Property (IP) remain appropriately classified and secure. It was reported back in 2016 that China has gained military strength through the stealing of US defense secrets through industrial and cyber espionage [Source: National Interest Org, Globe and Mail, Clearance Jobs.com].

Policing Services

Responsible for upholding law and order, from time to time working with Government Agencies to ensure that the public is safe from threats from Organized Crime and Terrorists. Investigating illegal commerce activities. Their activities work towards our prosperity and a threat-free environment in which to live and conduct business.

But in 2007 a Canadian Royal Mounted Police (RCMP) report (released under the Freedom of Information Act) found that there had been 322 incidents of officer corruption charges across 11 years [Source: CNN]. As well, as they go digital, Police departments are finding themselves vulnerable to hackers and malware – impeding their efforts [Source: CNBC, Fast Company].

Utilities (Energy / Waste / Communications / etc.)

Responsible for the provisioning of all of the critical infrastructure that the general public would deem critical for our functioning as a society. If not managed directly by our government then we would hope that those owning these resources (while we would expect them to remain profit driven) would act as agents considering our nations best interests.

A significant number of these utilities use expensive, complex, older, outdated equipment and software that was never meant to be connected to the Internet, but now is. As we’ve seen in the past few years, the threats against our Utilities has increased, with outages affecting everything from nuclear reactors, power generation and distribution stations, clean water treatment plants, communication systems, GPS systems, and etc. [Source: Hot For Security, Forbes, Utility Drive]. Other threats are not at all discussed, such as the deficiencies in the current electric utility’s business model, which if left alone could lend to its eventual failure. With the monies to be made from these utilities, I wonder as to how it is possible for those owning / funding / investing to not see the short vision offered in the business models [Source: GDS Associates].

Commerce / Trade / Foreign Ownership

Required for the nation to remain profitable both in a local economic sense and within the world economy. Considering “Free-Trade” and the low cost of off-shore production, significant economic incentive must be provided for companies to remain on our nations soil. North American companies are trying to compete in an ever changing international market. Twenty years ago industrialized nations represented two-thirds of global output, with developing nations one-third – however in twenty more years this will have reversed.

Considering this, I am amazed that our industries and commerce remain under constant threat of espionage, cyber threats, and transnational organized crime groups working to launder money through our economy, with litle or no real action in place to protect them. The theft of our Intellectual Property has long-term financial effects, yet we remain focused on storing our data on Internet based servers [ZD NET, Retail Dive, Toronto Sun, MIT Technology Review]. It would seem that those driving our economic engine may not be doing so with our best interests in mind, as advanced countries are mired with sustained slow growth as they struggle with the long-lasting legacies from recent financial crisis, unsustainable fiscal balances, and aging populations – yet refrain from implementing protectionism policies [Source: Financial Post].

Root Problems

In all the above, I believe that the following three issues are root of all the above concerns: insecure communications, poorly defined data infrastructure, and weak nation loyalty.

Communications

Businesses, financial institutions, government agencies, the military, police, and the general public (essentially the nation) needs to be able to communicate securely. A large majority of our communications is sent through the Internet, which is easily hacked – and even if security were to be immensely improved would still offer a direct connection with other nations, agencies, organized crime and terrorist groups that are working against us. Why are our communications devices outsourced to the lowest bidder? Why have we not moved our communications systems off of the Internet?

Data Infrastructure

The majority of our critical infrastructure is available on the Internet. We remain under constant threat of our infrastructure being hacked. Even our 911 services have been hacked [Source: NBC News]. Rather than addressing our reliance on an infrastructure that is available to others who are working against us, we focus on the promotion of new technologies meant to help ensure that communications on this network are secure, or technologies geared towards ensuring maximum up-time, or counter intelligence, etc.. Why would we not move our critical systems off the Internet and onto their own, safe-guarded, and physically secured network?

Nation Loyalty

Why we do not promote the generation of sustainable wealth? Why do we allow outside influences positions of power inside our governments, our corporations, our military, our education and research facilities, and our infrastructures – serving to weaken our economic, military, and government engines. If this stems from a lack of national pride – then how do we address this? Is this problem monetarily based?

