Australian Security Magazine - Security 2014 Pre-event Special Issue by MySecurity Marketplace

Print Post Approved PP255003/10110

THE COUNTRY’S LEADING GOVERNMENT AND CORPORATE SECURITY MAGAZINE | www.australiansecuritymagazine.com.au Apr/May 2014

The importance of critical infrastructure protection

WA Senate recount investigation – a breach of security in itself?

What you need to know in an ACTIVE SHOOTER situation

E U S S IAL I

C E P S ENT

V E E PR

Mobile Phone Forensics, Encryption, Cryptography, Firewalls, Passwords, and more! Cyber Security Special starting on page 33 $8.95 INC. GST

PLUS

TechTime - the latest in news and products

VISIT US AT STAND C20

Welcome... Welcome to this special pre-event issue of the Australian Security Magazine in conjunction with Security Exhibition and Conference 2014. Not only will you find a show floor plan, exhibitor list and product profiles along with the educational seminars and conferences available, but that it’s wrapped around the full version of the current issue of the Australian Security Magazine. We hope you enjoy! Chris Cubbage CPP, RSecP, GAICD Executive Editor

Event Introduction

AUSTRALIAN SECURITY MAGAZINE

s Australasia’s largest industry event for security professionals and end users, this year’s exhibition, now in its 29th year, will feature more than 160 leading brands who will be showcasing the latest business security solutions. Join industry leaders, key decision makers and those that influence the future of the industry, including representatives from the Government, commercial and corporate sectors to network, collaborate, share ideas, test new products and buy and sell the latest equipment and services. This year we have made the move to Melbourne, providing Victorian industry professionals with the chance to experience this world class national event. We are excited by the prospect of this change in our event schedule and the response from the Victorian market has been very positive. Returning for its second year, the popular event feature, Security World, will again be present at the 2014 expo. Security World will simulate real world environments for an airport, bank and car park, and will demonstrate how different products including biometric intercomms, CCTV solutions, motion sensors, surveillance software, bollards and perimeter sensors can integrate to provide a complete, secure solution. Furthermore, the New Product Showcase returns in 2014 and features ten of the top new and innovative products to launch in the Australasian market during the past 12 months. Professional development is another key element of this year’s

2 | Pre-event special issue - Security Exhibition & Conference 2014

event and we have an impressive line-up of international industry professionals to provide attendees with valuable insights during the prominent security seminar series. Confirmed contributors include Mike Howard, Microsoft Chief Security Officer; Blake Kozak, IHS Senior Research Analyst; and Douglas Florence Sr, Business Development Director Global Gaming (Avigilon). Carrying on the education theme, we are also very pleased to welcome the ASIAL conference and their delegates back to the show floor. The 2014 Conference will feature presentations from leading local and international security experts and a full program is available on page 14. The 2014 Security Exhibition & Conference is an event not to be missed for security industry professionals. This year promises to be the most innovative and impressive show yet and we look forward to welcoming you to the Melbourne Convention & Exhibition Centre in June. Best wishes, Brett Judd Exhibition Director Security Exhibition

AUSTRALIAN SECURITY MAGAZINE

Show Floor Plan

4 | Pre-event special issue - Security Exhibition & Conference 2014

Exhibitor List Exhibiting As

Stand Number

Exhibiting As

a&s Asia

A48

Jumbu

Access Communications

H42

Kaba Australia

Alarm IP Australia

H32

Karl Storz Endoskope

Alarmcorp

Stand Number A17 D8 C48

Kore Wireless

C43

ALLOYS

B27

Kowa Optical Products

B38

Altronix Corp

C35

Leda Security Products

C42

AME System

E36

Lilin Australia

Assa Abloy

G14

Lilin Australia

Attorney - General's Dept

A39

Lockit Systems (Aust)

Audio Products Group

B28

LRS Australia

H37

Austco

E43

LSC

D28

Australian Security Technology

B16

Magnetic Automation

i35

Avigilon

F28

Mainline Security

F37

Axis Communications

E14

March Networks

F35

B - Sealed

H38

Master Locksmiths Association

C37

Bens Wholesale Monitoring

C41

MEA Technologies Pty Ltd

H32

BFT Automation Australia

C14

Mega Fortris Australia

B32

Bollinger & Co

B42

Micron Security Products

B36

Bosch Security Systems

D19

Milestone Systems Australia

D14

BREON Enterprises

G43

Building Services Recruitment Australia

B31

Camvex Video Surveillance Systems

Canon Specialised Imaging

C20

Central Security Distribution

E28

CENTREVISION

J20

CIC Technology

F45

Cognitec Systems

Commend Australia

i30

ComNet Europe

F44

Com-Sur

A28

CR Kennedy & Company

C28

Craig International Balistics

Davcor Group – EKA / Smartlock / EVVA

D36

DYNACOLOR

J26

ELECTRO-COM

E42

EOS Australia

G28

EQL Networks & Security

F36

ETM Pacific

C45 J4

Flir Security

Flir Systems Australia

D29

FSH Fire and Security

E44

Fullnet

Fullnet Security

Gallagher

Gallagher Security

i38

Genetec

George Tang Industrial Corp. Geutebruck

A32 E8

B2 B47

MOBOTIX AG

Natural Power Solutions

J14

Nemtek

G36

Ness Corporation

G42

NetComm Wireless

B48

Nidac Security

Optical Systems Design

J28

Oztime Technologies

J18

Patriot Systems

F38

Pelco by Schneider Electric

F20

Pelco By Schnieder Electric

Perimeter Systems Australia

H36

Platinum Safes PPM 2000

J6 A30

Q Security Systems

RISCO Group

RosterLive – A WorkForce Software Company

J16

Salto

B20

Seadan Security

J29

Securitag Assembly Group

Security Distributors Australia

F41

Security Electronics & Networks Magazine

F42

Security Merchants Aust Security Window Solutions Ltd

G2 G38

Secusafe

J12

See Security

G44

SeeEyes

C44

Selectlok South

B46 H48

Grandstream

A45

Sensor Dynamics

Guardsafe Insurance

G47

Senstar Corporation

J13

simPRO Software

H28

Gunnebo

H5 Controls

C30

SIMTRACK

A43

Harcor Security Seals

J15

Snap Network Surveillance

A41

Hills

Sony Australia Limited

Honeywell

i20

STE Advantage

G48

Huski

C46

Steel Blue

A21

ID Supplies

C36

Stentofon

ID Warehouse

G32

Stentofon Communications Australia

Infratherm

D43

STid

C13

Integracom

E41

Sylo

H20

InteractCard

J32

Synology Inc

J10

Interlogix

G20

Takex

International Security Training Academy

A36

TDSi / VisioTech

A23

iOmniscient

D47

Thoreb Australia

A32

ISCS

C36

Touchpoint Meeting Services

C33

Trakpro

F43

Jacques Electronics

B1 H16

Jim's Security

H47

Verint Systems Australia

JJ SecuWatch

J22

Video Alarm Technologies

i14

Joinoutlet

F48

Vikotek

C16

Jumbu

Western Advance

D42

Pre-event special issue - Secuirty Exhibition and Conference 2014 | 5

AUSTRALIAN SECURITY MAGAZINE

Ezi Security Australia

MOBOTIX AG

The Comprehensive Surveillance Solution

he choice for high quality network video solutions. With a 75 year imaging heritage and focus on innovation, Canon offers everything you need to monitor and protect your environment.

High Quality Network Cameras with HD and FULL HD resolutions Canon’s range of surveillance cameras offer a wide choice of sizes, construction, field of view and video compression formats – so you can select a model that’s tailer-made for your workload.

VB-H Camera Range The VB-H series feature 4 camera models with the following specifications: VBH41 - PTZ Camera (available in black or silver) 2.1MP FULL HD 1080P | 20 X optical zoom | Built-in Image stabilisation | Wide Angle VBH610VE - Fixed Dome Camera 2.1MP FULL HD 1080P | Remote Optical Pan/Tilt/Zoom/Rotate during installation | 3 X optical zoom | IP66 rated | Ultra Wide Angle VBH610D Fixed Dome Camera 2.1MP FULL HD 1080P | Remote Optical Pan/Tilt/Zoom/Rotate during installation | 3 X optical zoom | Ultra Wide Angle VBH710F - Full Body Camera 2.1MP FULL HD 1080P | Remote Optical Zoom during installation | 3 X optical zoom | Ultra Wide Angle | Strong Low light performance

VB-M Camera Range

VB-S Camera Range

VBS30D - Compact PTZ Camera (World’s Smallest FULL HD Compact PTZ camera) | 2.1MP FULL HD 1080P | 3.5 X optical zoom VBS31D - Optical PT Compact Dome Camera 2.1MP FULL HD 1080P | Optical Pan/Tilt | 4 X Digital Zoom VBS800D - Fixed Compact Dome Camera 2.1MP FULL HD 1080P | Manual Lens Rotation VBS900F Compact Full Body Camera 2.1MP FULL HD 1080P | Wide angle

Strong in Low Light Environments With decades of experience in capturing accurate colour, quality imagery in low light and bright light areas and scenes where lighting conditions change dramatically has enabled Canon’s range of cameras to feature some of the strongest low light performance in each class. These range of cameras have the exceptional ability to capture low-noise colour video with little more illumination provided by a candle’s flame. An added functional benefit is that all cameras have extremely strong Wide Dynamic Range – what Canon calls, Auto Smart Shade Control. This is a new feature which can automatically change the lighting conditions of the scene or subject the camera is looking at. The cameras analyse the brightness of the scene and then select the optimal exposure and darkness compensation level to ensure that subjects remain sharp and clearly visible even in backlit conditions or dark environments. Advanced Intelligent Functions at the Edge Across the Canon range of cameras you will find six intelligent functions built into each camera. These include Moving Object Detection, Abandoned Object Detection, Removed Object Detection, Camera Tampering Detection, Passing Detection and Volume Detection. The cameras are sophisticated enough and powerful to do these analytics at the edge reducing the workload on your network. Canon RM Software Canon’s, “RM” is a quality, affordable platform for individuals and organisations wanting an easy-to-use Video Management Software. It supports H.264 compression enabling high quality recordings without driving up storage costs. Innovative keyword tagging and filtering features make it very easy to analyse data. It is available in three versions to support up to 9 cameras (RM9), 25 cameras (RM25) and 64 cameras (RM64). Additional viewer licenses are also available for networks larger than 64 cameras. Third Party Software All Canon network cameras support the ONVIF standard. Canon is also working with VMS companies globally to rapidly expand deeper integration of each model within market leading platforms. Develop your ideal solution – using your choice of software together with Canon network cameras. Extended integration or support for specific applications may also be possible with the use of Canon’s Software Developers Kit** On the right hand page you will see our current VMS partners which we are working with and their VMS platforms support the range or selected Canon cameras.*** Contact us at specialised.imaging@canon.com.au *Free online firmware from Canon’s service and support website may be required. **Not for general public issue. Available on a case-by-case basis under strict NDA agreement. ***Third party VMS integration is varied and constantly changing. Some Canon cameras are supported through ONVIF and/or others through dedicated drivers. Please check specific integration before

Strong Features across the Whole Range of Cameras High Quality Image Capture & Efficient Video Recording Equipped with powerful DIGIC DV III image and DIGIC NET II network processors used in Canon’s professional cinema EOS cameras, the range of Canon network cameras are able to capture exceptionally high quality images, with vivid, accurate colour and reduced image noise. All cameras also now support Windows 8.1 and Internet Explorer 10*

6 | Pre-event special issue - Security Exhibition & Conference 2014

making purchase.

FOR MORE INFORMATION CLICK HERE

SHOW FLOOR INSIGHT Company name: Perimeter Systems Security Industries Pty Ltd Product name: PIRAMID by PROTECH: XL2 Outdoor Motion Sensors Based in Sydney, Australia, Perimeter Systems Security Industries Pty Ltd (PSI) is an emerging competitor in providing innovative perimeter security solutions. A distributor for PROTECH, a leading manufacturer of indoor and outdoor intrusion sensors, they will be showcasing their PIRAMID XL2 outdoor motion sensor at Security 2014. The PIRAMID XL2 is the most reliable outdoor intrusion sensor in alerting security personnel to monitoring video available in the world market. It also provides the lowest nuisance alarm rate possible. With false-alarm-free performance and ‘volumetric’ protection under even the most severe environmental conditions, the sensor is not affected by extreme temperatures with an operating temperature range of -34°C to 66°C and still remains highly responsive to rapid infrared changes created by a human intruder. Additionally, moving vegetation, blowing debris, swinging signs, vibration and randomly moving objects are filtered out by the

sensor which has the ability to ignore randomly moving objects, even cats and low flying birds. It is encased in a rugged weatherproof IP65 metal housing, shielding the unit from RFI/EMI interference, rain, snow, wind and sun loading and is used extensively in both military/government and commercial applications.

Company name: Axis Communications Product name: AXIS P14 Series

AUSTRALIAN SECURITY MAGAZINE

Axis is the world leader in network video, leading the way to a smarter, safer, more secure world – driving the shift from analog to digital video surveillance. The new AXIS P14 Series is an innovative outdoor-ready and cost-effective camera series offering a compact design with a focus on ease of installation and clear identification. The series includes cameras with built-in IR as well as a top of the line model with 4K resolution. This all-rounder series for 24/7 video surveillance provides customers with a selection of out-of-the-box ready network cameras meeting their specific requirements and budget.

Company name: Pelco by Schneider Electric Product name: PIP Video Management System Pelco by Schneider Electric has long been associated with one of the most comprehensive product ranges that have made them a leading world supplier in the video surveillance industry. Their Endura Network Video Management system brings unparalleled image quality and system intelligence to Security 2014. A complete solution for high-definition video encoding, recording, and display, Endura is designed as an end-to-end system for the demands of professional IP video security. Endura is an ideal video management system (VMS) for mission-critical surveillance operations requiring around-the-clock monitoring and unwavering reliability. With the ability to scale thousands of cameras, Endura is designed to fit a wide range of applications – including airports, casinos, and

Company name: Infratherm Product name: CohuHD 3960HD Australia’s foremost supplier and service provider of FLIR (Forward Looking Infrared) cameras, infrared thermal cameras, HD thermal imagers, thermal imaging, radiometric systems and analytical software tools, Infratherm also provides a range of security products and solutions, ranging from personal security to large-scale infrastructure. They will bring the new Helios series of ruggedized positioners from CohuHD to the show-floor. This leading manufacturer of high-definition video surveillance camera systems, focuses on providing the most reliable, rugged, outdoor PTZ cameras in the market. 8 | Pre-event special issue - Security Exhibition & Conference 2014

city surveillance where there is no compromise on fault tolerance and system integrity is mandatory. Scalable to accept an unlimited number of HD and megapixel cameras, the Endura system is an intelligent, yet easy-to-use approach to video security that provides greater control, enhanced operational flexibility, improved management, and expanded recording, archiving, and integration capabilities. Customisable permission settings and unlimited user profiles enable access for multiple stakeholders, which drives a greater return on security investment.

From environments that are wet to corrosive, to polluted and hot, the Helios series – featuring the 3960HD – is especially designed for the performance requirements associated with critical infrastructure applications. The range features the industry’s highest level of design standards ensuring reliable operation in the most difficult environments. The Helios series also sets the standard for long-range surveillance. By combining HD resolution image sensors with powerful HD zoom optics, the ability to see further is dramatically increased when compared to fixed megapixel or standarddefinition camera systems.

SHOW FLOOR INSIGHT Company name: Steel Blue footwear Product name: Enforcers Safety footwear manufacturer, Steel Blue, will be presenting its new boot, the Enforcer which has been designed to specifically meet the footwear needs of first responders, including police officers, emergency services officers and security experts. The Enforcer promises to not only suit the hard and unpredictable nature of work in these industries but to also provide 100 percent comfort. The Enforcer boots are tough, lightweight and slip-resistant, making them excellent for running and climbing and ensuring a high level of security during volatile situations. Hygienically superior to most others on the market, Enforcers also feature pathogen resistant leather and anti-bacterial lining and are backed by a money-back 30-day Comfort Guarantee. When Steel Blue entered the Australian market in 1995, they quickly set the benchmark for safety footwear comfort. During the past decade, Steel Blue has steadily built a solid reputation and has always prioritised the R&D of new cutting edge products, technology and customer service with the aim to expand the business into a world-class company. This focus has won the business a swag of Awards and a long-list of ‘firsts’ including the first Aussie safety brand to earn European Safety Certificate and the first Aussie brand to have USA Safety Footwear Certification.

Company name: VisioTech Product name: 360 Vision Technology Predator cameras

Company name: BFT Automation Australia Product name: Oberon TRI A2000 INV At the forefront of innovation in gate security technology BFT AUSTRALIA manufacturer, supply, install and service motors for Garage Doors, Roller Shutters, Tilting Doors, Boom Gates, Swinging Gates and Sliding Gates and via a capillary network of installers and professionals operating throughout Australia and all over the world they can rapidly respond to any technical or commercial issues. A recent innovation in BFT’s gate security technology showing at Security 2014 is their high speed sliding gate motor, the ‘Oberon TRI A2000 INV’. With its sliding gate motor, the ‘BFT’s Oberon technology is especially designed to give remarkable speed of access, as well as secure a site from external threats. Its powerful sliding gate operator allows gates of up to 20 metres to open or close at a speed of 650mm a second. The Oberon’s 400Vac 3phase motor is controlled with a Toshiba invertor, which controls the adjustable speed through a built in control board. This control board is compatible with any access control system, as it offers a vast array of inputs and outputs with programmable logics for safety and security. To avoid damage or interference, the Oberon unit is protected by a steel enclosure with a security key lock.

Pre-event special issue - Security Exhibition & Conference 2014 | 9

AUSTRALIAN SECURITY MAGAZINE

As their sole distributor in Australia and the Pacific region, VisioTech will bring the highly sought after 360 Vision technology cameras to the show floor. Designed and manufactured in the UK, 360 Vision cameras add a new dimension to surveillance by using remotely activated and controlled directional light to deter intruders. The cameras feature ‘white light’ capabilities enabling the camera to display full colour images in low light conditions. The LED white light lamps are extremely bright and a spotlight effect follows the camera lens as it moves. This feature has proved to be a real deterrent to unwanted behaviour, as the person of interest immediately becomes aware that they are being watched. It also allows high quality images of faces, clothes, vehicles and other details to be accurately and clearly recorded, and the light can be used to follow intruders in the same way that a police searchlight might. The 360 Vision Technology Predator cameras combine virtually silent and totally smooth operation with incredibly accurate pre-set positioning to a full 360 degree pan and tilt field of view and are made of ballistic resistant material.

NEW PRODUCT SHOWCASE

resenting leading-edge security solutions that are shaping the industry, the New Product Showcase, provides the opportunity to see ten of the best security products to hit the Australian market within the past 12 months. The winner of the New Product Showcase will be announced at the cocktail reception on Thursday, June 5, at the SCSI networking bar. The most important component driving relevance of the Security Exhibition to visitors is access to the most innovative security solutions available. The New Product Showcase provides live demonstrations during Day 1 of the seminar sessions, in an informative setting that allows engagement with presenters as part of a Q & A to gain a hands-on understanding of the capabilities of each of these security solutions.

FULLNET Cisco Hyper scalable, Ruggedized Security Solutions Cisco Video Surveillance Release 7.5 delivers a hyperscale next generation intelligent video surveillance solution, built from the ground up with Cisco DNA, able to support 5 million video surveillance cameras on a single system. Cisco’s new ruggedized Switching, Routing and CCTV technology now enables you to deploy the solution in remote, mobile, and the harshest of environments.

These include a variety of technologies, products and services used in the protection of life and property in residential, commercial and institutional applications and include control pads, video surveillance solutions, and security cameras for very specific locations.

NIDAC Vandal Resistant, IP67 Keypad The VST43 standalone keypad offers exceptional durability and precision to control two doors independently and is tested for reliability and strength to stand up to harsh and hostile environments that comes with a Nidac Vandal Resistant, IP67 Keypad. This product is also available in a slimline version for smaller spaces (VST62 series keypad).

AUSTRALIAN SECURITY MAGAZINE

PELCO The Evolution 360-Degree Indoor Camera FLIR Bullet Security Cameras Experience the new collection of FLIR bullet security cameras for the thermal and visible spectrum. Choose from an assortment of visible HD bullet cameras with dual video output. Connect your cameras to an NVR using Cat5 Ethernet cabling, or utilise existing coax cabling with FLIR’s exclusive MPX technology. These exciting new thermal bullet cameras feature FLIR Cloud™ integration, offering easy remote connection, smooth video streaming and access to advanced cloud services. The new Thermal Mini Bullet cameras give you the power to see clearly in total darkness, provide unbeatable video security and are powered by the latest thermal imaging innovations in the world.

10 | Pre-event special issue - Security Exhibition & Conference 2014

The Evolution 360-Degree Indoor Camera is an IP camera with a 5-megapixel sensor and no moving parts. The unit is designed for quick and easy installations indoors where a professional light weight professional indoor enclosure is required. The Evolution Indoor Camera is a convenient surface-mounting enclosure that fully supports IEEE802.3af Class 2 Power-over-Ethernet for installation convenience. The Evolution Indoor Camera provides total situational awareness over a 360-degree field of view, generating a number of video streams at a choice of resolutions as well as configurable privacy zones and video motion detection within defined areas of interest. The Evolution Indoor Camera is suitable for ceiling, wall or table mounted applications and provides pleasing aesthetics in either black or white finish. A range of mounting accessories allows for easy ceiling, wall, pole and pendant mounting options

SEMINAR SERIES

AUSTRALIAN SECURITY MAGAZINE

he Security 2014 seminar series will deliver an extensive and highly specialised programme. Each of the three days will focus on different elements of the forwardfacing factors shaping the future of the industry in Innovation, Education and Recruitment. Speakers include security thought-leaders from public and private sector, end-users, Government, analysts, industry experts, service providers and suppliers.

