top of page

SCTX: Data, information and insight remain critical to countering the evolving threat of terrorism

Updated: Mar 26, 2019

Westlands Advisory attended both the SCTX show in London and the Home Office’s Security and Policing event in Farnborough earlier this month.

Both events coincided with a busy press week for security, with extensive reporting of letter bombs delivered to prominent transportation hubs in London and to Glasgow University, and the escalating issue of knife crime. Subsequently we know that there has been a claim of responsibility in the name of the ‘IRA’ for the explosive devices and the ongoing debate on knife crime has resulted in an additional £100m of police funding. Following the events there have been two high profile attacks in both Christchurch and Utrecht. Whilst the shootings at Al Noor and Linwood mosques in Christchurch had a clear terrorist motive, prosecutors investigating Utrecht also believe the shootings had terrorist intent. The focus on terrorism in recent years has been on Islamic extremism but the events in London and New Zealand are reminders that the threat remains diverse and complex, driven by a range of factors that can manifest in right-wing or separatist sentiment. These were subjects covered at the World Counter-Terrorism Congress with both a focus on how to prevent extremism, counter it and respond should an event occur. The overarching theme was that threats will continue to evolve whilst policy and technology must do the same to stay ahead of terrorism.

Inside the conference a key focus was on returning foreign fighters and how this shifts the balance of counter-terrorism strategy from eliminating networks overseas to dealing with radicalisation at home. Unifying many of the presentations and discussions were three key themes. Firstly, for governments to be more effective in combating terrorism they need to refocus on working with communities to prevent radicalisation. Put simply by several presenters, removing the leadership of terrorist organisations will not work as a standalone strategy. Secondly, this requires greater and improved information and intelligence sharing nationally, internationally and between private and public organisations. Finally, the focus on stopping the spread of extremist ideology on the internet must continue to help reduce radicalisation.

The main terrorist threat over the last two decades has been from Islamic extremism and most recently resulted in sustained military action in Syria aimed at dismantling Daesh’s administrative structure and training camps. The operation has been largely successful in reducing the localised strength of Daesh but has resulted in a new, emerging threat in the shape of returning fighters. Leadership from a US delegation cautioned against complacency, warning that the Sunni extremist threat remains both diffuse and diverse. Key messages focussed on the need for more intelligence on regional insurgency to allow agencies to predict future threats. Whilst the need for more data and intelligence was an ongoing theme throughout the week, the point was made frequently about how to deal with the data volume when the “haystack is bigger, and the needles more subtle”. Four questions that were raised and remained relevant throughout the conference were:

  1. How will the foreign fighter program play out?

  2. What will be the future of ISIS in Syria and Iraq?

  3. How will ISIS evolve in the context of a broader terrorist threat?

  4. What can be done to deal with the ideology?

A further presentation highlighted how Homegrown Violent Extremism (HVE) is new, evolving and hard to predict. HVE’s are usually self-radicalised with no direction from a terrorist cell or organisation. Several presentations stressed that the threat is not only from Islamic extremism but also a strengthening far-right. Unfortunately, Christchurch has become the most recent example of how nationalist, anti-immigration and societal prejudices can lead to terrorism. It is important that this is not regarded as a standalone, isolated incident. Since 2017 several extreme-right terror plots were disrupted in the UK whilst there has been a rise in anti-Semitism related offences including both the US and France.

Presentations focused on the difficulty of detecting HVE’s and why it is important to intercept those susceptible to radicalisation prior to travel to training camps overseas. Once they have departed, the risk they pose to society increases dramatically. The UK’s Prevent program remains a vital pillar of the UK counter-terrorism strategy and focuses on working with communities to help identify vulnerable individuals who are showing signs of radicalisation. A key challenge remains justifying expenditure on prevention programs as successes are difficult to quantify.

From 2015 to 2018 there were 85 attacks in the US, 64 of which were disrupted. Attacks were relatively simple, ranging from knife attacks to the use of firearms. A subject that didn’t gain much coverage, though was touched upon, is the increasingly sophisticated tools that terrorist networks deploy. The use of the dark web and high levels of encryption is common place and it makes it difficult to disrupt terrorist networks. Challenges faced by the security agencies includes how to tackle encryption, infiltrate online networks and prevent the spread of propaganda. Collaboration with tech companies, data analytics and social science appears to be the answer and it is clear there will continue to be investment and improvement in these areas.

How to gather and share intelligence is not a new topic at counter-terrorism events. The main message from presenters was that collaboration is improving and one of the most enlightening and encouraging presentations was from Europol. Europol has taken a lead role in centralising data and sharing intelligence with the wider law enforcement community. The number of operational reports that Europol delivered increased from 1075 in 2010 to 8280 in 2017, highlighting an improvement in international cooperation. This has resulted in several technology programs focussed on data management and analytics to improve identification and tracking of suspects at borders and within the European Union. Beyond policing and intelligence agency collaboration, an important point was made about the need for the military to share intelligence. They have been at the spearhead of the counter-terrorism effort in Syria, collecting information on foreign fighters that can be used to either prosecute or reduce the threat from returning fighters. However, Westlands Advisory still believes that this is a huge challenge and whilst the general message is that agencies are sharing, the openness and collaboration that is needed between the military and national law enforcement agencies is still an early work in progress.

The Anderson report into the 2017 UK terrorist attacks clearly highlighted the need for closer cooperation between CT policing, the intelligence services and other related agencies. An example of a UK program aimed at improving data sharing is the National Data Analytics Solution (NDAS) aimed at reducing serious violence, improving workforce well being and tackling modern day slavery. The machine learning led project is arguably the first of its kind globally, using extensive data sets from across police and government databases to analyse key predictive indicators. The project requires significant computing power and data storage, but technology is only one of the challenges. The legal and data protection issues, complications related to ethics and trust, a clear regulatory framework, ensuring transparency and accountability, and operationalising the outputs are also significant considerations and not easily solved.

A final takeaway from the conference was delivered by Faculty, an Artificial Intelligence (AI) organisation who worked with the UK Home Office to implement an AI powered solution to identify online extremist propaganda within 2 hours of it being posted so that it could be removed before spreading. The success of the project is part of a sea change amongst tech organisations who are now working much more quickly to remove content through using deep learning. However, the tech industry response to Christchurch appeared to be quick and co-ordinated but still did not prevent images being shared across multiple platforms. A review of the effectiveness of the response and recommended improvements will be interesting.

The Faculty presentation was also a reminder of how threats will evolve and provided an example related to WaveNet, a model used to generate speech that mimics human voice. The prediction was that in 3 years, through combining WaveNet with Deepfake, a deep learning technique to create human images, it will be difficult for humans to distinguish on the internet between who is real and who isn’t. The predicted widespread availability and use of the technology adds a further dimension to the maturing internet challenge of how to deal with misinformation and disinformation. In the hands of a terrorist organisation it poses the question how do we know what is real and what’s not real, and how do we stop it spreading? It is one of the many difficult questions that agencies and industry will grapple with over the next few years.

bottom of page