I believe it’s all about money. Are we so focused on the global economy that we have lost touch on our own? It would almost appear that our Intellectual Property, assets, communications, and economy are not viewed as having any value. You would think that the people who serve to make the highest profit from our having a fruitful and productive society would be working towards this – to keep their wealth and to keep it sustainable. Yet it seems to be the other way around. Is this because those influencing or driving our economy, military, and governments are actually those who would benefit from the insecurities, economic weaknesses, and instabilities seen today?

Who Should Burden The Costs Associated With Money Laundering and Terrorism?

As in most countries, organized crime in Canada can be linked to other crime groups world-wide, some of which can be further linked to foreign governments and terrorists.  It is also known that crime groups are penetrating legit businesses, using them to launder money.  These profits are supplemented through the sale of drugs, weapons, human trafficking, and the sale of other contraband.

Therefore by extension, affiliated terrorists and other crime groups are using this additional funding to support their own illegal activities, causing damage in a multitude of levels in the countries they are operating in.

The failure of one country to aggressively eliminate these criminal activities would therefore only serve to strengthen the ‘hold’ that affiliated crime groups and terrorists have in other countries.

This makes me wonder why other countries do not hold the Canadian government partially financially responsible for the costs to police, military, the economic weakening, and any property and other damages inflicted by affiliated crime groups in their countries?  Would the grip crime groups have within economies world-wide would be lessened if financial levies were to be applied between countries sharing those crime groups.

Or perhaps on businesses?  For instance many banks are known to have laundered monies for crime groups – yet it takes years for any financial incentives to be applied against them – which never seem to have any real impact.  What if they were to be held partially financially responsible for the actions of the groups they are allowing to launder money?

It seems that we share information and technologies, and yet we lack the will to share the financial burden to eliminate these threats to our society.  Through this, they become stronger.

I offer a reminder that Organized Crime groups are currently a Tier 1 threat to Canadian National Security and is becoming a threat to the National Security of the United States and Europe.

Posted on The Intelligence Community LinkedIn group.  Read the post and all the comments here.

Could Investigators Save Time Using Artificial Intelligence to Communicate With Human Traffickers?

After reading this article about a man who helped pioneer efforts to use data mining tools to help police locate victims of human trafficking on-line, I became curious about the possibility of using Artificial Intelligence to communicate with human traffickers (arrange ‘sessions’ with victims)?

Currently, investigative units are undermanned and overwhelmed with cases, and with the help of new technologies such as DIG, they are being bombarded with more information than they can handle – considering their limited resources, and the time required to tackle each case.

With computerized voices sounding incredibly realistic nowadays, I was wondering as to whether or not AI could be programmed to communicate with traffickers in an attempt to arrange ‘sessions’ with their victims?  This would give them more time to focus on other activities leading to arrests / convictions.

I would think that AI would be able to handle conversations limited to a narrow scope range pretty well.  Vocabulary would be simple and restricted to ‘street’ type communication. Parameters could be provided (street addresses, names, where the information was sourced, etc.), so that the AI could gain trust and remain credible.

Using Articifical Intelligence to Monitor Government Spending

With all of the advancements with Artificial Intelligence, I am curious as to why government spending is not currently being monitored by AI?  I believe this would reduce the cost of oversight, while improving the ability to detect irregular transactions.

It could be incorporated into budgets, helping to enforce proper bidding, and comparing cost with those of regular business transactions, helping to reduce the amount that governments are defrauded, or transactions aimed to benefit ‘friends of government’ – or organized crime. This works to ensure that payments allocated for services to be rendered are not inflated to be above regular business – reducing costs to public services, and making instances where ‘favors’ are performed more obvious and exposed.

It could further then be used to compare the differences between amounts budgeted and payments, requiring analysis to be performed when a difference existed that was above a prescribed tolerance.

AI would be indifferent and unbiased, and would only advise of irregular transactions, thus would not require investigation to discover bias.

With such obvious benefits, I question why this is not already used?

This was posted on the “Economist of the World” LinkedIn group, and has generated some comments – click here to view them all!