Day 2: Education Day

Addressing the latest challenges in security, the series will provide business critical insight, best practice and practical case studies with panel discussions and presentations by contributors from various backgrounds.

Speaker: Heng Cheng Topic: Hostile Vehicle Mitigation (HVM)

These include speakers with experience of access control and accreditation solutions for the Commonwealth Heads of Government Meeting, Sri Lanka 2013, APEC 2007 and CHOGMs 2011 and 2013, international specialists in hostile vehicle mitigation, biometric technology implementation and others who have had senior roles in organisations such as Qantas, Defence and the Department of the Prime Minister and Cabinet and the Australian Army. Presentation - Executive Briefing 10.30am – Jason Brown – National Security Director for Thales in Australia and New Zealand Topic: Developing and implementing a Security Strategic Business Plan This session will consider the process to develop and implement an effective Security Strategic Plan aligned to business objectives. It will provide a model that you can use in your own business or advisory service to make and ensure the case for Security at the “Top Table”. Follow-up discussion opportunities and documentation will be provided by the speaker.

Day 1: Innovation Day • Fullnet • Flir • Pelco by Schnieder Electric • LILIN Australia • JUMBO • Mobotix • Stentofon • Seadan

12 | Pre-event special issue - Security Exhibition & Conference 2014

Speakers: Chris Buckley and Dave Neal Topic: Delivering a World Class Access Control and Accreditation Solution for the Commonwealth Heads of Government Meeting, Sri Lanka 2013

Speaker: David Turner Topic: Risky environment, calls for a new risk direction Speaker: Suzanne Lockhart Topic: Security Technology Adoption, Diffusion and Implementation Issues Speaker: John Bigelow Topic: When Security and Technology Collide

Day 3: Recruitment Speaker: Defence Force Recruiting Topic: Australian Defence Force Careers In the Australian Defence Force you’ll enjoy lots of benefits, like world class training, recognised qualifications, great pay, ongoing job security and the opportunity for career advancement. For many jobs you don’t need any experience to apply, however, you may receive recognition for any prior studies or qualifications. Most importantly, the Australian Defence Force help you get the best out of yourself. You’ll develop personal qualities and professional skills that will stay with you for the rest of your life. The Australian Defence Force offers a wide range of jobs and with more than 200 available, you’ll be able to find one that matches your skills, interests and education.

network illuminators

Full Lighting Control Anytime, Anywhere www.rayteccctv.com

QCamPro Smartphone App

The majority of camera/surveillance systems have their own app that allows you to have a look whenever it suits you. QCamPro also allows you to use this, but the key feature is it ‘notifies you’ when an event occurs. QCam Professional is a remote monitoring application for control of IP Video Cameras. The Latest Remote Technology – at YOUR fingertips.

Email us today, install the APP and gain greater control of your monitoring systems

admin@qcampro.com.au | support@qcampro.com.au

www.qcampro.com.au

PUSH

ATION

NOTIFIC

ASIAL CONFERENCE

he Australian Security Industry Association Limited Conference is a leading national forum to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences.

Delivering expert insight, analysis and perspective from eminent figures in the international security industry, the Conference will address practical perspectives in staying ahead of increasingly sophisticated threats to crowded places, critical infrastructure, company assets and individuals. Over three days, cross-disciplinary experts will share their experiences, knowledge and expertise on managing security challenges in fast evolving and complex environments. These include how digital CCTV is changing casino and gaming security; how the development of integrated systems and video analytics might combine to make our cities safer and managing security in a multi-tenant organisation. Presenting experiential scenarios on the latest innovative management techniques, Microsoft will chart its journey from using standalone physical security platforms, to cloud based, integrated, digital management of physical security systems across their global organisation. Looking to challenges that lie ahead, the Conference will examine the future of security in Australia, how the rise in cybercrime is changing the way we deploy services and do business; and national trends in Litigation. Speakers include: Day 1 (Wednesday 4th June 2014)

AUSTRALIAN SECURITY MAGAZINE

•

• • •

Mike Howard, Chief Security Officer, Microsoft; will discuss Microsoft’s journey from using stand-alone physical security platforms across systems such as CCTV, access control and intrusion detection, to cloud based, integrated, digital management of physical security systems across their global organisation. Learn about the challenges, the benefits and how such a large organisation orchestrated a cloud migration on a global scale without compromising security. Ted Pretty, Managing Director, Hills; will discuss the topic ‘The Future of Security in Australia.’ Steve Jackson, Qantas; will discuss ‘The Potential Threat Cyber Terrorism Poses To Aviation Security - How are Airlines Meeting The Challenge?’ Steven Cakaric, Principal, Aon Hewitt People Risk Solutions; will present on ‘People Risks: How to seize the opportunities and manage your people risks in a constantly changing regulatory and legislative environment.’ Steve Ronson, Executive Director, Dispute Resolution & Compliance, Fair Work Ombudsman; will give an overview of the Local Government Procurement Initiative. Tony Zalewski, Director, Global Public Safety; will discuss ‘Trends in Litigation,’ based on his expert work on civil legal proceedings across Australia. Tom Roche, Managing Director, SNP Security, Rachel Owens, Director, G4S Secure Solutions, Mike McKinnon, Managing Director, MSS Security and John Rogers, General Manager, Wilson Security; will join on a panel discussion on the ‘Integration of security systems and manpower- the opportunities and the challenges.’

Day 2 (Thursday 5th June 2014) •

•

Steve Sullivan, General Manager, Security, Safety & Emergency Management, Port of Melbourne; will discuss the topic of ‘Managing security in a multi-tenant organisation.’ Douglas Florence Sr, Business Development Director Global Gaming, Avigilon; will detail how digital CCTV is changing casino and gaming security. He will be joined by other leading security and surveillance directors from various Las Vegas casinos

14 | Pre-event special issue - Security Exhibition & Conference 2014

who will speak about the challenges of migrating a gaming establishment to digital surveillance, how a business case can be built for such a move and the benefits that this newer technology brings to such high risk environments. • Blake Kozak, Senior Research Analyst, IHS; will look at growth trends in access control, perimeter protection, intrusion detection and CCTV for 2014 and 2015, with a view to providing insights in the growth of the security market. • Dave Van Lambaart, Senior Consultant, Jakeman Business Solutions; will discuss the ‘Challenges for the contemporary Security Risk Manager.’ • John Makris, Partner, K&L Gates, will discuss developments in workplace, health and safety laws covering bullying and harassment, fatigue, high risk work such as manual handling and asbestos. • Chris Larcinese, Manager of Strategic Product Management, Bosch Security Systems Inc; will present on ‘The trend of smart home systems in America.’ • Vincent Lopes, Director, Inner Range, Graham Wheeler, Business Development Director, Mobotix, Tom Sykes, General Manager, Product Management, Hills , Wai King Wong, Country Manager, Axis Communications; will explore ‘Emerging trends and developments in Electronic Security.’ Note: Additional speakers will be added to the schedule progressively once confirmed. ASIAL reserves the right to alter the content of the program due to reasons beyond its control.

GET EVERY ISSUE OF THE

AUSTRALIAN SECURITY MAGAZINE

PERSONALLY DELIVERED BY CLICKING HERE TO READ THE FULL VERSION OF THE CURRENT ISSUE KEEP TURNING OVER!

Contents

Executive Editor / Director Chris Cubbage Director / Co-founder David Matrai Senior Editor Loreta Cilfone Marketing Manager Kathrine Pecotich Art Director Stefan Babij Correspondents Sarosh Bana Adeline Teoh

MARKETING AND ADVERTISING Kathrine Pecotich T | +61 8 6361 1786 promoteme@australiansecuritymagazine.com.au SUBSCRIPTIONS

T | +61 8 6465 4732 subscriptions@mysecurity.com.au Copyright © 2014 - My Security Media Pty Ltd 286 Alexander Drive, Dianella, WA 6059, Australia T | +61 8 6465 4732 E | info@mysecurity.com.au E: editor@australiansecuritymagazine.com.au All Material appearing in Australian Security Magazine is copyright. Reproduction in whole or part is not permitted without permission in writing from the publisher. The views of contributors are not necessarily those of the publisher. Professional advice should be sought before applying the information to particular circumstances.

CONNECT WITH US

Editor's Desk 17 Quick Q & A with Konrad Buczynski 18 Movers & Shakers 20 Feature Article Syrian recruitment: The battle for hearts and minds 22 National WA Senate recount investigation – a breach of security in itself? 26 The importance of Critical Infrastructure Protection 28 Breaking into BIM: Virtual red-teaming 30 International Towards an Asia Pacific alliance 32 India’s gory wildlife trade 35 Women in Security Out of the box 38 Frontline Dealing with an active shooter situation 40 Unmanned vehicles: Enhancing security, rescue and natural disaster management capability 44 Cyber Security The implications for cyber security in a post-Snowden world 47 Fighting fire with firewalls 48 Why we need to say goodbye to passwords and PINs 50 An introduction to block cipher cryptanalysis 52 Victim in the dark 54 Encrypting for cloud security and compliance 56 Rethinking firewalls for webs applications 57 Mobile phone evidence gathering: Sometimes the BEST form of evidence! 58 TechTime - the latest news and products 61 Up close 70

Page 8 - Syrian recruitment

Page 18 - Towards an Asia Pacific alliance

Correspondents

Sarosh Bana

Page 26 - Dealing with an active shooter situation

Adeline Teoh

Contributors

www.facebook.com/apsmagazine www.twitter.com/apsmagazine www.linkedin.com/groups/Asia-PacificSecurity-Magazine-3378566/about www.youtube.com/user/MySecurityAustralia

John Cunningham

Konrad Buczynski

Milica Djekic

Ammar Hindi

Linda Hui

Frazer Holmes

Paul Johnstone

Paige Leidig

Dr Pascual Marques

Stuart Porter

Phill Russo

Michael Steinmann

www.asiapacificsecuritymagazine.com

www.chiefit.me

www.drasticnews.com

www.youtube.com/user/ MySecurityAustralia

www.cctvbuyersguide.com Dr Robyn Torok

16 | Australian Security Magazine

Editor's Desk “Decay Theory: (psychology) a model of forgetting which assumes that memories fade and will gradually be lost if they are not occasionally refreshed.” - McGraw-Hill Science & Technology Dictionary

ecurity works when nothing happens. Or is it, if nothing happens security works? The spotlight is shone most commonly on security only after an event – and then it is likely to be seen as the cause and the solution. Much like safety, security must be near fully functional for best prevention and affect – any lapse will raise the risk and may allow a trigger event to form. Known as ‘Security Decay Theory’, security lapses over time due to complacency, only to decay to the level of triggering another event. Security is then reviewed, tightened and left to decay again, over time until the next event. And so it continues. In the 13th year since 9/11, the circumstances of Malaysian Airlines flight MH370 have been a phenomenal event to watch unfold – and as captivating in the unknown and yet to be reported events as 9/11 was in the first days and weeks. Our condolences to the families involved and they are at the forgotten core of this incident. Unlike to many of us watching the news, this event is real in emotion only to them and those directly involved. Once a catastrophic mechanical failure was ruled out, the first days naturally involved a spotlight on aviation security and the risk of hi-jacking – expect changes in passport security? Maybe. As the search continued into the first and second weeks, it also allowed extra discussions on global surveillance capabilities, international cooperation of military assets and search and rescue practices in extreme environments. The tragedy will continue to be subject to extraordinary in-depth review and learning. We hope to assist in that journey and your opinions and contributions are welcome. At the time of writing, the search and rescue is hopeful of a recovery 2,400km south west of Perth. More decay? We take a slightly different look at the Australian Electoral Commission’s (AEC) loss of 1,370 Senate votes in WA and the subsequent inquiry by the renowned, former Australian Federal Police Commissioner, Mick Keelty AO APM. With reference to the security decay theory above, one would have thought a reasonable security risk assessment would have been conducted by the AEC prior to the election – much like a safety assessment would be conducted prior to a builder commencing construction. Did they have a security advisor? During a recent

parliamentary hearing, chair of the parliamentary committee overseeing electoral matters, Victorian Liberal MP, Tony Smith, asked whether the 2013 election was the biggest disaster in the AEC’s history – to which Acting Head of the AEC, Tom Rogers, said; “You asked me at the start whether I thought it was the most catastrophic issue that we have dealt with, and indeed it is.” So why then, had the AEC not foreseen a reasonably foreseeable event and why was a security assessment not conducted? Part of the problem, I would argue, is because the security profession is not shouting loudly enough about how important security risk management has become in the modern world. The loss of 1,370 votes has resulted in a AU$13M– $20M loss from new election costs – let alone the reputation of our most fundamental democratic process! Does that highlight it enough? It is appropriate for the AEC Commissioner and WA State Manager to have resigned. Despite Prime Minister, Tony Abbott, telling businesses to rely less on Government – the security sector continues to need better regulation – and it is the Australian State Governments responsible for regulating the industry. In my view, it remains the Government’s framework that is directly responsible for restraining improvements in security awareness, training, standards and regulation. Opinions are welcome and we will take the opportunity to report on the Federal Government’s May budget, in comparison to 2013 election policies that would benefit the security industry. More importantly, in this issue, we feature a significant article by Dr Robyn Torok, concerning the ‘battle for hearts and minds’ in Syria. As the war continues into its fourth year, both sides need to sustain the battlefield with fighters. The conflict has evolved its use of propaganda and recruitment methods and Australia has already seen a number of nationals killed in action, including an Australian soldier. Dr Torok explains how Australians are being recruited in the first instance. This is the first of a two part article which is a troubling, but necessary read. In support of Dr Torok, we have other highly informative articles on regional affairs in the Asia Pacific and national critical infrastructure, through to frontline issues of active shooter situations, unmanned vehicles, India’s wildlife smuggling

trade, conducting vulnerability assessments and a special cyber security series with an insight into firewalls, passwords, mobile forensics, cryptography and encryption. Enjoy!!! Stay tuned with us as we continue to explore, educate, entertain and most importantly, engage.

Yours sincerely, Chris Cubbage

CPP, RSecP, GAICD

Executive Editor

OUR NETWORK Like us on Facebook and follow us on Twitter and LinkedIn. We post about new issue releases, feature interviews, events and other topical discussions.

Read Asia Pacific Security Magazine online! www.asiapacificsecuritymagazine.com/e-mag/

Australian Security Magazine | 17

....with Konrad Buczynski

Director, Agilient; and Committee Chair for the Australasian Council of Security Professionals

Konrad Buczynski started his career as an Australian Army Officer, security consultant, then Chief Security Officer and Crisis/BCM Program Manager at Thales Australia-New Zealand. Fifteen years later he is now Director of a specialist security, risk and resilience consultancy firm. How did you get into the security industry? Following a military career I was invited to assist in risk and crisis management planning for a major Australian financial institution. After a number of years on similar assignments I became what might be described as part the post-Sept 11 security profession. How did your current position come about? My business partner and I saw neat synergies between what we had been involved in over many years and what we thought would be of benefit to industry stakeholders. In a bid to take on some of the existing name brands, we combined resources and have subsequently enjoyed excellent success and are constantly evolving design of our portfolio of offerings. Agilient is a specialist security, risk and resilience consultancy firm delivering expert ‘endto-end’ security solutions to Government and the private sector. We recognise the ineffectiveness of multiple security suppliers often working in isolation for organisations, and position ourselves to best coordinate delivery of wholeof-organisation needs, or at least in coordination with those imperatives. What are some of the challenges you think the industry is faced with? Achieving an effective degree of industry unification for its advancement; this requires a pragmatic approach given the breadth of skillsets in the broader industry. The ACSP is doing an excellent job, but it requires the involvement and support of a broad base of security practitioners to be a truly effective voice ‘for’ the profession – registration is an ideal way to do this and will yield a range of benefits. Responsiveness to a constantly shifting security threat environment, which can routinely be unique to an organisation. This infers ongoing liaison and engagement with law enforcement, advisors, internal stakeholders and other relevant parties. Making the case to stakeholders well enough

18 | Australian Security Magazine

to overcome a singular focus on compliance in the procurement of security solutions, where it exists. Where do you see the industry heading? It’s an interesting question to answer because the ‘industry’ is represented by an extensive and composite grouping of professionals, some going in very specific, and often unique directions. That’s what makes it a challenge to look to compartmentalise the industry as a whole. This is a great thing though, diversity equates to sustainability and new techniques, methods and opportunities for collaboration. At the practitioner level, cyber/IT security will of course remain an increasingly critical function and skill gaps will likely continue, making it a solid occupation for those looking towards a sustainable career. There are a range of other security sub-disciplines that will also continue to thrive, such as National security functions and those linked to critical infrastructure protection. At the more strategic level, I believe that convergence and integration in security planning and implementation will continue to generate

better outcomes for organisations, and will deliver improved alignment between strategy and management. In a number of organisations it is not uncommon to see IT, as just one example, and ‘corporate security’, operate with sub-optimal coordination. HR, Procurement, Facility Management, IT, Operations and other functions all have important roles to play and coordination at the strategic level is key to successful integration and performance. This can often be hampered by procurement processes that are tolerant of multiple, single-use channels to vendor engagement. From an industry organisation perspective, I see the influence of foreign organisations waning in favour of local associations, councils and memberships, as a reflection of local support and recognition that Australia/Australasia leads in many respects. What do you do when you’re not working? I play golf, enjoy our world class beaches and in recent years have been somewhat of a perpetual renovator.

2014 SafeCity Conference Ipswich Queensland

10-13 June 2014 IpswIch cIvIc centre IpswIch

Queensland

australIa

Safer Communities In FoCuS Key Benefits of Attending • Expert Speakers who have utilised CCTV in National & International cases • Discover which technologies are available to use for your system • Tour current systems for local government and defence services • Work as a national team in preventing crime • Learn the governance behind CCTV • Develop strategies for enhancing community safety

HeAr from expert speAKers • Mayor Paul Pisasale – City of Ipswich • Craig Hanley – proactive and reactive CCTV monitoring • Peter Gomez (FBI) – legal attaché during the Boston Bombing investigation • Vlado Damjanovski – internationally renowned CCTV expert • Professor Brian Lovell – cutting-edge image analysis and facial recognition systems • Dr Subhash Challah – licence plate recognition and video analytics • Professor James Byrne – criminology and criminal justice • Deputy Commissioner Brett Pointing (Qld Police) – CCTV implementation and community partnerships • Acting Detective Inspector Tom Armitt – lead investigator in the murder of Eunji Ban (QLD) • Senior Sergeant Ron Iddles – lead investigator in the murder of Jill Meagher (VIC)

www.safecityconference.com.au

eArly Bird registrAtion ends 30 April 2014 To view full conference program and to register, visit www.safecityconference.com.au

Owen J Monaghan

Jeffrey Sit Honeywell has announced that Jeffrey Sit has been appointed as Vice President and General Manager of Honeywell Security Asia Pacific, reporting directly to Ron Rothman, president of Honeywell Security Group. In his role, Jeffrey Sit will lead Honeywell Security Asia Pacific as it continues to serve the region’s vibrant, high-growth economies. His appointment emphasises the consistency of Honeywell Security Group’s strategy in Asia Pacific to further innovate and create increased value for customers. Sit replaces Mabel Ng who was recently named Vice President and General Manager for Asia Pacific for the company’s Environmental and Combustion Controls business unit. “Jeffrey is already well known in Honeywell Security Asia Pacific from his current role as General Manager of East Asia and South China,” says Ron Rothman. “Jeffrey brings a wealth of experience to his new role with 20 years of industry experience and his strong focus on customers will ensure that Honeywell continues as their partner of choice.”

Bob McGowan URS has appointed Bob McGowan as Managing Director, Australia. In this position, McGowan is responsible for leading URS’s engineering, environmental and construction management services across all business sectors, including mining, oil and gas, water/wastewater, transportation, Government, and power. McGowan previously served as URS’s Regional Manager, Queensland, for the past 16 years where he developed and led the growth of the environmental and engineering business across various markets including mining, roads, rail, oil and gas, and water infrastructure. He has proven exemplary leadership and management performance throughout his 25 year career with URS. He also has a strong focus on health and safety, and has recently been appointed to the Safety Leadership Group for the Coal Seam Gas/ LNG industry in Queensland.

20 | Australian Security Magazine

Owen J Monaghan, CPP, has been appointed president of the ASIS International Professional Certification Board (PCB) for 2014. The PCB manages the ASIS certification programs by overseeing the standards, quality assurance, and examinations for the three ASIS board certifications: Certified Protection Professional (CPP), Professional Certified Investigator (PCI), and Physical Security Professional (PSP). The first active-duty law officer to hold this position, Monaghan is Assistant Chief, New York City Police Department (NYPD), currently assigned as the Commanding Officer of Patrol Borough Brooklyn South, the largest borough command in the NYPD. “The private sector is working more closely with law enforcement to manage today’s threats and it is important that we share a common ground of knowledge,” says Monaghan. “I strongly encourage active-duty officers to become board certified to enhance their credibility with their private sector counterparts.”

Regional Sales Manager based in Raytec’s UK Headquarters, Amy has spearheaded the growth of Raytec LED lighting in the security market for the Asia/Pacific region during the past five years, leading a vast number of high security, industrial and critical infrastructure projects. Quinn says, “Raytec are committed to providing our customers in Australia and New Zealand with the highest levels of support from lighting design to post-sales support, and our new sales office allows us to do this at a local level. There is a huge demand for Raytec products from this region, not only for CCTV and security but also for several vertical markets such as hazardous area lighting. My intention is to help Raytec partners fully service those opportunities.”

Chris Gibbs Emulex Corporation has announced 25 year industry veteran, Chris Gibbs, as its Vice President of Sales for Asia Pacific and Japan for the Endace division of Emulex. In this role, Gibbs will expand the Endace Network Visibility Products’ (NVP) field team and develop partner relationships for the Company’s network visibility products and services in the rapidly growing Asia Pacific region. Gibbs brings 25 years of IT sales and sales management experience in the region to Emulex. Most recently, Gibbs served as the Vice President of Global Accounts for Global Communications Service Providers (CSPs) in Asia Pacific and Japan at CA Technologies. Prior to that, Gibbs was the CEO of Torokina Networks. Throughout his career, Gibbs has worked for leading technology companies, including Concord Communications, IBM, Rational Software and Telstra. Gibbs comments, “I am thrilled to join such a highly skilled team and I look forward to growing our presence across Asia Pacific and Japan. I am confident that the Asia Pacific region will be one of our fastest growing geographies and will represent a sizeable part of our NVP portfolio in the very near future.”

Amy Quinn Raytec is pleased to announce they have opened a new sales office in Melbourne, Australia, following a year of significant growth and success in the region. The new office is dedicated to serving Raytec customers in Australia and New Zealand and is headed up by Amy Quinn, Raytec Business Development Manager ANZ. Previously a

Matthew Cawthorne Pilgrims Group continues its targeted global growth with the appointment of Matthew Cawthorne as Country Director, Iraq. With a background of 24 years as an officer in the UK’s Royal Marines and a further five years serving a reconstruction agency and corporate clients in Iraq, Cawthorne will have responsibility for Pilgrims policy and strategy in that country, including all aspects of existing contracts and the development of new business. “My aim is to build on Pilgrims marketleading technical excellence to grow the company’s business in Iraq,” says Cawthorne. “With an estimated $1tn of infrastructure investment in the country over the coming years, we aim to provide security services for companies participating in Iraq’s resurgence as a significant regional player. I will focus on building cost effective service delivery for current and new clients, drawing on our substantial Iraq-wide network of friends and trusted contacts.”

If you have an entry for Movers & Shakers please email details and photo to editor@australiansecuritymagazine.com.au

CIOs, IT Leaders and decision makers • Big data • Communications • Cloud computing • Technology systems • Interviews with industry thought leaders plus much more.

Feature InArticle

Syrian recruitment: The battle for hearts and minds The battle for hearts and minds is a very important battle, because we are not only fighting in the battlefield, we are also fighting in the realm of ideas. - Anwar al-alwaki The internal conflict in Syria has continued to draw world-wide media attention as well as international criticism, especially for the resulting humanitarian crisis. Compounding the crisis is the complex political and religious landscape of the rebel movement that composes more than 1,000 groups. These groups have a variety of ideological views, as well as differing perspectives on the future of Syria. Such differences have caused conflict between rebel groups. By Dr Robyn Torok

22 | Australian Security Magazine

he legacy of Anwar al-Awlaki continues to exert strong influence in jihad circles, particularly the importance of the internet as a tool for fighting in the realm of ideas which al-Awlaki regarded as just as important as the physical battlefield. In fact, it is widely stated that half of jihad is to occur in the media. This article focuses on the key ideas found to be circulating on social media platforms in relation to encouraging Westerners, including Australians, to participate in the Syrian conflict. It is also important to note that it is the jihadi terrorist groups such as al-Nusra and ISIS, that are key propagators and beneficiaries of these ideas in terms of gaining foreign fighters.

Propaganda of the Syrian resistance forms an important foundation for the way jihadists attempt to battle for hearts and minds in relation to recruiting. Nevertheless, systems of ideas needed to motivate people for action, especially in terms of risking their own life in a foreign country need to be much more extensive and impacting. People need to be fully encased in a system of ideas that are continually reinforced from multiple sources and elements toward not only fighting in jihad, but being a martyr. Foundational propaganda used by resistance groups focuses on the atrocities committed against the Syrian people coupled with the perceived inaction of both Middle

Feature Article

Eastern and Western Governments. Firsthand experience with such atrocities is sufficient motivation for much of the local Syrian resistance and forms an important starting point for recruiting foreign fighters. However, Westerners – Australians, are taken through a journey of ideas and concepts aimed at engendering their commitment to not only a focus on fighting, but more importantly, martyrdom and seeking the highest places (Al-firdaus Al-ala ) in Jannah (Paradise). Targeting the Western Muslim identity Sharp distinctions are made between the Muslim lifestyle in which jihad is central and the decadent Western lifestyle in which a person’s very Muslim identity is challenged. Outlining the duties and obligations of a ‘true believer’ was a critical aspect in reaching out to Western Muslims. In fact, Western Muslims are encouraged to return from their state of ‘jahl’ (ignorance). Failure to do so is threated with poverty, displeasing Allah and even hellfire. As Abu Bakr stated; “If people do not practice jihad, Allah will inflict them with poverty.” Further, to not practice jihad is to be in danger of hellfire itself. Recruits are also instructed that he Mujahideen and the Qaideen (those sitting at home) are not equal in the eyes of Allah, and that no action is equivalent to that of jihad in the path of Allah. A direct call goes out to the recruits: ‘My dear brothers in Islam, the fields of jihad are in need of you, and the military training camps are searching for you, so where are you when it comes to aiding the weak and oppressed one’s in the world? Redeem yourself from this ignorance that enslaves you and return to ‘true Islam’.’ Ignorance that recruits are needed redemption from include sitting at home and not engaging in jihad and following ‘true Islam’, being critical of the mujahideen and not supporting them. Also, the ideals of the family unit are challenged, ie, that people who allow their children to watch Dora the Explorer, Sesame Street, and Sponge Bob Sqaure Pants are allowing their children to become homosexuals, lesbians and drug dealers later in life. Instead, children should be trained with guns and in the path of jihad. Recruits are told to come out of their ignorance and: ‘let your houses be places for lions not chicken farms in which your sons will be fed then slaughtered by tyrants, like sheep. Instil in the hearts of your sons/children the love for jihad and the love of battlefields. Share the problems of Muslim Ummah. Live one day a week as refugees and how the Mujahideen live. They live on dry bread and tea.’ Sheikh Abdullah Azzam It is further made vitally clear to Westerners, that the only way to redeem yourself from a state of ‘jahl’ (ignorance) is to action oneself in jihad; even better, to be a martyr in the cause of Allah. Redemption from ignorance involves no longer living for self but living for Allah through the path of jihad. Essentially, it means turning from your past and following ‘true Islam’ and becoming a martyr. Redemption from Allah is instructed to be in the act of martyrdom itself not just fighting in jihad, although recruitment to jihad is the first stage of that redemption process. ‘The path of jihad and

‘My dear brothers in Islam, the fields of Jihad are in need of you, and the military training camps are searching for you, so where are you when it comes to aiding the weak and oppressed one’s in the world? Redeem yourself from this ignorance that enslaves you and return to ‘true Islam’.’ martyrdom is the best and fastest way to change and make up for what you did in the past and please Allah and win back his favour’. Jihadi scholars such as Abdullah Azzam are quoted, especially regarding the defence of Muslim lands as the first obligation of Muslims after Iman (belief/faith in Allah). Essentially, Western Muslims are encouraged to reorient their journey to make jihad central. This migration (Hijra) to jihad is viewed as both a journey and as evidence of ‘true belief ’. Furthermore, the mujahideen who participate in jihad are presented as much more favoured in the eyes of Allah than those who don’t participate. More than this, jihad is presented as a path not only to success but also to enter paradise. Centrality of martyrdom Jihad may be a journey, but martyrdom is the destination – the ultimate goal of a mujahideen. Those travelling to Syria are not only told to be prepared for martyrdom but to actively seek it. Having a love for martyrdom is an essential part of the preparation. Narratives of past martyrs are continually circulated and brought to the fore as these individuals are elevated in the same way that Australians respect those who have given their lives in service for our country. Not only are the martyrs themselves elevated but their words are given a special authority and quoted as almost a sacred form of text. These ‘shahada’ (martyrs) are the role models for those joining the conflict or as it is put ‘the caravan of martyr’. Martyrs are offered a list of rewards, some of which are well known such as the 72 virgins. However, there are also other important rewards promised such as redemption and forgiveness. This ties in with the redemption from ‘jahl’ (ignorance) when one follows the path of jihad in the cause of Allah. Martyrdom also promises freedom from the agony of death and this is supported by widespread narratives and photographs of martyrs who die with a smile on their face. Additionally, jihad promises redemption for family members. Some jihad texts promote a substitution system where for each unbeliever that one kills, they gain one redemption promoting mass casualty operations. Creating a system of ideas with enough influence to encourage a person to seek martyrdom involves not only presenting a list of rewards but more importantly, powerful imagery. Two powerful images are presented in relation to martyrdom and were common on social media pages relating to Syria. First is the concept of being ‘in the heart of green birds’. This image captures the soul of the martyr being free and flying in the heart of a green bird in paradise. Western

Australian Security Magazine | 23

Feature Article

“There is no other technique or means which strikes as much terror (like 9/11) into their hearts and which shatters their spirit as much as martyrdom operations. And because of these operations, the disbelievers cowardly refrain from mixing with the population.” recruits are targeted by comparing this concept to that of superman. Recruiters aim to capture the childhood dreams of being free to fly like superman as the experience of a martyr being in the heart of a green bird. The second form of imagery is ‘in the shadow of swords’ which captures the pathway or gateway into the afterlife. Simply put, this concept presents the fact that the gates of heaven are opened during battle so that when a Muslim in engaged in jihad the gates of heaven are open and ready to receive the martyr. Together, these ideas present a martyr having a ‘beautiful death’ followed by a ‘beautiful paradise’. These two images are reinforced by the concept of Alfirdaus Al-ala (the highest place in paradise) where martyrs are given the best mansions, take the highest places – given that they are in the heart of green birds, and are the most favoured of Allah. Social media evidence suggests that these discourses are well presented in relation to the Syrian conflict and are targeted toward the Australian audience. Of concern is the coherence and detail of these ideas that are aimed at fully encapsulating those online in a battle for hearts and minds. Evidence also suggests that those going to Syria are not only going with this jihad mindset but also a martyrdom mindset. One online text aimed at Westerners, more so, Australians encouraging them to commit acts of terror in their own countries ends with a powerful quote: ‘Kuffur [unbeliever], wait for the lone lion’ (the formal black suit jihad), a reference to the damage that can be done by one individual which is especially concerning in an age of lone wolf terrorism. More importantly, it is made very clear that the attack on home soil from ‘the formal black suit jihad’ should come by a jihadi who has won the trust of the kuffur. The attack should not only come from one that is ‘trusted’, but the ‘trusted’ one (jihadi) should also fit into the work place or social scene just like any Australian and be completely undetected and off the radar of surveillance. The jihadi is instructed that nothing drives more fear into the West than an operation of martyrdom on their own soil. As Sheikh Yusuf ibn Salih-Al-Uyayira said; “There is no other technique or means which strikes as much terror (like 9/11) into their hearts and which shatters their spirit as much as martyrdom operations. And because of these operations, the disbelievers cowardly refrain from mixing with the population. And whoever penetrates into the enemy

for the sake of Allah and to gain his pleasure, he is a shaheed (martyr) who has entered the highest of paradise.” Part 2 will feature in our next issue Jun/Jul 2014. It will include the risk that fighters pose upon their return to Australia, the types of martyrs as well as ‘the formal black suit jihad’ including proposed targets and training for lone wolf operations. About the Author Dr Robyn Torok is undertaking a second PhD in Security Science at Edith Cowan University in Western Australia. Torok’s research focuses on the role of the internet (social media) in recruitment of terrorists to jihad, in particular, to martyrdom operations. Torok specialises in home-grown terrorism and the threat lone-wolf terrorism poses to Western nations, including Australia’s, and how this threat will impact the country’s national security. Torok’s research is leading the way to enable better understanding of how the internet is used to influence, steer, guide and change a person from moderate views of Islam to more extreme views leading to terrorist recruitment.

The attack should not only come from one that is ‘trusted’, but the ‘trusted’ one (jihadi) should also fit into the work place or social scene just like any Australian and be completely undetected and off the radar of surveillance.

24 | Australian Security Magazine

www.cctvbuyersguide.com

For all the latest in CCTV products and news. www.cctvbuyersguide.com

National

WA Senate recount investigation

– a breach of security in itself? On April 5, 2014, Western Australians went back to the polls - thanks to the ‘lax’ and ‘complacent’ practices of the Australian Electoral Commission (AEC) at the September 2013 Federal Senate Election. The AEC Commissioner and WA State Manager both resigned. By Chris Cubbage Executive Editor

26 | Australian Security Magazine

n December 2013, former Australian Federal Police Commissioner, Mick Keelty AO APM, based in Canberra, investigated the loss of 1,370 Western Australian Senate votes. Mr Keelty criticised the Western Australian Electoral Commission’s ‘lax’ and ‘complacent’ practices. He found there was no apparent policy or process to cross check rubbish and recycling before disposal to ensure ballot papers were not accidentally thrown out. He also identified a ‘loose planning culture’ and a ‘complacent attitude toward ballot papers in the AEC’s WA operation’. He recommended specific Ballot Paper security provisions, monitoring by CCTV and intruder alarm systems. The Special Minister of State, Michael Ronaldson, said the Keelty report raised serious concerns about the current practices of the AEC, in relation to the security of ballot papers, logistics and training. Yet turning the investigation spotlight back on itself, the question becomes could Mr Keelty himself be in breach of the WA Security and Related Activities (Control) Act 1996 (the

Act)? Technically, should Mr Keelty have been a licensed security consultant to give this advice? And pursuant to the regulatory requirements of the Act, was Mr Keelty even appropriately qualified to conduct the inquiry in the first place? In Section 28 of the Security and Related Activities (Control) Act 1996 (the Act), an investigator is a person who for remuneration conducts investigations into the conduct of individuals or bodies corporate or the character of individuals. Section 30 of the Act, states a person must not act as an investigator except under the authority of an investigator’s licence, and subject to a $15,000 penalty. Section 13 of the Act states a security consultant is a person who carries out all, or any, for remuneration investigates or advises on matters relating to the watching, guarding or protection of property. Section 17 of the Act states, a person must not act as a security consultant except under the authority of a security consultant’s licence. A person must not carry out such

National

“What are the ramifications for the future of security services if legislation isn’t applicable or adhered to by Government but places restrictions on the private sector?” activities of a security consultant that a person holding a particular class of security consultant’s licence is authorised to carry out except under the authority of a security consultant’s licence of that class, and subject to a $15,000 penalty. On 5 November 2013, Mr Keelty was engaged by the AEC as an independent contractor, without entitlement to claim any employment entitlements and without the need to have any insurances, though private worker’s compensation and professional indemnity insurance was recommended by the AEC Commissioner. The AEC sought Mr Keelty to conduct an urgent examination into the circumstances that led to the exclusion of votes in the WA Senate recount. Yet, as of 5 November 2013, Mr Keelty was not a licensed investigator or a licensed security consultant in Western Australia. The intention here is not to discredit Mr Keelty’s investigation or security recommendations, but to highlight when regulatory compliance is overlooked and inadequate. For example, renewing a security agent, consultant and investigator licence will cost more than $2,000 in WA. Mr Keelty was engaged on terms in excess of this amount, per day. Yet, if an Investigator or Security Consultant is engaged by a private sector organisation, they would have been required to be licensed and to do so, would have presented the mandatory investigator and security qualifications required under the legislation – noting that former police qualifications are not recognised. Mr Keelty holds a Masters of Public Policy and Administration and a Graduate Certificate in Criminal Justice Education. The WA legislation is such that the security consultant must have a minimum qualification of a Certificate IV in Investigations and a Certificate IV of Security Risk Management. The prescribed qualification approach in place makes comparison of skills and experience impossible and unnecessarily complex. After raising concerns, the Western Australian Police Licensing Enforcement Division informed in writing that, ‘Mr Keelty has not breached the Security and Related Activities (Control) Act Legislation, as Mr Keelty did not act as an investigator as defined in Section 28 of the Security and Related Activities (Control) Act 1996’. WA Police further informed, ‘…the inquiry is to be made into the procedures relating to the handling of ballot papers and make recommendations to improve procedures…’ and that the ‘inquiry undertaken by Mr Keelty was limited to procedures... and not conduct’. Yet, Mr Keelty refers to his separate report concerning the ‘actions of individuals’ and is quoted by many media sources in reference to not ruling out the possibility of

corruption. It is apparent that he included ‘individual’s actions and conduct’ in his inquiry – thereby falling into the gambit of an investigation, as defined in the Act. Despite the requirements of the legislation, Section 5(2) of the Act exempts the need to be licensed while a person is performing official duties as a public officer of the Commonwealth or State Government. A public officer is defined as a person who is employed by the Crown or by a body that is an agent of the Crown. And in the shadow of findings from recent NSW Independent Commission Against Corruption (ICAC) hearings, a person providing consultancy services to Government agencies, in performing work for these agencies, is a public official for the purposes of the NSW Independent Commission Against Corruption Act 1988. Thereby, Mr Keelty was employed as a public officer and exempt from licence requirements. Indeed, it seems on that basis that any person engaged as an independent contractor by any Government agency is exempt to hold a licence under the Act. What should be asked is, “What are the ramifications for the future of security services if legislation isn’t applicable or adhered to by Government but places restrictions on the private sector?” Does it demonstrate that legislation controlling the security profession is unnecessary, in particular when Government is able to parachute advisors in at will, but the private sector is limited to advisors in their own State? In contrast to the physical security and inquiry profession, the Information Technology Security Professionals continue to be self regulated. It remains time for security professionals, of both physical and cyber domains, to be extracted from the limitations of the state licensing provisions. This then allows the police enforcement divisions to focus on monitoring and controlling the frontline officer, installer and crowd control elements of the industry. The engagement of Mr Keelty for this investigation and security review, albeit exempt from licensing requirements under Section 5(2) of the Act, provides another example why national reform is needed of security and inquiry legislation and controls. Australia’s leading security industry and professional bodies all support reform and mutual recognition of the security services sector across the States and Territories – maybe the AEC debacle, set to cost the public purse an additional $13 million, will highlight again why it is in Australia’s national interests to start paying the sector the attention it deserves.

Australian Security Magazine | 27

National

The importance of Critical Infrastructure Protection The term Critical Infrastructure Protection (CIP) relates to the systematic and pragmatic approach to the protection of assets, supply chains and networks whose unavailability would have a significant detrimental impact on the security of Australia or the social and economic wellbeing of its people. By Frazer Holmes

IP examines threats and possible attacks against the critical assets of a country. It takes an umbrella approach to look at what measures are taken, what measures are effective, and what possible counter attacks can be used in the successful deployment of protecting critical assets. There is national, Territory and State based guidelines and frameworks for the protection of Critical Infrastructure (CI) geared to provide a framework for a national and consistent approach for the protection of CI assets. Although they primarily are designed to focus on the protection from terrorism, the guidelines recognise that treatment for CI assets will depend on the individual assessment and criticality of the asset, the security posture and profile for the asset or relevant sector. Of which terrorism is but one of many threats from which CI needs to be protected from. As such, the responsibility for the continuity of CI is shared by all Governments and by owners and operators alike. Further to this, the Australian Government has developed the Trusted Information Sharing Network (TISN) for critical infrastructure resilience. This provides an environment where owners, operators and Government can work together to share information on security related issues affecting CI assets and the continuity of operations associated with all threats. This strategy has a strong focus on developing partnerships, and illustrates the commitment of the Australian Government to working with owners and operators and State and Territory Governments to achieve complementary and mutually beneficial outcomes. Why protect Critical Infrastructure? What is being protected is not always the infrastructure itself but the services it provides. Therefore CIP involves a range of strategies with the objective of protecting not only the

28 | Australian Security Magazine

physical ‘infrastructure’, but all assets that are deemed ‘critical’ in the sense that we could not do without them. Or at the very least, the disruption to their services would make life difficult, or affect our national security. A number of these strategies include protective security, crime prevention, business continuity and risk management, and emergency management. An asset could be deemed critical when the services it provides are vital to a State or the nation as a whole. The list of infrastructures and services that may be considered critical includes transportation, defence, industrial, telecommunications, banking and finance, agriculture, food, water, power, public health, Government services and emergency services. Understanding where the real threat lies An understanding where the major threats will come from is imperative when determining what needs to be protected and why. Some may argue that attacks on CI may appear to tie more closely with terrorism and war than with any other area. While events such as the 9/11 attacks on the World Trade Centre and the Pentagon, and the attacks on the London Underground Railway system in the UK, all targeted aspects of what we term CI. However, it may be questioned that we are overplaying terrorism (perhaps out of hype or fear) and underplaying the danger of Mother Nature? Both of these areas call out for a CIP response. The question is which areas should we devote more time, effort and finance towards, man made threats such as terrorism, civil war, issue motivated groups and so forth, or natural threats such as earthquake, flooding, fires, cyclone, drought etc? The answer may not be as simple as one may assume, however, one thing is certain and that is all such incidents must be considered in order to provide a holistic and coordinated approach to CIP.

National

Emergency Management and Response The importance of CIP transcends the traditional safety and security regimes, and therefore a shift in the traditional mindset to incorporate a balanced and coordinated approach to not only focus on the protection of the assets themselves, but how can we manage, respond to and recover from such incidents is needed. These actions and tasks refer to deliberate activities that are undertaken in advance of an incident to develop operational capabilities to facilitate an effective response. Large scale CI threats will take their lead from the global context, however, it behoves us to do our bit and minimise the effect by being prepared as much as possible. As a result, business continuity of critical infrastructure looks at not only how we deal with incidents, but also the effect any disruption or loss may have. BC provides identification and consensus on criticality of the asset and supply chains as a whole rather than focusing on just how we deal with the incident in isolation. Challenges There are many challenges associated with the protection of CI assets and can often include limited security awareness, lack of acceptance or understanding of security requirements. Or even where a person’s perspective may mistakenly adopt the line that security is not required at all. Within Australia,

more than 90 percent of CI is owned privately, which is certainly a challenge when determining who will protect, pay and respond to incidents around CI. Summary Enhancing capability for prevention, recovery and response relating to incidents against CI is not an easy task. Apathy against CIP will need to change, as advances in technology and changes to internal governance requirements highlight that a dynamic approach is required. These factors only increase the argument that a coordinated approach, such as TISN, is imperative to have, if and when an incident occurs. So that owners, operators and Australia as a nation can prepare, prevent, respond and recover quickly and with as little impact or exposure as possible. About the Author Frazer Holmes is a leading SCEC Endorsed Security Consultant (Attorney General’s Department) and member of the International CPTED Association (ICA) and Risk Management Institute of Australasia (RMIA). Holmes has recently joined the team at Amlec House Security Consultants and can be contacted at: frazer.holmes@amlechouse.com

Business Continuity The Queensland Government has defined Business Continuity as the process of ‘developing a practical plan for how your business can prepare for and continue to operate after an incident or crisis. A Business Continuity plan will help you to identify and prevent risks where possible, prepare for risks that you can’t control and respond and recover if a risk occurs’. In the context of Critical Infrastructure, Business Continuity looks at how we deal with attacks on critical infrastructure as and when they occur. How well does the nation, an owner or operator ‘bounce back’ from adversity? Business Continuity and the resilience of our various critical assets needs leadership and hierarchy in order to quickly, fairly, justly and effectively re-establish control and order.

Security on the move

SRI SecuRIty congReSS, 1-3 DecembeR 2014 Over three days ECU’s SRI Security Congress will bring together all areas of security professions and disciplines as part of a holistic engagement with the wider security community. Scholars of the following disciplines are encouraged to participate: strategic studies, public affairs, communication studies, international politics, criminology, business and management, information and computer science, political science, social science, psychology and cognitive science, and security studies. All submissions will be subject to a double blind peer review process and best papers will be considered for publication in selected journals. The 2014 SRI Security Congress will host 5 security based conferences over 3 days 15th Australian Information Warfare Conference 12th Australian Digital Forensics Conference

12th Australian Information Security Management Conference 7th Australian Security and Intelligence Conference 3rd Australian eHealth Informatics and Security Conference

Venue

Contact details

Key dates

Edith Cowan University 270 Joondalup Drive, Joondalup WA 6000 Tel: +61 8 6304 5176

Congress Coordinator – Emma Burke Tel: +61 8 6304 5176 E: sri@ecu.edu.au W: http://conferences.secau.org/venue.php

Paper Submission Deadline – 30 June 2014 Acceptance Notification – 15 August 2014 Camera Ready Papers – 10 October 2014 Early Bird Registration – 2 November 2014

TEACHING QUALITY ★★★★★ ★★★★★ TEACHING TEACHING QUALITY QUALITY Tel: 134 ECU (134Tel: Tel: 328) 134 134 ECU ECU★★★★★ (134 (134 328) 328) ★★★★★ GRADUATE SATISFACTION ★★★★★ ★★★★★ GRADUATE GRADUATE SATISFACTION SATISFACTION E: futurestudy@ecu.edu.au E: E: futurestudy@ecu.edu.au futurestudy@ecu.edu.au the Good universities Guide the the Good 2014 Good universities universities Guide Guide 2014 2014

reachyourpotential.com.au reachyourpotential.com.au 303LOWE ECU10745 A CRICOS IPC 00279B

ECUSRI Edith Cowan University Security Research Institute

National

Breaking into BIM: Virtual red-teaming

A vulnerability assessment can be a costly and complex task to undertake. This cost can force stakeholders to limit the amount of security analysis they perform on a facility, often leaving the task until late in the construction phase for facilities where security isnâ&#x20AC;&#x2122;t considered vital. Late consideration can lead to costly re-design and retro fitting of security measures. By Stuart Porter

30 | Australian Security Magazine

ur research aims to make vulnerability assessment more accessible and able to be applied from the early stages of facility design. To achieve this we looked at incorporating Building Information Models (BIMs) into security simulation software. BIMs are similar to traditional 3D CAD in that they allow for the 3D visual design and representation of a facility, with the abstraction of various plan views possible for construction purposes. The main advantage over CAD is that a BIM treats the objects within it as entities, linking them to a database back end. This allows a BIM to store related information on an object such as supplier, tolerance and maintenance documentation. It also makes a BIM more intelligent, allowing it to be used for automated conflict detection and cost estimation. These benefits can result in large savings over the lifecycle of a facility and is helping to drive its increasing uptake within the architecture, engineering and construction industries. By leveraging BIM we can make a more compelling system, one that can be easily integrated as a value add to any facility already using BIM. We see this as allowing our

system to complement any existing security assessment and potentially train designers to avoid security flaws. Towards this end we have built a proof of concept system that performs automated vulnerability assessment against provided BIM models. Our system begins by converting the BIM into an edge and node graph representation. The graph representation allows us to use known computing methods for quickly searching the facility for analysis, such as the well-known â&#x20AC;&#x2DC;Dijkstraâ&#x20AC;&#x2122; shortest path algorithm. To convert the BIM into the graph abstraction, we map areas such as rooms to nodes and possible paths such as doorways between areas to the edges. An area will typically be a room but may also be outdoor areas that are protected by a sensor or encapsulated by a fence. For the edges we try to capture any possible path between the areas, such as doorways, windows and walls. A basic example can be seen in figure 1. As we create the graph, we also populate it with information from the BIM. Nodes are assigned information on the areas they relate to and their location. Edges are assigned information on the materials used to construct them

National

Figure 1: A simple facility on the left and its graph abstraction on the right

so that we can later determine the cost for an attacker to breach them. Once the graph has been completed we can perform analysis against it. To do this the system is provided a list of tools to simulate attacking the facility with. To maximise versatility, the tools and materials used in the simulation are read in from an XML file allowing for users to update and expand the available options. The system will perform an exhaustive analysis of the facility with the tools provided. To do this it will run a security simulation against the facility with all possible permutations of the tools. So if the system is given rock, hammer and axe, it will end up running nine permutations including: • Rock; • Rock and Hammer; • Rock, Hammer and Axe; • Rock and Axe; • Etc. On each security simulation run, it will compare the available tools against the materials assigned to each edge. It will search the materials to find what attacks are possible with the available tools and assign the one with the lowest cost. Once all edges have had an appropriate cost assigned, it will begin a shortest path search. Starting with a special ‘outer’ node with a cost of zero, the system will examine each connected node to determine which edge linking it to the starting node has the lowest cost. It will then assign the node a cost of the cheapest edge plus the cost of its preceding node, the ‘outer’ node in this case. It will then examine each node and determine if the cost to reach it through one of its neighbouring nodes via the edge is less than its current cost, if so it will assign this as the new cost. The simulation proceeds until no nodes require further updating. Once all nodes have had their cheapest path calculated, we are able to analyse the overall graph and provide feedback on how cheaply each node can be accessed and how. The system will then perform the security simulation and gather its data for analysis and so on until all permutations have been performed. Using the compiled data, our system provides feedback on which nodes are most likely to be breached and statistical analysis on the cost associated with each node and tool. Using this feedback, the designer can consider hardening their facility against particular attacks or particular nodes that represent weak spots. Currently, this information is

provided as a lengthy text report that can be somewhat tricky to interpret but we plan in the future to use other more visual and interactive feedback options to improve usability. Along with the above static analysis, we have also explored dynamic analysis by way of intelligent agents. Using a Multi-Agent System (MAS) we are able to perform virtual red teaming, where one set of agents act as the aggressors or red team and another set act as the defensive blue team. This takes place across multiple iterations with the potential to help find best-case cost to benefit hardening solutions. The MAS begins its analysis by having the red team perform an attack with a given set of tools. Once the red team has completed an attack on the facility model, it provides a report to the blue team on how it entered the facility. The blue team then performs a round of hardening by examining the method of entry used and ‘upgrading’ the materials on the edges that allowed ingress. After the hardening is performed, the blue team indicates that the red team should try again and the system repeats, iterating in this fashion until a finish criterion is met. At present, the upgrading is a fairly simple system where a material is replaced with a stronger material without regard for practicality, so you can end up with the glass from a window being replaced by brick because it is stronger. While rudimentary this system does show the potential of virtual red teaming and could be improved to take into account limiting factors such as material properties and even costs. The potential for the static and dynamic aspects of our system to assist designers and security practitioners seems clear. By leveraging BIM we can allow users to perform analysis from an early stage and better incorporate changes into their design to meet their desired security threshold cheaply. The ability to perform a thorough analysis in a short period of time can also benefit more experienced security practitioners by supporting their own analysis efforts. About the Author Stuart Porter is a post-graduate student at Curtin University in Western Australia. His research interests include Simulation, Physical Security and Building Information Models.

Australian Security Magazine | 31

International

Towards an Asia Pacific alliance China’s proclamation of an air defence zone over island territory in the East China Sea is claimed by both Beijing and Tokyo as stoking military tensions across the region.

By Sarosh Bana Correspondent

32 | Australian Security Magazine

The two largest economies in Asia continue to spar over disputed island territory, raising prospects of a maritime clash. US Vice President, Joe Biden, hastened to Japan that Washington shared its concerns over China’s recent moves. He also called on Chinese President, Xi Jinping, in Beijing to reaffirm China’s posture as a state policy based on national interest. Washington is deploying six Boeing P-8A Poseidon aircraft in Japan, guided by a bilateral Treaty of Mutual Cooperation and Security of 1960 that pledges, “The Parties will consult together from time to time .., whenever the security of Japan or international peace and security in the Far East is threatened.” Described as the most advanced longrange anti-submarine and anti-surface warfare, intelligence, surveillance and reconnaissance aircraft in the world, two of the P-8As have already arrived. Beijing’s claims of sovereignty over almost the entire

South China and East China seas have sparked disputes with its neighbours, Vietnam, Taiwan, Malaysia, Brunei and the Philippines. The contention has been the various island enclaves, not of much value in themselves, but the possession of which would provide continental shelves and Exclusive Economic Zones (EEZ) that extend 200 nautical miles from the low-water shoreline. China and Japan have contesting claims over the uninhabited islands, called Diaoyu by the former and Senkaku by the latter. The two neighbours have been engaged in a prolonged territorial wrangle over this group of islets, as potentially vast gas and oil fields have been estimated off its shores. Both countries have hitherto strived to keep the dispute from spiralling, mindful of their entrenched commercial ties that have resulted in two-way trade reaching a record $345 billion last year, China being the biggest trading partner of Japan.

International

Obama’s policy of ‘rebalance’ to the Asia-Pacific entails the relocation of 60 percent of the US’s naval assets – up from 50 percent today – to the region by 2020. The on-going disengagement of American troops in Afghanistan and Iraq had raised speculation that the Pentagon might also diminish its role across Asia. Apart from the Senkaku/Diaoyu dispute, China’s other competing claims in the region involve those with Vietnam, the Philippines, Malaysia, Taiwan and Brunei which each claim parts of the Paracel and Spratly island chains, and with the Philippines over the Scarborough/Panatag Shoal in the Philippine Sea that abuts onto the South China Sea. Coincidentally or not, China’s maritime disputes with its neighbours in the littoral have been gaining global attention ever since U President Barack Obama’s announcement last January of his country’s ‘pivot’ strategy in the Asia-Pacific. Previous moves by Beijing to send patrol ships to Senkaku/ Diaoyu had provoked anti-Japan street protests across China, and led Japanese companies there to halt operations as a precaution and many Japanese expatriates to return home. Chinese Defence Minister, General Liang Guanglie, had also warned that Beijing reserved the right to take further action. Apart from these maritime stand-offs, Beijing has for long been waging a border feud with India, Asia’s third largest economy after China and Japan. People’s Liberation Army soldiers frequently intrude deep into Indian territory across the 3,488-km border the two countries share, with recent skirmishes involving the setting up of camps, unfurling of banners warning ‘Indians’ to stay away, and the vandalisation of Indian border monitoring systems. China had gone to war with India in 1962 in which it occupied 37,244 sq km of the Aksai Chin plateau adjoining the north Indian state of Jammu and Kashmir. It also claims the 83,743 sq km State of Arunachal Pradesh in north-east India as part of South Tibet that it controls in the eastern sector of the Himalayas. Beijing has long been affronted by India’s support to the Dalai Lama and New Delhi’s grant of refuge in India to the Tibetan spiritual leader and his compatriots in exile since 1959. But though the two Asian giants signed agreements in 1993 and 1996 to respect the Line of Actual Control and inked another pact on border sanctity during Indian Prime Minister, Dr Manmohan Singh’s, visit to China in October, Beijing took umbrage at Indian President Pranab Mukherjee’s tour of Arunachal Pradesh just a week ago. China’s official news agency, Xinhua, quoted foreign ministry spokesman Qin Gang as saying, “We hope that India will proceed along with China, protecting our broad relationship, and will not take any measures that could complicate the problem, and together we can protect peace and security in the border regions.” Such ominous developments have been posing a threat to this fastest growing economic region in the world and its vital waterways, confounding diplomatic efforts, rousing hostilities and heralding a geopolitical power struggle between the world’s two leading economies of the US and China.

US Military Pivot to the Asia Pacific The return of Asia-Pacific to the centre of world affairs is the great power shift of the 21st century. This economically integrated region is traversed by half the world’s commercial shipping worth $5 trillion of trade a year. More than 4.2 billion people live there, constituting 61 percent of the world’s population. And apart from straddling vital supply chains, this part of the world holds dense fishing grounds and potentially enormous oil and natural gas reserves, though at present it is a net importer of fossil fuels. China surpassed the US in September 2013, as the world’s biggest net oil importer and its energy-hungry export-driven economy that is heavily dependent on raw material is keen on buttressing its suzerainty over the regional Sea Lines of Communication (SLOC) that are critical to the survival of the entire Asia-Pacific community. Apart from investing in port construction in Pakistan, Sri Lanka and Myanmar, Beijing has been extending its military reach in the Asia-Pacific through the establishment of a major surface fleet and nuclear-submarine base on the Hainan Island in the South China Sea and the development of advanced and anti-ship ballistic missiles that can target US naval forces in the region. Though the US has stressed its desire to be neutral, it is conscious of China’s military build-up as also the need for freedom of navigation for all countries. It hence finds it imperative to raise its already formidable profile in the AsiaPacific. Its numerous military bases in the region include 17 in Japan and 12 in South Korea, while it also has a presence in Australia, Thailand, the Philippines, Guam and Singapore. Obama’s policy of ‘rebalance’ to the Asia-Pacific entails the relocation of 60 percent of the US’s naval assets – up from 50 percent today – to the region by 2020. The on-going disengagement of American troops in Afghanistan and Iraq had raised speculation that the Pentagon might also diminish its role across Asia. But in his policy enunciation, Obama had affirmed; “As we end today’s wars, I have directed my national security team to make our presence and missions in the AsiaPacific a top priority; as a result, reductions in US defence spending will not - I repeat, will not - come at the expense of the Asia-Pacific.” His country’s move to downsize its defence budget by $487 billion over the next ten years will hence not come at the expense of ‘this critical region’. According to the Pentagon, the drawdown in Afghanistan will release naval surface combatants, as well as naval intelligence, surveillance, and reconnaissance, and processing, exploitation, and dissemination capabilities, as also more Army and Marine Corps. EP-3 signals reconnaissance aircraft have already moved from CENTCOM (Central

Australian Security Magazine | 33

International

Command) to PACOM (Pacific Command). There will be a net increase of one aircraft carrier, seven destroyers, ten Littoral Combat Ships and two submarines in the Pacific in the coming years. America’s military outpost of Guam, the island due south of Japan, is being readied as a strategic hub for the Western Pacific and Marines are being forward-stationed there. A full US Marine task force will also be established by 2016 in Australia, a key Asia-Pacific partner of the US. The US Air Force will shift unmanned and manned reconnaissance aircraft from Afghanistan to the Asia-Pacific, apart from space, cyber and bomber forces. The question remains whether this ‘rebalance’ is aimed towards containing China’s growing economic and military might, or at bolstering American presence in a region of the future. Beijing views Washington’s proposal as an attempt to curb Chinese influence across the region and to embolden countries to brazen out Beijing on the maritime disputes. Is it time for the South-East Asia Treaty Organisation to return? Despite country specific conflicts, the Asia-Pacific region has enjoyed general stability for almost 70 years since World War II. Such stability has led to the convergence of economic and commercial interests in the region. These have driven the creation of such regional groupings like the ten-member Association of South East Asian Nations (ASEAN), founded in 1967, and the 21-member Asia-Pacific Economic Cooperation (APEC) forum, formed in 1989. APEC is undoubtedly the premier forum for American economic engagement with the Asia-Pacific. The Association’s member economies range from the US, Russia, China and Canada to Australia, Japan, Chile and Peru and comprise a market of 2.7 billion consumers that accounts for 44 percent of world trade and 56 percent of global economic output. Six of the US’s ten largest trading partners are in APEC, namely, Canada, China, Japan, Korea, Mexico and Hong Kong. APEC economies purchased $895 billion, or 60 percent, worth of last year’s US merchandise exports. While the Asia-Pacific has been driven by commercial interests, this widening unrest in the sea lanes that are the lifeline of this region is compelling the validity of a military front on the lines of the North Atlantic Treaty Organisation (NATO). Much in the manner in which China’s growing might is being perceived today, the 28-member grouping had been founded in 1949 in response to the threat posed by the then Soviet Union, with its prioritised purpose having been to deter Soviet expansionism. To lay the foundations of overall peace and stability in the Asia-Pacific, a NATO-like security structure would need to be inclusive, having China within its ambit. Though NATO had been engendered by the determination that only a truly transAtlantic security agreement could deter Soviet aggression, an Asia-Pacific defence platform could draw from the Treaty’s element of cooperation in military preparedness among the allied signatories. NATO had codified their interests by stipulating that ‘an armed attack against one or more of them… shall be considered an attack against them all’. It also empowered any of the allies under attack to take ‘such action

34 | Australian Security Magazine

as it deems necessary, including the use of armed force’. The US’s concerted force multiplication in the region betrays an intent to forge some sort of a military front like NATO. A pointer to such an apparatus had been justretired US Deputy Defence Secretary Ashton Carter’s earlier statement; “There is no multilateral organisation like NATO in the region. And in the absence of an overarching security structure, the US military presence has played a pivotal role over those last past 60 years, providing nations with the space and the security necessary to make their own principled choices.” Any such development may not happen soon, but it appears inevitable in light of the rising volatility in the region. A rudiment of a NATO-like platform, called South-East Asia Treaty Organisation, or SEATO, had been set up in 1954. It was, however, more a political, rather than a military, front against the spread of communism. And apart from the Philippines and Thailand, there was little South-East Asian about the rest of its membership that comprised the US, France, Great Britain, New Zealand, Australia and Pakistan. SEATO had no military functions and ultimately pledged to strengthen the living standards in South-East Asia, sponsoring meetings and exhibitions on culture, religion and history, before members gradually withdrew and it was formally disbanded in 1977. The similarities between now and at the time of NATO’s creation cannot be lost. True, the US and China have very high stakes in their relationship, unlike the state of Cold War that had driven Washington and Moscow between the end of World War II and the dissolution of the Soviet Union in 1991. US goods and services trade with China between January and October 2013, totalled $458.5 billion (the US recording a trade deficit of $267 billion). China is also the largest foreign holder of US debt, owning over $1.2 trillion in bills, notes and bonds, according to the US Treasury. The Alliance for American Manufacturing besides indicates that the growing US trade deficit with China has cost more than 2.7 million American jobs between 2001, when China entered the World Trade Organisation (WTO), and 2011. It was the US that had stewarded the coalescence of NATO. Indeed, the Organisation’s consolidated command structure, initially based in France and christened SHAPE - Supreme Headquarters Allied Powers Europe – was first headed by US General Dwight D Eisenhower, with his appointment as the first Supreme Allied Commander Europe, or SACEUR. The Asia-Pacific front’s creation may possibly be spearheaded by Japan, the US or even China. As more countries chase the world’s rapidly depleting resources, territorial disputes will become increasingly inevitable. Though India is not a member of either of the two key trade forums in the region – APEC and ASEAN – Washington is keen on having this Asian giant on board owing to its expansive demographic, economic and political profile in the region. With a lot riding on its economic and security relations with both Washington and Beijing, New Delhi is averse to being partisan in the developments in the region. Many other Asian Governments would be similarly disinclined, but geopolitical compulsions can push countries into decisions they are not comfortable with.

International

India’s gory wildlife trade The greatness of a nation and its moral progress can be judged by the way its animals are treated - Mahatma Gandhi India is at war with its wildlife. Widespread poaching and relentless inroads by settlements, industry and farms are decimating wild animals and their habitats at an alarming pace.

W By Sarosh Bana Correspondent

hile it was previously believed that habitat loss posed the biggest threat to animals in the country, it has now been established that the grave danger is from the illegal trade in the remains of these creatures. Entrenched poaching syndicates are making survival a grim struggle for the richly diversified wildlife in the homeland of Mahatma Gandhi, the apostle of peace who gave the world the doctrine of ahimsa, or non-violence. No less an institution than the Supreme Court, the country’s highest court, has observed that many animals are being driven to the brink of extinction by ruthless sophisticated operators, some of whom have top level patronage. At the same time, however, the State High Court of Madhya Pradesh dismissed a plea by a non-Government organisation (NGO) called Prayatna, seeking an inquiry by the Central Bureau of Investigation (CBI) into the disappearance of all 20 tigers in central India’s Panna Tiger Reserve. Though 19 of the 20 tigers were reportedly slain by poachers, a division bench of the court dismissed the plaint, saying, “The CBI has many better things to do.” Apart from Africa, India is a major hub of clandestine wildlife trade that has been estimated by Interpol at upwards of US$20 billion globally each year. This savagery prevails for a flourishing demand world-wide for animal products, the US

being the biggest market. The problem is serious enough for world leaders from more than 40 nations to have participated in the ‘Illegal Wildlife Trade Conference’ held in London, February 2014, where they collectively pledged to take key actions to stamp out this menace. The conference resulted in ‘The London Declaration’ that contains commitments for practical steps to end this illegal trade, which apart from threatening the survival of entire species, also undermines economic opportunity in developing countries. It prescribes actions that will help eradicate the demand for wildlife products, strengthen law enforcement, and support the development of sustainable livelihoods for communities affected by wildlife crime. Endowed as it is with great biological diversity in its forests, grasslands, deserts, mountains, including the Himalayas, wetlands and marine areas, India harbours as many as 350 (or 7.6 percent) of the world’s 4,629 known mammalian species, 1,224 (or 12.6 percent) of the world’s 9,702 avian species, 408 (or 6.2 percent) of the 6,550 known reptilian species, 197 (or 4.4 percent) of the world’s 4,522 species of amphibians, and 2,546 (or 11.7 percent) of the 21,760 species of fish. The global trade in animal parts holds out enormous

Australian Security Magazine | 35

International

...the tiger, and the national bird, the peacock, too are under siege. Illicit wildlife trade deals most commonly in tiger and leopard parts and skins, elephant tusks, rhino horn, snakeskin, deer antlers, turtle shells, musk pods, bear bile, mongoose hair, and also live birds such as waterbirds, migratory birds, parakeets, mynas and munias, exotic pets and marine species like seahorses, shells and coral. lucre, being next only to drug-running and arms trafficking in its intensity and profitability. It flourishes in the face of national and international laws that prohibit it. Article 48A of India’s Constitution requires the State to protect and improve the environment and safeguard forests and wildlife. Article 51A (g) obliges every citizen to protect and improve the natural environment, including wildlife. Enacted for this constitutional purpose was the Wildlife (Protection) Act of 1972, its Chapters V and V-A prohibiting ‘trade or commerce of wild animals, animal articles or trophies’. Chapter VI makes violation of the provisions of the Act a criminal offence. The country is a signatory to both the UN Convention on International Trade in Endangered Species (CITES) and the UN Convention against Transnational Organised Crime (CTOC). Nothing is sacred The national Indian animal, the tiger, and the national bird, the peacock, too are under siege. Illicit wildlife trade deals most commonly in tiger and leopard parts and skins, elephant tusks, rhino horn, snakeskin, deer antlers, turtle shells, musk pods, bear bile, mongoose hair, and also live birds such as waterbirds, migratory birds, parakeets, mynas and munias, exotic pets and marine species like seahorses, shells and coral. Those that are not traded are eaten; the wide spectrum of birdlife and even jackals, mongoose, porcupine, monitor lizard, antelope and deer are prized for their flesh both by the forestdwelling communities and those with a taste for the exotic. The vigorous wildlife trafficking in India is more for meeting the demand from outside the country, there being relatively little domestic demand for wildlife products. There is a booming cross-border trade as China has always been a huge consumer of wildlife produce. Traditional Chinese medicine is based largely on natural flora and fauna in their various forms. Consumption in that country is also driven by the age-old belief in the aphrodisiacal powers of various animal products, such as tiger penises and rhino horns. Poachers will find support from politicians, conniving forest guards and officials, and local villagers and tribals, who are often good trackers and trappers. A weak criminal case against two villagers accused of killing two 17-month-old tiger cubs led to their acquittal. This was because the forest authorities ‘failed’ to file a charge sheet against the culprits

36 | Australian Security Magazine

within the mandatory 60 days. The duo had poisoned the cubs on the outskirts of the Ranthambhore Tiger Reserve in the desert State of Rajasthan after they had killed their goats. Though killing a tiger is a non-bailable offence, bail may be granted if the charge sheet is not filed within the stipulated time - an easy out. There had been more than 40,000 tigers in India a little over a century ago. Widespread hunting by the erstwhile maharajas and the British colonialists exterminated many of them by the time of Independence in 1947. The first ever all India tiger census conducted in 1972 revealed the survival of only 1,827. Alarmed by the dwindling numbers, the country launched ‘Project Tiger’ in 1973-74 in a concerted effort to salvage the situation. Aimed at conserving tigers in specially constituted reserves, the scheme has seen the establishment of 39 Project Tiger reserves covering a combined area of 32,137 sq km. The effort did help increase the tiger population to around 3,500 in the ‘90s. Subsequent censuses, however, reflected the grim incidence of unbridled poaching and habitat destruction that has once again shrunk the number to 1,706. Of the 447 tigers estimated to have died between 1999 and March 2011, 197 fell to poachers. In a major rebuke to Project Tiger, the two tiger reserves of Sariska, in Rajasthan, and Panna, in Madhya Pradesh, saw their last tigers being wiped out in 2005 and 2008 respectively. At the other end of the spectrum, even the butterfly is not spared. These exquisite insects are laminated onto lampshades even as they are alive, which are then sold clandestinely as home decorations. Cruelty and brutality are part of the work profile of those whose livelihood is from the blood of animals. Undercover agents have witnessed that after snaring many of the animals in traps that can maim and cripple, these culprits often begin to cut the skin and fur while the creatures are still alive and struggling desperately. They stomp on the necks and heads of animals who struggle too hard to allow a clean cut. The bloodied bodies are thrown onto a pile and some are still alive, breathing in ragged gasps and blinking slowly. Hearts of some animals are still beating five to ten minutes after they are skinned. With poaching and trading transcending borders, not all poachers in India are Indians. Many a wildlife trafficking syndicate draws culprits from neighbouring countries like Nepal, Tibet and Bhutan, while Czech poachers too have been arrested. Armed rebel militias both in India and abroad are being increasingly drawn to this trade. The internet facilitates cross-border wildlife trade, with deals struck and orders placed on the web, often in code, and online payments made ostensibly for other products. These criminal rings are well connected, politically powerful and have the financial clout to pull off their trade without being caught. They have the means to cultivate persons in the right places, forge documentation and evade the law as they butcher myriad species to the brink of extinction. Indian poachers are frequently forest-dwelling tribals whose familiarity with their surroundings is exploited by the higher operatives. The Pardhi tribe was officially declared the ‘number one threat’ to wildlife after some of them poached eight lions in the Gir forests of the State of Gujarat in 2007.

International

A little more than 400 Asiatic lions inhabit this 1,412 sq km reserve, which is their only natural habitat. Numerous wildlife offences are registered against Pardhis, who, being traditional hunters, are considered the most skilled of all poachers. Hundreds of tiger deaths have been attributed to these tribesmen over the years and they are active across the country. They poach cruelly. Once they had set four steel-traps in Gir in the afternoon and by evening they had poached three lions. The Pardhis, who have sub-tribes like Bawadiya, Mogia, Chidimar and Bahelia, had been branded a ‘criminal tribe’ in 1871 by the British colonialists for their hunting and poaching activities, but denotified as ‘criminal’ and named a nomadic tribe in 1952. Tribal poachers like the Pardhis are the first link in a wider criminal set-up. They meet the orders placed by a trader from the city who then arranges for the items to be smuggled across the border to his counterpart in another country, and so on ‘til it reaches the end consumer. It is impossible for such a network to sustain itself without vast profits and intelligence management. India’s deadliest poacher doubtlessly has been Sansar Chand, who incidentally is not a Pardhi. The 56-year old felon became involved with wildlife crime in 1974 when, as a 16-year old, he was arrested for possessing 680 skins, including those of tigers and leopards. He and his partners in crime, many of them family members, have as many as 57

cases filed against them, but shoddy investigations, apathy of, or collusion by, officials, and weak laws, have helped him get acquitted in ten cases and often prematurely freed after conviction on technicalities. During the years, Sansar Chand has established a smuggling network that can supply any wildlife product that is sought for. He is estimated to have been responsible for the deaths of more than 250 tigers, 2,000 leopards, 5,000 otters, 20,000 wild cats, and 20,000 wild foxes, apart from the critically endangered snow leopards and clouded leopards. He himself says they are ‘uncountable’ and betrays no remorse, having amassed enormous wealth and properties through his bloodletting. He has vowed to hunt India’s endangered wildlife to extinction in order to subsequently gain a windfall from the inventories and caches of pelts and animal parts he has built up. In India, like in many other countries, the problem is not of laws, but that these may be poorly communicated and just as poorly enforced. Often, efforts to counter wildlife trade are undermined by lack of political will and governance failures. Wildlife trafficking, deforestation, and loss of habitat are no longer localised problems, but global ones. Information is the key to developing an understanding and, with it, the resolve, to counter them. Ultimately, it is demand that sustains this massacre and such demand arises from a lack of understanding of, and sensitivity to, this massacre.

He is estimated to have been responsible for the deaths of more than 250 tigers, 2,000 leopards, 5,000 otters, 20,000 wild cats, and 20,000 wild foxes, apart from the critically endangered snow leopards and clouded leopards.

Australian Security Magazine | 37

Women in Security

Out of the box From shop floor to drive-through liquor stores, Bluann Williams has seen retail from almost every angle. Find out why after more than two decades in security she’s found her match in the pharmaceuticals industry.

D By Adeline Teoh Correspondent

38 | Australian Security Magazine

rugs and money. Each on their own are already targets for theft, but put them together and you have an exponentially higher profile target. With such a large threat, you’d be forgiven for thinking South Australian retail chain National Pharmacies, which operates in South Australia, Victoria and New South Wales, has a platoon to defend it. But when you meet the team, you’ll meet National Security and Loss Prevention Manager, Bluann Williams, and that’ll be the end of introductions: Williams is the team. Williams understandably has a large part to play in the wellbeing of the business. In addition to physical security – locks, keys, codes and CCTV – she is also responsible for loss prevention, training, profit protection, compliance and governance. And let’s not forget she’s on-call 24/7 for emergency incidents, which can range from a late night break-and-enter to a customer taking the wrong medication. You could say she has been in training for this for some time. Starting in retail as a checkout operator, Williams rose to store manager and soon discovered an interest in preventing retail theft. “I found a world of theft and security and prevention and ended up in supermarket retail doing investigations,” she recalls. “When the supermarket branched

out and became a group I started doing department stores.” Despite achieving a Diploma of Risk Management and undertaking numerous other forms of training in investigative services, security operations, training, governance and even accounting, Williams says it was her on-the-job experiences that taught her the most. After department stores she worked in the fuel business, and took other opportunities like liquor drive-throughs. “I pretty much wanted to get experience from every possible angle I could, so supermarkets, department stores, fuel, hotels and pharmaceuticals – which I haven’t left because it has been the most challenging.” Hooked on pharmaceuticals After six years in pharmaceutical retail, Williams has seen a lot, including some well thought out thefts. “There was a group that came in and caused a disturbance within a store in order to take the emphasis off what they were doing. They were setting up stock to come back at a later time [to steal]. The continuation of evidence there was so hard to prove because it was two different days with two different people,” Williams recounts.

Women in Security

But sometimes, she says, it’s the simplest acts that are the most surprising. “You do not expect a customer to walk in, take a handful of stuff and walk out. The simple ones are the biggest challenge.” Despite this, she knows she’ll never see it all. “When I came on board there were processes in place but security is ever evolving and the risks are always changing. Sometimes you just become a target for organised retail crime and suddenly nothing you have in place is effective enough. Just when you think nothing can go wrong, something happens and you need to think outside the box again.” It’s this evolving landscape that keeps her in the security industry, she admits. “No two days are the same. No matter how well you plan your time or how organised you think you are, you can bet something will happen and it will all change. You’re always on your toes and that’s what’s great and challenging about the industry. If you’re bored and you’re experiencing the same problems again and again it means you didn’t fix it the first time.” The side effect of this is that there’s never a sense of closure, never a 100 percent success rate. “You can reduce it, you can change it, but you’ll never stop it,” Williams states. “That can be frustrating, especially when you have a particular offender. They go to the courts, they come out and within an hour of leaving jail they’re offending again. And it drives me bananas.” She’s adamant that society is not hard enough on theft, the missing step being treatment of the cause rather than the symptom. “Offenders are continually offending. We need to get back to the original cause, whether it’s a drug habit or mental illness. They need help, they need an extra step and we just don’t provide that.” Treating risk Because she’s a one-woman team, Williams uses training to help her do her job. A big part of loss prevention is just good old-fashioned customer service, she says. “We don’t like to have our employees do anything in relation to apprehending shoplifters or anything like that, it’s all based around providing exceptional customer service. When you have interaction with people it fixes everything else.” She uses the retailers as her eyes and ears. When there’s an incident, she needs to know as many details as they can summon. “A lot of my role is explaining to the stores what we need them to tell me. I can only work on the information I’m given so once I’m given that information I then risk-analyse it,” she says. Retail presents an interesting environment for risk management. Making things convenient for customers exposes stock to potential thieves, but Williams is wary of being overprotective. “There’s no point locking everything up in cupboards. Although that’s going to stop it from being stolen, a lot of the time if they want it badly enough they’ll break in after hours and cause damage, which is probably more than the product is worth. You need to figure out whether you are willing to accept that as a loss to the business rather than implement something that’s going to cost more than the risk itself. “It’s that tightrope of what you are willing to lose in respect

“Sometimes you hear something and think ‘I don’t know how that could be related to me’ and then because it’s in the front of your mind you notice things,” she says of using techniques in other industries to help her in retail. to what it will cost you. We have budgets in relation to theft and we just have to make sure we sit within those budgets.” Collective intelligence While Williams doesn’t have security colleagues in her department at National Pharmacies, she does share knowledge and war stories with other retailers who meet with a police intelligence group once a month. “Because of the rules of privacy we have to be careful of what we say and how we say it and what we identify, but in general it’s a good monthly meeting on ‘we’re getting hit this way, how are you guys going?’” she explains. “That is a really important thing I do being a one-person department. It gives me an idea of how to move forward.” She also notes that because the security sector in South Australia is small, everyone tends to know everyone else and there’s a lot of networking across the industry. The effect of this is a broad understanding of different issues, some of which are unexpectedly helpful. “Sometimes you hear something and think ‘I don’t know how that could be related to me’ and then because it’s in the front of your mind you notice things,” she says of using techniques in other industries to help her in retail. Being human In addition to looking at retail with her security eye, Williams says she’s also partial to recreational shopping, though spends just as much time examining the behaviour of other shoppers as she does examining products. “A lot of the time I get distracted seeing what customers are doing instead of actually shopping. I am a people-watcher.” The behaviour piece has become something of a hobby, she admits. “I look at Big Brother – a show everyone loves or hates – completely differently to everyone else. I watch the behaviour when they’re faced with a situation rather than listening to them sitting there chatting.” Other hobbies include reading and cooking, with travel wistfully included on the list. “I love to travel but I don’t get that much of an opportunity because I need to be available 24/7 at the moment. It’s really just staying at home and waiting for that phone to ring.” If it sounds like work takes up too much of Williams’ life, don’t be fooled. Her advice to anyone starting out in the industry is to remember that it’s not all about living to work. “I’ve been doing this for 20 plus years now only because I’m passionate about retail theft and the billions of dollars we lose every year globally, but you can’t solve everyone’s problems overnight. Sometimes you need to sleep. Find the happy medium, have a life.”

Australian Security Magazine | 39

Frontline

Dealing with an active shooter situation Columbine, Port Arthur and Mumbai are three places that conjure horrific scenes of people screaming and running for their lives. But these tragic examples of a rogue active shooter opening fire on innocent victims are just three of many. Add to the list Colorado, Sandy Hook, Virginia Tech, Fort Hood, Beslan, Finland, Norway, Nairobi, and Washington. By Paul Johnstone

40 | Australian Security Magazine

n a report released by the Advanced Law Enforcement Rapid Response Training (ALERRT) Centre at the Texas State University, five massacre-style shootings occurred per year in the United States between 2000 and 2008. Alarmingly, that number more than tripled to 16 per year between 2009 and 2012. Active shooter situations are predicted to continue to rise creating a huge threat to police and communities. Research shows 40 percent of active shooter attacks are most likely to take place at businesses, 29 percent at schools, 19 percent outdoors, and 12 percent in other places. Active shooters usually use firearms or sub machine guns, often don’t discriminate against their victims, and are extremely unpredictable. For example; Saturday afternoon, 17 August 1991, Wade Frankum walked into a shopping plaza in the Sydney suburb of Strathfield. He sat down at a café, placing

the bag he was carrying next to him. He drank several cups of coffee. Behind him sat two teenage girls. Frankum looked like an average guy. No one could have guessed that concealed in Frankum’s bag was a large hunting knife and Chinese made SKS semi-automatic rifle. At approximately 3.30 pm, and without provocation, Frankum withdrew the large hunting knife, stood up, spun around and repeatedly stabbed one of the two teenage girls sitting behind him. Snatching the SKS semi-automatic weapon, he then opened fire on innocent café patrons. In less than ten minutes, seven people were shot dead and a further six wounded. The nightmare ended just as police arrived. Frankum turned the gun on himself and fired. None of the victims were personally known to Frankum. Scotland, 13 March 1996, Thomas Hamilton walked into a primary school gymnasium in Dunblane. He shot dead 16

Frontline

innocent children and their teacher before killing himself. Tasmania, Australia, 28 April 1996. Martin Bryant entered the popular tourist destination of Port Arthur and opened fire. He massacred 35 people and wounded a further 23 without any apparent provocation or warning. According to the United States Department of Homeland Security, an ‘active shooter’ is an individual actively engaged in killing or attempting to kill people in a confined and other populated area. The Australian-New Zealand Counter-Terrorism Committee describes an ‘active shooter’ as a person armed with a firearm(s) who is actively engaged in killing or attempting to cause serious harm to multiple people in a populated location. Statistically, 94 percent of active shooters are male. They act alone and often have no prior criminal record. They rarely confide in anyone and their cache of weapons is usually compiled legally. Take the case of Major Nidal Hasan, a United States Army Psychiatrist. In 2009, he entered Fort Hood in Texas, opened fire and fatally shot 13 fellow soldiers and civilians. A further 32 people were wounded including an unborn baby. Similarly in Australia, 8 December 1987, Frank Vitkovic walked onto the Melbourne University campus with a sawedoff M1 Carbine machine gun. His intent was to kill a former school friend. Discovering his former friend was not on campus that day, Vitkovic proceeded to the 5th floor. Arriving at the Telecom Employees Credit Co-Operative reception, Vitkovic asked for another former friend to be called to the front counter. Vitkovic withdrew the sawed-off M1 Carbine from his bag, opened fire and shot dead a young female office worker. He then proceeded to the 12th floor where he randomly opened fire before running down to the 11th floor where he indiscriminately shot victims at point blank range. In a desperate bid to bring Vitkovic’s killing spree to an end, three wounded office workers wrestled Vitkovic. After an intense, but brief struggle, they prized Vitkovic’s weapon off him. The terrifying experience ended at 4.27pm when Vitkovic attempted to escape through an open window and fell to his death. At 4.30pm the Victorian Police Special Operations Group (SOG) commenced their search of the building. Half an hour later, at 5pm, police gave the all clear and ambulance officers were permitted to enter the building to attend to the wounded. Research shows active shooter situations only last 10 to 15 minutes. And in most cases, they’re over before law enforcement arrives. Yet, within those frenzied few minutes, an active shooter will continue to kill until he runs out of ammunition, victims, is stopped, or takes his own life. Active shooters are fully committed to their ‘cause’. In their minds a ‘top kill score’ proves their dedication. Three step defence In most cases there is no pattern to victim selection in a shooter scenario, nor is it obvious whether the shooter is motivated by anger, revenge, skewed ideology, or mental illness. July 2012, James Holmes entered a crowded movie theatre in Aurora, Colorado at midnight. Like many of the patrons, he was dressed as one of the characters from the Batman movie, The Dark Knight Rises. Without warning, Holmes threw two

gas canisters into the crowd and started shooting. Surviving patrons reported they initially assumed the gas and gunshot sounds were all part of promotional stunt – until people started dropping dead. For those innocently caught up in an active shooter scenario, every second counts. Every action or reaction is a life or death decision. And unlike first aid, very few people are taught basic survival skills. In an active shooter situation, three basic steps should be followed. Step 1: Evacuate If there is an accessible escape path, attempt to evacuate the premises or area. What to do: • ensure the escape route doesn’t lead to a dead end, locked door, or leave you trapped somewhere the shooter may venture; • evacuate regardless of whether others agree to follow; • leave belongings behind; • where possible, help others to escape, but do not attempt to move the wounded; • warn others not to enter the shooter zone; • call 000 (Australia) or 911 (USA) only when it is safe. Once you’ve evacuated safety, provide the following information to police or emergency operators: • location of the active shooter; • number of shooters, if more than one; • physical description of the shooter(s); • number and type of weapons held by the shooter(s) (eg, pistol, shotgun, rifle); • the number of potential victims at the location. When the police arrive: • remain calm; • obey their instructions (their first job is to classify all as victim or threat); • put down any items in your hands (eg, bags, jackets); • immediately raise your hands and spread fingers; • keep your hands visible at all times; • avoid making quick movements toward officers; • avoid pointing, screaming or yelling; • do not stop to ask officers for help or directions when evacuating, just proceed in the direction from which officers are entering the premises. Step 2: Hide out If a safe evacuation is not possible, find a place to hide. Choose somewhere that: • remains out of the active shooter’s line of sight; • does not trap you or restrict your options for relocating to another position of safety; • provides cover, not just concealment, if shots are fired in your direction. The difference between cover and concealment is widely misunderstood thanks to action movies. Cover will protect from gunfire. Concealment merely hides you from the shooter’s view. In movies, action heroes are seen to take cover behind soft couches and thin table tops. ‘Miraculously’ these items provide protection from high calibre weapons. In reality, you

Australian Security Magazine | 41

Frontline

‘Playing dead’ works best in the movies. In real life, once you ‘play dead’ your options for escape are severely restricted. You’re reliant on the shooter not noticing any signs of life. Even then, there is no guarantee you won’t be shot. might as well hide behind a sheet of cardboard. The best ‘lifesaving’ cover is solid objects like brick walls, large trees, and parked vehicles. It is also very important to ensure the active shooter can’t enter your hiding place. Where possible: • lock or blockade the door using heavy items/furniture; • silence mobile phones (even the vibrate function may give you away); • remain quiet; • move away from windows; • cover windows if safe to do so.

Tactical response today

During the 2008 Mumbai terrorist attacks in India, a waiter at the Taj Mahal Palace heard explosions and shouting. Instinctively, he locked the doors, turned out the lights, and told the 60 plus patrons to keep very still and quiet. Minutes later, an armed terrorist peered into the darkened restaurant from the brightly lit courtyard. Detecting no movement and hearing no sound, the terrorist moved on before his eyes had time to fully adjust to the darkened room.

Police arrive on an active shooter scene with one objective – to stop the shooter as soon as possible. For that reason alone, follow their instructions immediately – especially if you launched a counter attack. In that moment in time, you may be the one holding a weapon. If so, drop the weapon immediately and place your hands clear of your body. Police officers: • will always proceed directly to the area in which the last shots were heard; • may be armed with rifles, shotguns, handguns and ballistic shields; • may arrive in teams of two or various numbers; • may wear regular patrol uniforms or external bulletproof vests, Kevlar helmets or other tactical equipment; • may use OC spray or tear gas to control the situation; • may shout commands; • may push individuals to the ground for their own safety or until individuals have been identified.

Is playing dead an option?

Tactical response history

‘Playing dead’ works best in the movies. In real life, once you ‘play dead’ your options for escape are severely restricted. You’re reliant on the shooter not noticing any signs of life. Even then, there is no guarantee you won’t be shot. In July 2011, Norwegian born Anders Behring Breivik went on a shooting rampage. He shot 77 victims as they were standing, cowering or running away. But he also shot indiscriminately at bodies lying on the ground. In real life, playing dead is not easy – especially if the body’s fear responses have kicked in. Breathing becomes rapid and uncontrollable making it almost impossible to keep the chest from noticeably rising and falling. At the same time, adrenalin courses through the blood stream producing heat. In cold or wet conditions, extra body heat can cause steam to rise or escape out of the mouth or nose. Either way, it’s a ‘dead’ give-away the person is still alive.

April 20, 1999, Columbine High School students, Eric Harris, 18 and Dylan Klebold, 17, systematically killed 12 classmates and a school teacher before wounding another 21 people. The teenage shooters took less than 16 minutes to kill and wound their victims. Yet the responding police took more than three hours to find the teen shooters. The SWAT team was also criticised for being too methodical and slow. Up until Columbine, police departments throughout the world trained their officers to contain the shooting scene and wait for tactical units to arrive. But Columbine marked the need for change. Yet change didn’t come until after the December 2012 Sandy Hook Elementary School massacre in Newtown, United States. The Federal Bureau of Investigation (FBI) formed a team to study active shootings. The study resulted in a training program developed at Texas State University being adopted world-wide. Now first responders isolate, distract and stop active shooters as fast as possible. But it’s not just law enforcement agencies that need training. Just like a fire drill, individuals, employees, employers and organisations need to put an active shooter plan in place.

Step 3: Take action Take action by disrupting, and or incapacitating, the active shooter only when your life is in real and imminent danger. As a last resort: • act furiously and aggressively towards the shooter; • throw items and utilise improvised weapons; • scream at the shooter whilst attacking (this can act to distract while fuelling your own determination and confidence under stress); • commit to your actions and do not stop until the threat is

42 | Australian Security Magazine

over (or you can escape safely); • act to preserve your own life at all times. Arguably, launching a counter attack is very dangerous. Yet, it is no more dangerous than doing nothing. A moving target is much harder to hit than a stationary one. A counter attack from victims is the very last thing a shooter will be expecting. The element of surprise may just create an opportunity to escape, or delay further killings until the police arrive. But there are no guarantees. Victim or perpetrator, one or both may end up severely injured or dead.

Active shooter drill No one knows when or where the next active shooter incident will occur. All that is known is that active shooter incidences

Frontline

are on the rise. Along with fire evacuation plans individuals, employers and organisations should consider an active shooter drill. This would include: • ensuring the facility has at least two evacuation routes; • posting evacuation maps in high visibility areas throughout the facility; • including local police and emergency first responders during emergency training exercises; • encouraging police and emergency first responders, tactical teams, K-9 dog teams, and police and military bomb squads to train for an active shooter scenario at your location. While the safety tips and guidelines in this article are not all inclusive, there are a number of excellent active shooter training programs available. Within Australia, for example, Defensive Measures International and the Australian Institute of Defense, Science and Technology have combined to offer a theory and practical based training program. The course includes training participants to prepare and respond to violent confrontations involving active shooter scenarios. Active shooter attacks in Australia remain a real and persistent threat. Yet, with prior planning, training and an understanding that no one is immune from this potential threat, individuals, employees, employers, organisations and law enforcement agencies can help prevent unnecessary wounding and deaths.

When it comes to active shooter events, it is impossible to predict who, what, when, how and why. Yet, everyone can contribute to keeping their community safe by having an active shooter plan in place. About the Author Paul Johnstone is a former Federal Agent with the Australian Federal Police and a former Soldier with the Australian Army. Johnstone has performed a number of specialist protective security intelligence and counter-terrorism roles during his combined 25 years of service and is a Government accredited Instructor in a number of specialist fields. Johnstone has been formally recognised by the Governments of the United Kingdom, Bosnia and Herzegovina for outstanding police investigations pertaining to complex fraud and war crimes and he has lectured and trained law enforcement, security and military personnel throughout Australia, Peoples Republic of China, Afghanistan and the Pacific Rim. Johnstone is the founder and principal director of Defensive Measures International which is a consultancy firm offering specialist services throughout Australia, Peoples Republic of China, India and the Asia Pacific region. Johnstone is also the Training Manager for the Queensland TAFE Security, Investigations and Law Enforcement Training Centre in Brisbane.

Training for a better future in...

Security at Brisbane Security Training Centre

Our highly respected industry specialists provide Security Operations training and advice to leading security businesses around the state. Let us help you secure the skills you need to become an effective security operator. Call Wide Bay Institute of TAFE’s Brisbane Security Training Centre on 3806 9633 for further information.

1300 656 188

www.widebay.tafe.qld.gov.au 40 - 44 Johnson Road, Browns Plains, Queensland 4118

• • • •

Defensive Tactics Edged Weapons Introduction to Terrorism Private Investigator - Certificate III in Investigative Services (CPP30607) • Certificate IV in Security and Risk Management (CPP40707) • RPL available

Frontline

Unmanned vehicles:

Enhancing security, rescue and natural disaster management capability Last issue we brought you Part I which reviewed the current capability of robotic UGVs. Here follows Part II commencing at looking at the integration of UMVs into current manned maritime security and surveillance operations. By John Cunningham and Dr Pascual Marques

44 | Australian Security Magazine

ikola Tesla (1856-1943), inventor of the world’s first practical remote-controlled unmanned vessel, was granted a US patent in 1898 for a ‘Method of and Apparatus for Controlling Mechanism of Moving Vessels or Vehicles’. Tesla first demonstrated this rudimentary unmanned ship at an electrical industry trade show at Madison Square Garden in New York, using a large tank of water and radio for command and control. Nikola Tesla’s 19th century vision is therefore considered the precursor of the 21st century unmanned maritime systems technology. Nonetheless, UMVs remains an emerging technology that faces numerous challenges that must be overcome for such vehicles to become commonplace in commercial and military applications; a particular challenge is the integration of UMVs into manned maritime security and surveillance operations. UMV technology includes surface vessels, underwater submersibles and hybrid systems. These vehicles incorporate fully integrated sensors and payloads required to accomplish different missions. Contrary to the steady development of unmanned aircraft, UMV technology has had a slower progress. However, during the next decade, a significant increase in the application of UMVs is anticipated, where such vehicles will provide enhanced capabilities for commercial and governmental maritime operations. Commercial applications provide services offered by contractors as part of business operations. In contrast, governmental applications are aimed to preserve public safety and security, provide response to different emergencies, and address issues of public and scientific interest. These remotelyoperated vessels and submersibles are particularly desirable for hostile maritime environments that may include high threat regions or areas contaminated by nuclear, biological or chemical agents; in which deploying a crewed vessel is ill-advised. A key challenge for the global introduction of unmanned maritime technology is to coordinate efforts so that maritime operations integrate seamlessly into

current manned maritime procedures and the operations are safe. An important aspect for successful mannedunmanned cooperation is the integration of UMVs into the global maritime communication environment so that the autonomous vehicles use the same communication equipment as manned vessels. Safe operation and traffic control of UMVs requires highly reliable radio communications between the unmanned vessel and the maritime control station, as well as satisfactory sense and avoid capability. The world’s military UMV market is evolving rapidly under the combined impact of changing maritime threats and significant technological advances. Specifically, current research and development (R&D) efforts aim to enhance capabilities in mine counter-measures, anti-submarine warfare, port and harbour security, counter-terrorism, and counter-piracy. The military, in particular, has special interest in the following R&D areas; harbour protection systems, systems integration, regulations for unmanned maritime vessels, modular lightweight minesweeping, and detection and management of buried and drifting mines. Commercial UMVs also offer valuable support in humanitarian applications. Submergible vehicles can review port damage and help identify problems with movement of surface vessels used for transportation of vital equipment, food and medical supplies in areas affected by natural disasters. UAV capability for security and natural disaster management UAV technology provides unparalleled support in diverse public missions such as border surveillance and security, wildlife surveys, military training, weather monitoring, communications relay, law enforcement, environmental monitoring, agriculture aerial mapping and other. The main UAV applications are defence related, in particular Intelligence, Surveillance and Reconnaissance (ISR) patrols.

Frontline

UAVs are also used for Chemical, Biological, Radiological and Nuclear (CBRN) detection, or simply those tasks considered too dangerous or politically challenging for manned aircraft to undertake. UAVs are better suited than manned aircraft for ‘dull, dirty, dangerous’. UAS are preferred over manned aircraft because of the lesser risk of losing human lives and the greater confidence in mission success. In fact, unmanned vehicles have better sustained alertness over humans during dull operations. Typically, ‘dull’ operations require more than 30 or 40 hours of continuous surveillance. Such tasks can be automated, often only requiring human oversight rather than direct and continuous control. Unmanned aircraft are also the ideal choice for operations in ‘dirty’ environments that are hostile to a manned aircraft and its crew; for example, flight into nuclear clouds after bomb detonation. Small unmanned aircraft are used by fire brigades for reconnoitering fires in inaccessible locations or where smoke and flame makes human presence hazardous. ‘Dangerous’ operations typically involve reconnaissance over enemy territory that can result in loss of human lives, thus UAS are preferred. Unmanned aircraft can conveniently replace different dangerous ground tasks, such as convoying of tactical supplies and sweeping for improvised explosive devices. There are high expectations for the growth of the civil and commercial UAV market. Emerging civil applications of UAVs are inspection of terrain and buildings, coast guards duties, border patrols, rescue operations, police work, fisheries protection, pipeline survey, disaster and crisis management, search and rescue, environmental monitoring, and forest fire fighting. Characterised by comparatively silent flight and small dimensions, UAVs cause less disturbance of the scene being surveyed. The unmanned platform usually provides a big picture of the scene instead of visual limited recording from ground level. Commercial UAVs are designed to perform missions at a lower cost and ecological impact than a manned aircraft equivalent. Thus, the desire for endurance in many UAVs demands high aerodynamic and fuel efficiency. Multi-mission diverse-payload vehicle An example of a multi-mission UAV recently introduced into the commercial market is the MA THOR by Marques Aviation. The MA THOR is a high-wing twin-boom inverted-v-tail unmanned aircraft. It is a versatile vehicle used in missions as diverse as remote sensing and mapping, land and maritime border patrol, sea and land search and rescue, long endurance military reconnaissance, surveillance of oil and gas installations, inspection of natural disasters, ecological work, and fire fighting. The vehicle uses a modular fuselage configuration to accommodate a diversity of payloads for different missions; electro optical and infrared cameras, gyro stabilised daylight and low light cameras, laser designator, range finder, miniature aperture radar, radar altimeter, automatic video tracker, nuclear biochemical sensors, meteorological appliances, laser detector tracker pod, and ejectable items such as chaff, leaflets and flares. Additional payloads can be installed in the UAV including mine detection equipment, electronic warfare

systems, SIGINT, and scientific sensors. Larger, more sophisticated payloads can also be carried aboard for day and night, maritime surveillance and search and rescue operations like the FLIR systems, UK Mountain, coastal and firefighting operations often present adverse meteorological conditions and strong winds. However, enhanced aerodynamics and flight stability principles in the MA THOR allow the UAV to complete its assigned surveillance tasks in demanding flight conditions. Homeland security Unmanned observation systems fulfill civilian tasks related to homeland security such as border protection and control, monitoring the coastline, and providing security for large public events. At present, the US Customs and Border Protection (CBP) agency employs six Predator UAS in support of border operations on the southwestern and northern borders of the US. In Europe, the Swiss company RUAG has used a ranger reconnaissance UAV since 2006, to monitor the Swiss border. Border protection involves monitoring a very large area during an extended period of time. For this reason, medium-altitude long-endurance (MALE) UAVs are the most suitable systems as they can remain airborne and operate ten times longer than a manned helicopter. It has been estimated that a single MALE UAV is capable of carrying out long endurance monitoring mission, which would otherwise require ten helicopter missions. The European agency Frontex is responsible for fostering cooperation between EU member states in border security. Frontex recognises the need to relentlessly monitor the southern border of the Schengen area along the northern coasts of the Mediterranean. This is necessary given the unpredictable political climate in North Africa. Recently, United Kingdom police authorities have introduced small and medium-size UAVs in their operations. These unmanned systems replace expensive helicopters, and provide reconnaissance and enhance security at large events, such as the sporting events during the 2012 Olympics. Natural disaster management Natural disasters encompass forest fires, floods, earthquakes and violent storms in which UAVs can help monitor and analyse the situation. UAVs support search and rescue operations when looking for survivors of shipwrecks, aircraft crashes or victims buried in alpine avalanches. Thermal cameras make continued search and rescue activity possible at any time of day or night in snow avalanches. ABC accidents and oil spills are other types of disasters in which unmanned systems are preferable. The UAS Ikhana was used in 2007, for reconnaissance during the large forest fires in California. In forest fire operations, characterised by conditions of poor visibility due to the smoke, the thermal imaging sensors aboard the UAV communicate the exact coordinates of the flames to fire-fighting aircraft to more accurately release fire retardant. In such disastrous events, UAVs have capability to obtain

Australian Security Magazine | 45

Frontline

The unmanned aircraft overflew the damaged areas relentlessly for 14 hours to monitor the situation. Highresolution images transmitted by the Global Hawk made it possible to locate usable takeoff and landing areas of helicopters and relief aircraft.

46 | Australian Security Magazine

images at a higher resolution than those of satellites and therefore, relay useful information for the firefighters in real time. However, the greatest advantages of UAS for support in forest fire operations are their high endurance and the minimal risk to pilots. After the Indian Ocean Tsunami of 2004, the Heron MALE-UAS assisted in locating victims buried in rubble. In 2008, the West Midlands Fire Service (WMFS) in the UK employed the Incident Support Imaging System (ISiS) to observe a fire at a university. The ISiS, which uses a German md4-200 UAV, provided the firefighters with thermal imagery of the development of the fire on the roof of the building, thus minimising the risk to the firefighters. High endurance is also an important asset during flooding events. UAS can continuously gather information about the evolution of the flooding as it evolves, during the day and at night. Flyover inspections of dikes can be conducted at regular intervals and critical points. The ability to quickly provide information about the scene is essential in catastrophe management, so that the population can be warned early and evacuated. Following the devastating earthquake in Haiti in 2010, a Global Hawk was assigned its first disaster relief missions in the Caribbean. The unmanned aircraft overflew the damaged areas relentlessly for 14 hours to monitor the situation. High-resolution images transmitted by the Global Hawk made it possible to locate usable takeoff and landing areas of helicopters and relief aircraft. The Fukushima Daiichi nuclear power plant suffered substantial damage following the earthquake and tsunami in Japan in 2011. A high-altitude long-endurance (HALE) UAV glided over the power plant to take pictures of the building using high-resolution infrared sensors. The HALE vehicle showed disaster response teams that overheating was occurring inside the nuclear station. Later the vertical-takeoff-andlanding (VTOL) UAV RQ-16 T-Hawk was deployed at the reactor site to relay real-time images of the damaged facility. During search and rescue missions in maritime accidents on the open ocean, medium and high-altitude UAVs with high endurance and capability to monitor large areas are decisive. Therefore, UAS represent an important support tool for natural disaster management due to their instant availability, autonomy and endurance. In summary, ARGUS Robotics (USA) addresses the ever-increasing need to improve security methods that prevent IEDs, car bombs, and nuclear/biological/chemical devices being used against military personnel and civilian targets. The highly-adaptable multi-mission UGVs designed by ARGUS Robotics support a wide range of uses such as generator power, lights, security sensors, camera systems, and debris removal during severe natural disasters such as earthquakes, hurricanes, and tsunamis. The fully robotic ARGUS UGVs also assist humanitarian demining work. A dual set of controls, manual and robotic, provides support for wounded soldiers, whereby amputee soldiers can control the vehicle’s function from their wheelchair. Contrary to the steady development of unmanned aircraft, UMS technology has experienced a slower progress. However, a significant increase in the application of

UMSs is anticipated during the next decade. These surface and submersible maritime vehicles provide enhanced capabilities for commercial and governmental maritime operations. Governmental applications aim to preserve public safety and security, and provide response to different emergencies. Remotely-operated vessels are particularly desirable for hostile maritime environments, or areas contaminated by nuclear, biological or chemical agents; in which deploying a crewed vessel is ill-advised. A key challenge for the global introduction of unmanned maritime technology is the integration of UMSs into current manned maritime procedures so that the operations are safe. UAVs also give support in a large variety of Government and civilian missions, such as border surveillance and security, weather monitoring, communications relay, law enforcement, environmental monitoring, aerial mapping, firefighting, and others. UAVs have typically been assigned the ‘dull, dirty, dangerous’ missions in order to minimise human exposure to hazards. An example of a multi-mission UAV recently introduced into the commercial market is the MA THOR by Marques Aviation. About the Authors John Cunningham is the Owner and Founder of Area Reconnaissance Ground and Urban Support Robotics (ARGUS), USA. John received his BS degree from West Virginia University in Mining Engineering and MS Degree from Marshall University in Technology Management-Manufacturing. For 24 years John oversaw design and manufacturing of thousands of wheeled and tracked commercial construction vehicles for domestic and international markets. The US Department of Defense approached John requesting commercial vehicles to be made in both manual and robotic functions for anti-IED efforts. Such vehicles were quickly made and exceeded all key point parameters. From this request a series of vehicles have been designed on a common platform to meet a wide range of security and humanitarian needs around the world. Dr Pascual Marqués is the Owner and Executive Director at Marques Aviation Ltd (UK) and the International Director (United Kingdom) of Unmanned Vehicle University. Dr Marqués is an expert in Aerodynamics and Flight Stability. At Marques Aviation Ltd he oversees the design and manufacture of novel fixed-wing and rotor unmanned aircraft developed by the company. Dr Marqués acts as the Chair for the World Congress on Unmanned Systems Engineering (WCUSEng) and the International Aerospace Engineering Conference (IAEC). He is also the Editor-inChief of the International Journal of Unmanned Systems Engineering (IJUSEng). Dr Marqués regularly lectures in Aerodynamics and Numerical Analysis at Unmanned Vehicle University where he is a member of Faculty.

Cyber Security

The implications for cyber security in a post-Snowden world Lindsay Banffy, Social Media and Communications Officer for CeBIT Australia, talks with Alastair MacGibbon, Director for the Centre for Internet Safety at the University of Canberra. By Lindsay Banffy

Alastair MacGibbon, Director for the Centre for Internet Safety at the University of Canberra

s there a silver lining to whistleblower Edward Snowden’s revelations about the wayward intelligence gathering and surveillance of the United States National Security Agency (NSA) post 9/11? Snowden has been publically criticised for stealing more than 1.5 million classified documents, detailing the US Government’s program ‘PRISM’ which allows access to user data on Google, Facebook, Apple and company servers. The move has also been described by The Pentagon Papers as ‘the most significant leak in US history’. But Alastair MacGibbon, Director for the Centre for Internet Safety at the University of Canberra, says some good can come of all this. “Snowdon is a gift for improving security for us all.” MacGibbon argues that from a ‘pro-Government, security and intelligence’ perspective the disclosures have prompted a necessary debate about national security, surveillance and the privacy of individuals. It’s no secret that Governments have been gathering intelligence on one another for years, but MacGibbon believes Snowden’s revelations forces us to look at the link between legitimate law enforcement, a corporation’s access to information and new ways to protect citizen’s rights to privacy. A debate he says Australians haven’t been able to have since September 11 (2001) which will benefit us all. Most importantly, in the face of damaging loss of sales, US software and hardware manufacturers have reacted quickly to implications they – wittingly and unwittingly – allowed the NSA to gain access to sensitive electronic personal information.They have lobbied the US Government to examine their intelligence gathering (a healthy debate for robust democracies to have), but in addition have unilaterally announced significant upgrades in the security of their own

business practices to make it harder for the US Government, indeed any Government, to gain access to information on their networks. They have spoken openly about improving encryption levels on data flowing between their datacentres, and of data at rest. They have commenced large scale code reviews, searching for vulnerabilities, they have offered to work with other Governments to help strengthen their overall cyber security. MacGibbon says these efforts will improve the privacy of all Internet users, not just against wholesale eavesdropping by Governments, but also exploitation by cyber criminals. Important too, as part of this post-Snowden world, is for discussion to focus on when Governments do legitimately gain access to information, like for crime fighting purposes. MacGibbons explains, “If you create a legitimate front door for Government agencies to gain access to data they need, they’ll use it, but if we fail to provide a front door then they’ll find a back door. What Snowden brought to the table acts as a jumpstart for a lot of these discussions at a societal level.” MacGibbons further says he’d like to see a discussion about data sovereignty where nations agree to respect certain classes of data as they move globally, like a law of the sea in cyber space. It may seem fanciful now, but so too may have such conventions when piracy was at its peak and international trade was less regulated. Alastair MacGibbon will be a keynote speaker at CeBIT Australia 2014’s Cyber Security Conference and Workshop, 5-7 May 2014, at Sydney Olympic Park. For more information and to reserve your tickets for Australia’s largest business technology event visit: http://www.cebit.com.au/

Australian Security Magazine | 47

Cyber Security

Fighting fire with firewalls Designed to fight today’s cyber attacks and defend against the threats of tomorrow, next generation firewalls promise to evolve with the threats while providing users with the functionality they need to get on with their work. But are they all they’re cracked up to be?

I By Adeline Teoh Correspondent

n the beginning, computer firewalls were designed to mimic their physical counterparts. If there was a fire in a building, a firewall would help contain the blaze; if there were a cyber attack, a computer firewall would quarantine the attack while the software sorted it out. Enter the pyromaniac. If someone with ill intent decided to burn down your building, they wouldn’t just start a spot fire in a bin. By using fuel so the blaze spreads to every part of the office – and quickly – the attacker would render the firewalls close to useless. Cyber attackers are like the pyromaniacs of the tech world. The problem is, while it’s easy to justify apprehending someone when they’re carrying a box of matches and a jerry can of petrol onto the premises, it’s much more difficult to figure out if a seemingly benign stranger – perhaps an attacker disguised as an acquaintance or business associate – is plotting an attack. Cyber attackers are a lot wilier these days and the attacks are no longer scattergun. Attackers target organisations and you won’t know who started the blaze or when someone started secreting fuel into the building, until the forensic investigation after the damage has already been done. What do you do? Do you turn away all non-employees from the business, even if they might be legitimate customers? Or do you install a better surveillance system to detect possible threats? If this all sounds a little bleak, spare a thought for the people who develop the software to protect you from these threats. Faced with the task of defending against a faceless enemy, one that is both plural and shapeshifting in nature, you’d forgive them for putting it all in the too-hard basket. Instead, they’ve created a firewall that’s more like a membrane than a wall, and has all the characteristics of a body learning to fight different diseases. What is a next generation firewall? A next generation firewall (NGFW) is a technical term that covers any application firewall that can perform deep

48 | Australian Security Magazine

inspection of traffic and has the ability to contextualise data. What this means in real-world terms is that it can identify not only what website you’re going to, but also what you’re doing there, the applications you’re using, and what information you may be sending or receiving. Old firewalls aren’t like that, explains Linda Hui, Hong Kong and Taiwan Managing Director of F5 Networks, a multinational traffic management software company. “Traditionally, firewalls just see packets and open the wall for them to go through, but they don’t have a deep inspection of a lot of applications. Next generation firewalls are application orientated and application aware. They don’t just know the traffic is web traffic but they understand https, encrypted web traffic, and go one step further in understanding the web applications associated with this traffic.” The rise in cloud computing, particularly software as a service, has triggered a change in the kind of firewall needed to safeguard a business. The problem with using old firewalls in today’s business world is that they’re too easily circumvented, as much by employees who seek convenience as cyber criminals. “A firewall became a Swiss cheese device. Everything was completely open and the solution was to close it. But the majority of the traffic goes through email or is web based and you can’t close that,” says Sean Duca, Chief Technology Officer at McAfee Asia-Pacific. “We need to control what people are doing when they connect. You can block what you think is bad and have a policy on what is acceptable use for the organisation and people will try to find a way around it, but at least you have the ability to see what’s happening.” Late in 2013, McAfee sponsored research on the behaviour of employees in relation to security policies and found that more than 80 percent of employees surveyed used nonapproved software as a service (SaaS) applications. Microsoft Office365 was the most popular, alongside social networking platforms LinkedIn and Facebook.

Cyber Security

The outsiders Nir Zuk is the Chief Technology Officer and Founder of Palo Alto Networks. Zuk says enterprises and their employees are now using networks and the web differently to how they used to when traditional firewalls were developed. “[Without a NGFW] if the business wants to use web applications, the most common thing is to say ‘no, you can’t use it because we cannot secure it’. The other option is to stick your head in the ground and check the emails but ignore the web applications,” he says. “All these applications carry the same risks that email carries and they can be dangerous. Block the things that you don’t need but for those things you do want to use, enable them. If the user is on Office365, only allow specific users or only allow them to share specific file types. This is what we mean by safe application enablement.” The reason firewalls need this ability to contextualise data is the changing nature of the attacks. Once upon a time, attacks were widespread and the goal of the attacker was to infiltrate and exploit as many devices as possible, as quickly as possible. Today, attacks are more like snipers than scatterguns. “They’re spending a lot of money on researching vulnerabilities so all the tools that we developed over the years that assumed attacks would be widespread just don’t work anymore,” says Zuk. Advanced persistent threats involve user baiting and social engineering techniques to persuade an employee to establish a link with the bad guys. It won’t be a blatant executable file, it may be something as innocuous as a document or PDF with malware embedded in it. Although the attacker can then establish a link pretty quickly – Zuk says ten seconds after you inadvertently launch the malware – the real value for the bad guys is being able to do things to your data over a long period. In some cases, organisations don’t even know they’ve leaked data long after the fact. The possibilities are frightening. Zuk comments that attackers can explore your data, change your data, erase your data, lock your data – they can do whatever they want. The stealing of the data can take months, that’s why they’re called advanced persistent threats. Keeping it in “There are two layers of a next generation firewall, safeguarding traffic from the outside coming in and from people working in the corporate environment sending traffic out. The second case is usually why people want next generation firewalls,” Hui maintains. It stands to reason that this is the clincher. Even if an organisation could stop all attacks from entering the network, data could still escape by accidental or deliberate means from the inside out. And it also means that even if an attacker is successful at establishing a link with your system, being able to see what data is on the move is helpful to minimise the damage. For as long as the world-wide-web has been a part of business, employees have been finding ways around firewalls for perfectly legitimate work reasons. Back in the day it used to be employees emailing work to their Hotmail address so

they could finish it at home. Now, web applications make it even easier for people to connect to the network from anywhere – the aim of telecommuting and mobility functions – with the dark side being that it makes organisations more vulnerable to attacks and data leaks. Duca gives the example of using a cloud storage services like Dropbox. Many employees simply seek easy-to-use cloud storage, even though it may contravene some security policies about letting data leave the organisation. “If you don’t have a next generation firewall solution that understands the applications being used, you’re never going to see what that user’s really doing. You’ll see them connect to Dropbox.com but that’s it,” he says. “A next generation firewall will provide some content information as to what’s going through so you get extra visibility. From there you can provide the balancing act between what the user wants and what the business needs.” It can also help control employee behaviour. Many businesses now recognise the value of social media, but there are often some downsides. An organisation might, for example, let its employees visit Facebook, says Duca. “But I don’t want people to use Facebook Chat or the games, so having application granularity means I can let people go to Facebook but have control over what they do.”

About 15 percent of surveyed users experienced a liability, access, or security event while using software as a service. — The Hidden Truth Behind Shadow IT conducted by Stratecast and Frost & Sullivan for McAfee (November 2013)

The next generation question The main advantage of an NGFW is its adaptability. If you had to add a layer or a device to meet every new threat, you’d never get any business done. Zuk says Palo Alto Networks detects around 30,000 new pieces of malware every week through a technique called sandboxing, where developers allow a computer or network in a controlled environment to get infected in order to examine the threat. It’s a bit like medical researchers examining a disease in a laboratory. The disease analogy is an apt one. A traditional firewall works just like protective clothing; essential to prevent you from getting infected but if you wear too many layers it will stifle your work. “You don’t want three to four layers of firewalls, it will delay the speed of loading,” says Hui. An NGFW is like inoculation; it teaches the system to recognise threats and gives it a template on how to treat them. And just like a body fighting a disease, an NGFW will adapt and learn. But upgrading from a traditional to next generation firewall is not as simple as defining this advantage. Vendors still need to deal with an organisation’s old policies, which is a political issue rather than a technical one, says Hui. “People have their own standards and it’s difficult to accept another vendor, especially in the finance industry.” According to Hui, the NGFW market only comprises a single digit market share of all firewall products, which means organisations have a long way to go if they want the protection and performance of the next generation. Duca says part of the issue is quantifying the return on investment of an NGFW, particularly as the threats evolve. “Cyber criminals have all the time in the world to poke and prod and we have to spin all the plates at the same time and work within company budgets. There are a lot of basic features to meet today’s threats, but it’s also good to think about how we protect them from the threats of tomorrow.”

Linda Hui, Hong Kong and Taiwan Managing Director of F5 Networks

Sean Duca, Chief Technology Officer at McAfee Asia-Pacific

Nir Zuk, Chief Technology Officer and Founder of Palo Alto Networks

Australian Security Magazine | 49

Cyber Security

Why we need to say goodbye to passwords and PINS Passwords and PINs are now more vulnerable than ever. Proving this point has been a number of high profile security breaches including Twitter, LinkedIn and most notably Adobe; where 150 million passwords and user details were compromised . By Michael Steinmann

hile these breaches highlight the vulnerability of the traditional password and PIN, they also show that knowledge based authentication is becoming antiquated in today’s world of connected smart devices and even smarter hackers. On the other hand, voice biometric solutions have consistently reduced exposure to fraud and have been hailed as the future of the password. To further enforce this point, the following outlines how voice biometric solutions eliminate several security weaknesses associated with PINs and passwords, while demonstrating how voice biometric solutions can mitigate such threats.

The ways PINs and passwords are compromised Brute force attack The four digit PIN is one of the weakest security credentials, due to the ease in which a malicious user can compromise a system without the need to possess any technical knowledge, or any knowledge of the legitimate account holder. The vulnerabilities of PINs were revealed by a 2012 DataGenetics study which showed that 10.7 percent of four digit PINs are ‘1234’. This means a fraudster would only need to conduct an average of ten attempts to compromise an account. Additionally, as revealed by the Adobe breach, passwords don’t perform much better, with the top five user passwords including ‘123456’ or ‘password’ . Although organisations can block the most commonly used PINs and passwords, the DataGenetics study also revealed that beyond sequential numbers and repeating numbers, people tend to select PINs where the numbers form patterns on keyboard, or where the number represents a date that is significant to the caller. This PIN selection

50 | Australian Security Magazine

behaviour by legitimate account holders render brute force attacks quite effective. Compromising the database A PIN or password, like any other knowledge factor used for authentication, is stored in a database. If the database is compromised, a malicious user has unlimited access to accounts. Although properly designed systems have numerous security measures in place, there are many documented cases of breaches occurring. Some cases involve hackers finding ways to bypass the security measures. Other cases involve employee error, for example, an erroneous transfer of PIN credentials through email. No matter how the PINs or passwords are compromised, once in the hands of a malicious individual, the potential for large scale financial losses are enormous. Phishing Phishing is an ever-increasing technique that malicious individuals undertake to compromise credentials, such as PINs and passwords via email and social media. Industry statistics indicates that a mass phishing attack yields a five percent data collection success rate, meaning that if 100 emails are sent to collect PINs, a hacker will on average collect five valid PINs. However, if the malicious individual conducts a spear-phishing attack, the success rate can reach 19 percent. As such, phishing attacks are one of the preferred choices by malicious individuals to compromise systems that are protected by PINs and passwords. Internet search Call centres typically use a series of knowledge questions to verify a caller’s identity. If the caller answers the questions correctly, the agent considers the caller’s identity validated and any transactions can then take place. However, many

Cyber Security

of the answers to the security questions asked by call centre agents can be easily found on the internet. A moderately sophisticated hacker can find the answers to the majority of security questions by accessing social media sites such as Facebook and LinkedIn. Collecting this basic information about an individual online makes the task of guessing answers to security questions easy, as was shown by a study at Carnegie Mellon University in 2009. It demonstrated that typically used security questions are vulnerable, in some cases they can be guessed with 48 percent accuracy. Social engineering This is specific to call centres where customer service agents are instructed to minimise average hold time (AHT) and deliver a positive customer experience to callers. Fraud prevention for most agents is not their number one priority, creating opportunities for fraudsters to compromise an account. According to a study conducted by Global Reviews in 2011, about 67 percent of social engineering attempts at Australian bank call centres were successful. However, organisations that have required agents to comply with stringent security procedures have seen disastrous impacts on customer care. In fact, one financial institution reported that more than 20 percent of legitimate callers were unable to receive service. As such, organisations tend to minimise inconvenience to the caller by reducing security processes. However, this creates an important security vulnerability that fraudsters leverage at an ever increasing frequency.

Why voice biometrics is the future of security. A compromised voiceprint is unusable for account access A voiceprint is a hashed string of numbers and characters that represent how a specific individual’s voice rates on the myriad of characteristics being measured. As such, a compromised voiceprint has no value to a hacker. It cannot be used to authenticate to a system. Neither can it be used to reverse engineer someone’s voice. This inherent characteristic of voice biometrics provides a fundamental security benefit over any knowledge based authentication method. Voice biometrics is not vulnerable to such a large scale attack. This limits fraudsters to attempting to compromise individual accounts. This security benefit of voice biometrics dramatically reduces the fraud risk that an organisation faces. Proactive detection of known fraudsters Each time a fraudster speaks within an IVR or to a call centre agent, the fraudster leaves his/her voiceprint in the same way that our fingers leave fingerprints when we touch an object. This enables an organisation to create and store voiceprints of known fraudsters. Each call that reaches the IVR or call centre can be proactively verified against this fraudster database. When fraudsters are identified, they can then be denied access to prevent fraud from occurring. However, even in cases where fraudsters are successful, the voiceprint left at the crime scene can be used to identify and prosecute the criminal. This serves as a powerful deterrent to fraudsters, and leads to displacing fraudster activity to

organisations that have less effective security measures such as PINs and agent handled security questions. A voice is unique to the individual A person’s voice is unique, much like a person’s fingerprint, iris or face. There are more than 100 voice characteristics that can be measured to determine who you are, based on your voice. To identify a person using voice biometrics, a person’s voice needs to be captured. This makes voice biometrics fundamentally different from knowledge based credentials, such as PINs and security questions. Someone cannot guess your voice, whereas someone can guess your PIN or answers to security questions. For the most part, a person’s voice is not readily available on the internet, unlike the answers to security questions such as a person’s mother’s maiden name. Although a recording of someone’s voice can be captured by a malicious user, the voice is inherently static. Voice biometric systems can be dynamic, meaning they can be used to assess a person’s identity during live conversations or by asking a caller to speak a random phrase. And security is only the beginning Enhanced security is not the only benefit of voice biometrics – it also improves customer service. With voice biometrics, customers no longer need to answer intrusive security questions or remember passwords in order to verify their identity. Additionally, with the ability to easily and efficiently verify a customer, businesses can create personalised experiences through the call centre, mobile apps and even the customer’s own personal devices. The possibilities for organisations are enormous, especially considering the ease of which voice biometrics can be deployed. Think about it, we all carry the one necessary device required to implement voice biometrics – our mobile phone. Voice biometrics is innovating customer service and with it, businesses will be able to create safe and secure experiences that improve customer satisfaction. And with the reign of the password and knowledge-based authentication slowly coming to an end, voice biometrics now offers an effective alternative built for the new era of connected devices. About the Author Michael Steinmann has been Director, Regional Technology at Nuance Communications since 2007. His focus is on assisting the region’s largest and most strategic customers achieve a detailed understanding of the Nuance portfolio of technologies and how these technologies integrate and can be utilised within their own business environments. Prior to joining Nuance, Michael worked at Telstra for five years, his last role being General Manager of the Call Centre technologies engineering group. There, he successfully managed the introduction of multiple internal and external call centre projects that included technologies such as CTI, IVR, CRM and VoIP. Prior to his work at Telstra, Michael held senior technology positions worldwide at Genesys, Informix, Ingres, Sun and, most notably, at AT&T where he was instrumental in helping build and deploy the world’s largest data warehouse.

Australian Security Magazine | 51

Cyber Security

An introduction to block cipher cryptanalysis Block cipher assures confidentiality by encrypting confidential messages into unintelligible form. During the design of a block cipher, its security against cryptanalysis must be taken into consideration. The past shows that a cipher designed without taking this into account, will often lead to flaws and attacks by others. Although block cipher cryptanalysis is a fast changing area, the problem is there are no standard texts on block cipher cryptanalysis. By Milica Djekic

52 | Australian Security Magazine

t is generally assumed that the era of modern cryptology started in 1949, when Claude Shannon transformed cryptography from an art to a science. That year Shannon published a paper titled â&#x20AC;&#x2DC;Communication theory of secrecy systemsâ&#x20AC;&#x2122;. As cryptology progressed and continued with its development, most of the major innovations in the field, date from the past 30 years. This productive period was initiated by two important developments introduced by Diffie and Hellman. They proposed ways to insure the privacy of data sent over an insecure channel, without the need for a separate secure channel to exchange secret keys. The other development had a more immediate impact on the industry. Realising that the increasing use of electronic data would entail security risks, the US National Bureau of Standards (NBS), decided in 1973, to run an open call

for encryption primitives. Shortly after that, a block cipher LUCIFER designed by IBM in 1971, appeared. After a year of collaboration between IBM and the NSA, LUCIFER was turned into the Data Encryption Standard (DES). Despite the criticisms, the standard would soon be widely used, both in governmental and private sectors. As the number of applications using this algorithm increased, the search for weaknesses by cryptographers could not stop. Still, exhaustive key search recognised as a serious threat from the start remains the most efficient attack. Symmetric versus asymmetric encryption Before the 1970s, it was intuitively assumed that the encryption function had to be secret. First of all, if the

Cyber Security

adversary was given, it would suffice to reverse this transformation for recovering. Later, Diffie and Hellman realised that the secrecy of the encryption function was not necessary. This indicates that one could construct so-called trapdoor one-way functions. These functions can be easily evaluated. They cannot be efficiently inverted, unless some extra information is provided. Examples of trapdoor one-way functions allowed the development of practical public key encryption algorithms. The public key cryptography has a huge advantage. For instance, a receiver does not need to exchange any secret information with a sender before it can start encrypting. On the other hand, schemes which are based on the secrecy of their encryption function play a vital role in practical applications. The reason is that implementations of secret key or symmetric encryption algorithms are orders of magnitude. In principle, this is more efficient than their public key or asymmetric counterparts. Stream ciphers and block ciphers As it is known, symmetric encryption algorithms are traditionally divided into two categories; stream ciphers and block ciphers. In general, a block cipher divides the plaintext into separate blocks of fixed size and encrypts each of them independently using the same key-dependent transformation. On the other hand, a stream cipher takes as input a continuous stream of plaintext and encrypts it according to an internal state which evolves during the process. These definitions draw a clear theoretical distinction between stream ciphers and block ciphers. However, the situation is a bit more different in practice. In case of a block cipher, the output of the key-dependent transformation for a certain plaintext block is typically kept in memory and used as a parameter when encrypting the next block. This approach is commonly called block encryption. But, strictly speaking, it is a stream cipher. Basically, such constructions differ seriously from conventional stream ciphers. Moreover, the secret key of a stream cipher is typically used to initialise the internal state. Surprisingly, the two branches in symmetric cryptology have evolved in rather different circumstances. Block ciphers owe much of their popularity to a few successful designs such as DES and AES. These algorithms are standardised, freely available, and can be used in many different applications. On contrary, the most used stream ciphers are proprietary designs such as RC4 and A5/1. The majority of these algorithms were kept secret until they eventually leaked out. This explains why stream ciphers receive less attention from the scientific community than block ciphers. Block cipher cryptanalysis At the beginning, a cryptanalysis is the branch in cryptology which studies how cryptographic algorithms can be broken. This is an essential stage in the development of secure algorithms. In order to design a strong cipher, the cryptographer has to understand where the potential weaknesses are. For that reason, we provide a brief review of typical attack scenarios.

Attack scenarios In the case of block ciphers, the aim of the adversary is recovering unknown parts of the plaintext or recovering entire secret key. Attack scenarios can be distinguished depending on what information attacker can obtain, and to what extent it can interfere in the communication between sender and receiver. 1) Ciphertext-Only Attack: This type of attack only assumes that the adversary is capable of capturing encrypted blocks. In such a case, block ciphers succumbing to cipher-text-only attacks are considered to be very weak. 2) Known-Plaintext Attack: A known-plaintext attack requires attacker having access to the plaintext corresponding to the captured ciphertext blocks. A good example of this scenario is an online payment on the Internet. 3) Chosen-Plaintext Attack: Some attacks only succeed when the plaintexts have a specific form. In order to accomplish such attacks, adversary must find a way to influence the encrypted plaintexts. A practical example is a secure connection between a sender and its mail server. 4) Chosen-Ciphertext Attack: This attack requires the attacker to have control over the ciphertexts sent to receiver and to be capable of monitoring how they are decrypted. Such attacks will not work if the receiver has a means to check the integrity of the ciphertexts. 5) Adaptively Chosen-Plaintext/Ciphertext Attack: In order to organise one of the attacks mentioned above, an attacker will typically need to obtain the encryptions or decryptions of a whole series of chosen blocks. When the selection of a given block depends on the results obtained from previous blocks, the attack is called adaptive. In essence, we believe a good understanding of modern attack scenarios is crucial for getting basic directions in block cipher cryptanalysis. Conclusion During the last two decades, the field of block cipher cryptanalysis has experienced many exciting developments and changes. Some of them have been discussed in this article, but a lot of them have not. However, the selection of techniques described here should provide you with a good sense of the general approaches used in todayâ&#x20AC;&#x2122;s block cipher cryptanalysis. About the Author Milica Djekic is an Online Marketing Coordinator at Dejan SEO, currently based in Novi Sad, Serbia. Djekic has a Master of Science degree in Control Engineering from Faculty of Mechanical Engineering, University of Belgrade, Serbia (2006). Djekicâ&#x20AC;&#x2122;s fields of interests are control systems, wireless technologies, cyber security, cryptography, speed enforcement systems, etc. In her spare time, Djekic enjoys reading, researching and writing.

Australian Security Magazine | 53

Cyber Security

Victim in the dark Much ink has been expended on the topic of cyber security and how best to prevent attackers from intruding an organisation’s network. The recent Cisco Annual Security Threat Report 2014, revealed, however, that 100 percent of corporate networks studied showed signs of malicious traffic connecting to the outside world. By Ammar Hindi

54 | Australian Security Magazine

hat one cold, hard statistic reveals what we have all known in security for sometime – the reality has changed and it is no longer a question of if you get compromised, but when and for how long. Asia Pacific is now at the centre of the war against cyber security, with recent reports indicating a growing percentage of attacks originating from the region and gradually penetrating the global markets. With the burgeoning presence of global financial markets here, as well as the dramatic increase in mobile penetration rates, there is certainly much at stake. The even colder reality for today’s Chief Security Officer (CSO) is the possibility that their network has already been compromised, and that cyber attackers are well entrenched and well hidden. Today’s cyber criminals are professionals and well resourced. They do not discriminate and will use every weapon at their disposal to accomplish their mission. Unlike the script kiddies of before, or activists from today, they are discreet. They will invest time and energy in finding a crack in the defence system and from that beachhead, spread out surreptitiously across the corporate network. The problem for the CSO today is that everything is connected. Mobile devices, software as a service, virtualisation and cloud computing are necessities as organisations look to ways to enhance productivity, save costs and speed

deployment. While the adoption of new IT solutions in these areas represents a major business opportunity and can drive innovation and growth, they are also introducing new threats and challenges for organisations. Hence, cyber criminals are presented with the option of intruding a network through an employee’s personal iPad, or the SCADA control system, or even a third party supplier’s network. The trouble is that most security tools deployed today, do not provide adequate visibility to factor in dynamic network topology, behaviour and traffic, into security policy definition and enforcement decisions. Furthermore, while firewalls and Antivirus software are essential to stop the broad-based attacks, these tools are not sufficient to eradicate the attack. Consequently the advanced malware and threats most businesses face will find a way through the network. More than protecting the boundaries of the network, the CSO needs to have the ability to continually monitor the organisation’s network and spot abnormal activities, applications or software operating in an unexpected fashion. Only by addressing the complete attack continuum – before, during and after, will the CSO have the chance to spot and deal with vulnerabilities or attacks before too much damage is done. One striking inference from many of the recent high profile attacks on some of the world’s biggest businesses is

Cyber Security

The 2013 Verizon Data Breach Investigations Report, highlighted that 66 percent of organisations failed to identify breaches for months or years after the initial compromise. Clearly, cyber criminals are in it for the long-haul. the length of these attacks and how much data has been lost in the process. Stealing millions of identities takes time and indicates that the security teams in those businesses were probably unable to spot the data being extracted from their networks and shut it down before its ramifications were felt upon the business and its reputation. The 2013 Verizon Data Breach Investigations Report, highlighted that 66 percent of organisations failed to identify breaches for months or years after the initial compromise. Clearly, cyber criminals are in it for the long-haul. However, if the Cisco report is indeed right and every business has been compromised in some way, there is evidently a need for security professionals to alter their mindsets. Security and networks need to be monitored on the assumption that the bad guys will get in – or better yet, based on the notion that they have already penetrated the network. But all is not lost. Outlined below, are five tips to help businesses be better prepared for cyber attacks: 1. Adopt a threat-centric approach to security: Attackers don’t discriminate and will take advantage of any gap in protection to reach their end goal. Rather than relying on disparate ‘silver bullet’ technologies that don’t – and can’t – work together, businesses need solutions that address the extended network. This means protecting endpoints, mobile and virtual environments and sharing intelligence in a continuous fashion that spans the full attack continuum – before, during and after an attack. Look for technologies that go beyond point-in-time detection and blocking to include a continuous capability, always watching and never forgetting, so you can mitigate damage once an attacker gets in. 2. Automate security as much as possible: Manual processes are inadequate to defend against relentless attacks that often employ automated techniques to accelerate and broaden attacks. Businesses need to reduce labour-intensive tasks and streamline security processes. Tools that can intelligently identify and automatically alert only on relevant security events can save security teams hours investigating events that aren’t real threats. In addition, being able to automatically enforce and tune security policies and rules to keep pace with the changing threat landscape and evolving IT environment, minimises risk of exposure to the latest threats and vulnerabilities. 3. Leverage retrospective security: Modern threats are able to disguise themselves as safe, pass through defenses unnoticed, remain undetected and later exhibit malicious behaviour. Look for technologies that address this scenario by continuously monitoring files originally deemed ‘safe’ or ‘unknown’ and enabling you to apply

retrospective security – the ability to quickly identify, scope, track, investigate and remediate if these files are later determined to be malicious. 4. Hone your incident response processes: Security events happen and many organisations don’t have an incident response plan in place. Every organisation should have a designated Incident Response team that is trained to communicate and respond to security events. The team needs to be backed by documented processes and policies. For example, an InfoSec Policy must be put in place to ensure you’re protecting the right data. An Incident Response Runbook with clear step-by-step instructions for the team to follow in the event of an attack, including incident notification and a collaboration call tree, leads to better, swifter and more accurate containment and remediation. Finally, systematic program reviews on a quarterly basis can ensure that your policies, configurations and rules performance are protecting your organisation as needed. 5. Educate users and IT security staff on the latest threats: Educating users so they are wise to these techniques and putting policies in place to restrict user behaviour can go a long way towards preventing these malicious attacks that often rely on relatively simple methods. Organisations must also be committed to keeping their staff highly trained on the current threat landscape. Ongoing professional development with a specific focus on being able to identify an incident, know how to classify it and how to contain and eliminate it will help keep security teams apprised of the latest techniques used by attackers to disguise threats, exfiltrate data and establish beachheads for future attacks. The security ‘game’ has changed, and if organisations do not recognise that change, and implement the proper precautions well before they are ever attacked, they risk seeing their name highlighted in the press – for all the wrong reasons. About the Author Ammar Hindi is Managing Director of Asia Pacific operations for Sourcefire, now a part of Cisco. In this position he is responsible for corporate operations across the region including sales, business development and strategic marketing activities. Hindi joined the company in June 2009, bringing nearly 20 years of experience in sales and management positions launching Asia Pacific business initiatives.

Australian Security Magazine | 55

Cyber Security

Encrypting for cloud security and compliance As a vast majority of organisations move data to the cloud, the question becomes how to protect that data in the Cloud. There’s been no shortage of high profile security breaches on the global stage. By Paige Leidig

n December 2013, a high profile store found itself in full damage control mode after the theft of 90 million customer credit card details. And the recent trend in Australia reveals that at least one data breach is reported each week. If an enterprise needed any encouragement to beef up its cloud security strategy, surely the time is now. The costs of data breaches can be staggering in both financial and brand terms. One bad breach can stain a company’s reputation for years, and Australian Privacy Commissioner, Timothy Pilgrim, has made it clear that he intends to send a message to companies who don’t take adequate precautions. Added to this is compliance with privacy legislation, and the new laws that came to effect on March 12 2014, (Privacy Amendment Act 2012). There are two key privacy principles within the Act which are particularly relevant for organisations with data in the cloud. Both focus on the necessity of taking protective measures. Principle 8 relates to the cross-border disclosure of information and is an ongoing concern for Australian organisations, particularly troubling when the sovereignty of their data in the public cloud may be unknown. The principle defines the cloud customer as liable for the security and privacy of the data, regardless of whether the provider adheres to Australian privacy laws. Essentially, the breach mitigation and punitive burdens fall on the shoulders of the cloud customer. Principle 11 on the security of personal information, relates to not just what is stored in a cloud but what could be matched with that data to identify an individual. Companies need to take caution in considering how to protect data that would otherwise be anonymous information through a process of de-identification, also achievable through encryption. When it comes to both data protection and regulatory compliance, encryption is a powerful tool – having the right tool, however, won’t solve anything if not used correctly. How to encrypt Encryption comes in different strengths and flavours, and choosing the appropriate kind for different data requirements is vital to a successful cloud information protection strategy. For example, due to their higher level of sensitivity, customers’ credit card numbers require a higher strength of encryption, than say, customer postcodes. Organisations should identify

56 | Australian Security Magazine

the confidential data, typically 5-15 percent of all a company’s information, and apply encryption to protect that data. Cloud information protection platforms provide a granular level of control enabling administrators to choose exactly what data to protect and how. This ensures the data is both functional and encrypted as strongly as possible. Organisations also need to understand the importance of retaining the encryption keys. Outside access to encryption keys dilutes the enterprise’s control, which adds a needlessly extra path for hackers and information requests. These risks will put the organisation afoul of privacy regulations. By keeping exclusive control of the encryption keys, even if data was leaked or stolen, it would remain illegible to anyone outside the organisation. Additionally, even if a third party was compelled to hand over the encrypted data to a Government agency, neither party could decrypt it without the enterprise’s knowledge and participation. Encryption prevents unauthorised parties from reading or using it, but if applied incorrectly, it can break cloud applications, rendering them useless to employees. Using strong encryption that preserves search, sort and other application functions combines data protection with usability. 2014 may indeed be the year of encryption. Major cloud providers have been ramping up their own encryption strategies, but they aren’t the only ones who should. The advent of the Australian Privacy Principles is a timely reminder that any organisation handling sensitive data, needs to be implementing a security strategy that will see both their data and that of their customers protected in the cloud. About the Author Paige Leidig has 20 years of experience in technology, marketing, and selling enterprise application solutions and managing trusted customer relationships. Leidig was previously in the Office of the CEO at SAP, where he was responsible for leading and coordinating SAP’s acquisition and integration activities on a global basis. He has managed a number of marketing initiatives at SAP, including responsibility for all go-to-market activities for SAP’s Cloud applications portfolio. Preceding his SAP career, Paige held senior management positions with Ariba, Elance, and E*Trade. He is currently Chief Marketing Officer and Senior Vice President at CipherCloud.

Cyber Security

Rethinking firewalls for Web applications The days when walling your IT infrastructure within rings of firewalls are now long gone. It is a simple fact, that traditional firewalls that stopped intruders and malware in its tracks outside the organisation’s perimeter aren’t cutting it. The reason: Web applications. By Linda Hui

t is easy to understand why Web applications are popular. Taking advantage of ubiquitous browsers, they can extend corporate functionality beyond the office. Armed with Web applications, employees can conduct mission-critical transactions quickly, anywhere. Add overhead cost reduction and enhanced user experience, and you can see why Web applications are becoming a feature in every type of organisation. The problem is that most traditional firewalls were built before the rise of Web applications. They assume that your applications sit behind physical corporate walls and are only accessed by authorised personnel – not on the laptops and mobiles of employees on the move. To ensure smooth operations, most firewalls are often riddled with tunnels to allow Web application traffic through. This, as one can imagine, opens up gaping holes at the application layer that many now exploit at your organisation’s expense. At the same time, cyber criminals have evolved. Forget the old notion of an attention-seeking kid sitting behind a computer. Today’s cyber criminals are politically, socially and economically motivated, and often work in groups. This has led to the rise of complex attacks. Many, such as multi-layer distributed denial-of-service (DDoS) /application layer attacks and SQL injection vulnerabilities, zero in on the lack of Web application security. The issue with traditional firewalls is that they do not differentiate genuine traffic from your users and bot traffic from cyber criminals. In the interim, DDoS mitigation providers have utilised browser fingerprinting techniques, like cookie tests and JavaScript tests, to verify if requests are coming from real browsers. However, most recently, it has become apparent that cyber criminals have launched DDoS attacks from hidden, but real browser instances running on infected computers. This type of complex cyber attack is incredibly hard to detect. In fact, DDoS attacks are on the increase despite rising awareness and security measures. In the past year, the number of such attacks targeting vulnerable spots in Web applications has risen and attackers are using increasingly complicated methods to bypass defenses. Meanwhile, 75 percent of CISOs are aware external attacks had increased and 70 percent of CISOs noticed that Web applications represent an area of risk higher than the network infrastructure. Regulators and users are also adding pressure to organisations to deal with Web application insecurity. As netizens and Governments increase their calls for better data

and privacy, organisations are hard-pressed to secure their Web applications and abide by stricter data security and privacy regulations. The answer lies with Web Application Firewall (WAF) solutions, which often sit in front of Web applications. Essentially, these interrogate the behaviour and logic of what is requested and returned. By doing this, they can protect against Web applications threats like SQL injection, crosssite scripting, session hijacking, parameter or URL tampering and buffer overflows. In addition, they can also offer proactive defense against unknown attacks by keeping an eye on unusual patterns in the traffic that the Web application receives. According to Frost & Sullivan, there are generally three types of WAFs: Standalone WAF appliances, integrated WAF on an Application Delivery Controller (ADC) and software WAF solutions. Currently, standalone appliances remain the preferred form factor in the Asia Pacific region, accounting for 77.7 percent of the market. However, the research firm noted that this may change in the future as the cost-effective and easy-to-use integrated WAF solutions have been gaining in popularity, especially with service providers and SMBs. So is it the right time to jump onto the WAF bandwagon? When it comes to IT security the answer is always the same; now is better than ever. Lack of a WAF exposes your Web applications and your entire IT infrastructure to attacks that may be difficult to recover from. After all, it only takes a single intrusion to tarnish your hardearned reputation and put your business on shaky grounds. About the Author Linda Hui is Managing Director at F5 Networks in Hong Kong and Taiwan, based in Hong Kong. With more than 17 years of experience in the information and telecommunication industry, Hui is responsible for overseeing and steering the company’s growth in Hong Kong and Taiwan. Prior to joining F5, she promoted and grew Andersen Consulting’s Risk Consulting Practice, particularly in the technology risk and financial risk area. During her time with Anderson Consulting, she successfully bought in clients and increased the market awareness of the service offerings. Hui holds a Bachelor Degree in Computer and Management Science from the University of Warwick and Master Degree in Business Administration from the University of Nottingham.

Australian Security Magazine | 57

Cyber Security

Mobile phone evidence gathering: Sometimes the BEST form of evidence!

The mobile phone is today more than just a communication vessel. We all know of its extended functionality to include emails, camera, internet access and so on. But have you ever thought about the role of a mobile phone as evidence in a crime? Prevalent in today’s evolving world, there are investigators specialising in mobile phone forensics. By Phill Russo

58 | Australian Security Magazine

ou have no doubt seen one of those TV shows with a geeky looking girl in piggy tails, wearing glasses and a white lab coat solving crimes almost instantly, tracing mobile phone information and extracting data that provides that missing crucial piece of evidence which completes the investigation jigsaw. I can tell you this only happens on TV. I am a real life computer and mobile phone Forensic Investigator and sadly, I don’t pass off as half as good looking as the characters portrayed in such shows. I do, however, complete forensic analysis on electronic data extracted from computers, mobile phones, iPads and even GPS devices, to assist lawyers from around the world to present evidence in support of their court cases. This evidence may be crucially used in every court setting you can think of including criminal, corporate, family, marital, patent and even Government regulatory court proceedings. With the world-wide uptake of mobile phones, this communication vessel is increasingly proving to be the best

form of evidence providing that smoking gun in many cases. As well as being a portable devise, mobile phones are easy to purchase and have all the functionality of a computer at a fraction of the price. Functions including camera, email, instant chat, calendar and internet access are considered standard features on many Smartphone devices; and of course, you can use it as a phone too. Whether used as a personal device or for business, mobile phones are a tool for which communication is entrusted world-wide. Statistics on the usage of mobile phones have figures almost reconciling to the ratio of one phone for every living human being on the planet. Social media’s popularity and success would today, largely be attributed to its seamlessly integration with mobile phones. It appears that many users would almost consider the mobile phone as an extension of their being. Users seem to involve their phone in many of their social activities such as writing thoughts on Twitter, posting pictures of dinner on Instagram, or simply posting ‘selfies’ on Facebook. All great fun, however,

Cyber Security

“Flash memory has a limited life usage, meaning every time you write and delete information to the memory module, the less time that memory section has to live.” for myself as a Forensic Investigator, a mobile phone is a pure gold treasure chest of evidentiary value. You often hear on the news that police have seized mobile phone video or photographic evidence in crimes such as assault, drug dealing or even murder. The photographs are only the tip of the evidentiary iceberg. I have investigated instances where mobile phone evidence has been instrumental within marital and family law matters and intellectual property theft and business espionage in corporate matters. Such things as mobile phone tower reconciliation can plot maps of mobile phone connection and usage, and may prove useful to confirm or discredit alibis in court room testimonies. Often, deleted information contains some of the most valuable evidence. Just like a computer’s deleted data may still be recoverable including SMS messages, emails, photographs etc, so too can phone backups and syncs may also prove to be of evidentiary importance. These may be preserved locally on a computer or on an iCloud server, and this may have been an automated process that a person may have forgotten about. I have had a number of incidences where a person has been served with a court order to present a mobile phone for forensic analysis. When the phone has been analysed, it is evident the phone has been reset to a default setting, as an attempt to wipe any user data. Immaterial if data is recoverable or not, if it is proven that the phone was reset after the execution of that court order, then the offender may face contempt of court charges with fines in the thousands of dollars, and 12 months imprisonment or possibly more in some jurisdictions. One of the main factors for successful data recovery, is the ability to create forensically sound physical images from the phones. Due to phone encryption and password protected access or pin protection, sometimes this simply may not be possible. Furthermore, depending on the specialist tools and investigator’s experience, this may or may not, be viable. The forensic interaction and acquisition process requires specialist equipment such as the phone forensic kit – the Cellebrite UFED. This is a specialist piece of forensic hardware and software developed in Israel and regarded as one of the world’s best devices for mobile forensic analysis. Similarly, the operator of the device should be a certified operator. Recently in some Australian courts, some investigators have had their evidence challenged as they have had no formal training, nor hold certification for mobile forensic analysis. In some instances, the phone’s design will prevent data recovery. Mobile phone data resides on what we refer to as

flash memory, consisting of NAND and NOR flash memory. Flash memory has a limited life usage, meaning every time you write and delete information to the memory module, the less time that memory section has to live. Due to the way the flash memory is used, if one section known as a ‘block’ of data, becomes unusable, then the whole device will fail. A process known as ‘wear-leveling’ and ‘garbage collection’ maintains this failure to give the maximum life from the flash memory module as possible. This process can cause effects that either provide or limit access to artifacts and cause a constant state of change proving court room validation difficult to explain to the uncertified. Furthermore, some phones’ security features may hinder data recovery. For instance, some versions of the Apple iPhone, when coupled together with some versions of iOS, will prevent a physical forensic extraction and deleted artifacts may not be recoverable. Until such time as one of the major forensic vendors develops a solution, then data recovery is not possible and the loss of substantial evidence artifacts will fall to this failing. So all in all, it’s not as easy as it’s made out to be on TV but mobile phones are a definite source of evidence and one that could provide valuable input to any investigation. About the Author Phill Russo is a world renown computer and mobile phone forensic expert, and is CEO of CIA Solutions in Perth, Western Australia. Russo also instructs in his specialty field to police, military, members of FBI, Australian Federal Police, Scotland Yard, Hong Kong Police, Nedbank, Westpac, Bankwest, KPMG, Deloitte, Boeing and other world class firms.

Australian Security Magazine | 59

Frontline Available online! See our website for details

1 YEAR SUBSCRIPTION TO THE AUSTRALIAN SECURITY MAGAZINE

6 print issues per year for only $88.00 SUBSCRIBE TODAY... DON’T MISS AN ISSUE Yes! I wish to subscribe to the Australian Security Magazine, 6 issues (1 year). ☐ ☐

AUSTRALIA INTERNATIONAL

A$ A$

88.00

(inc GST)

1 YEAR

158.00

(inc GST)

1 YEAR

Yes! As an additional bonus I wish to receive direct to my inbox the Asia Pacific Security Magazine (emag), 6 issues (1 year).

No business or government organisation survives in a vacuum. Sharing knowledge is fundamental to the development of successful security planning and implementation. That is the role of our magazine: sharing knowledge of developments in security management for public and private sector organisations, both for internal management and for external obligations in public safety and security.

MY DETAILS

PAYMENT

Salutation: __________First Name: __________________________________________

Please find enclosed my cheque/postal order (made payable to MySecurity Media )

Surname:______________________________________________________________

for $ __________________ or debit my:

Job Title: ______________________________________________________________ Company: _____________________________________________________________ Postal Address:__________________________________________________________ Suburb: _____________________State: _________ Postcode: ____________________ Country: ______________________________________________________________ Email: ________________________________________________________________

60 | Australian Security Magazine

Card Holders Name: __________________________________________ Signature: _________________________________________________

Interested in our e-news service? Phone: +61 (8) 6465 4732 during business hours AWST (Australia Only)

Expiry Date:________________ Todays Date: ______________________

PRIORITY FAX Credit Card Details Australia +61 (8) 9467 9155

FREE POST My Security Media 286 Alexander Drive, Dianella. W.A. 6059

Email subscriptions@mysecurity.com.au

GST This document will become a TAX INVOICE for GST when payment is made. My Security Media Pty Ltd ABN 54 145 849 056

To have your company news or latest products featured in our TechTime section, please email promoteme@australiansecuritymagazine.com.au

The new Canon XEED WUX400ST Projector. See page 53