INTERCEPT by Gordon Corera

INTERCEPT by Gordon Corera

by | Aug 6, 2019 | Articles

a review by Philip Ingram MBE

It is very rare I pick up a book and go WOW, especially when it is one talking about cyber security, digits and packets, computers and of course spying.

INTERCEPT by Gordon Corera, the Security Correspondent for BBC News is in my humble opinion a masterpiece and essential reading for anyone involved in cyber security, information security, computer networks, intelligence, information and spying.  It is the background and history that provides an easily readable foundation on which all of those disciplines are built from. In essence, again in my humble opinion as a cyber commentator and ex spook, if you haven’t read this book you can’t do your job properly.

Gordon Corera starts on 5thAugust 1914 where he introduces Superintendent Bordeaux and his two messages giving him a mission onboard a ship called The Alert and the first offensive action of World War 1, and that action was around information. Read the book for the rest of the story. 

If you think you know your computer history and didn’t realise that in 1929 the UK War Office had a Computer Class 2 for the ‘calculation of projectiles in artillery fire’, then your computer history is missing something. That computer was called Kathleen.

Jump forward to the 1940’s and the importance of Dollis Hill in London, in the fight to crack the Enigma code is explained. He mentions Bletchley Park and elsewhere.

Without actually mentioning it Corera gives a detailed history of how the “Special Relationship” with the USA was formed and how over the years it has developed, strengthened and become interdependent. He more than hints at why it will always be there in the modern internet age. 

What really struck me was when he quickly came into the modern age, events, dates, people I recognise and can remember reading about or listening to. 1988 was only a couple of years ago? Right?  But what is extremely well explained is how systems were designed with no security and how foreign powers late to the game managed to leapfrog themselves into networks.

He explains in detail about “The Cell” in Banbury in Oxfordshire and it is clear he has visited the List X facility, working at high levels of classification, created by BT, overseen by GCHQ behind multiple access controls and paid for by Huawei. If you didn’t know the detail yet had an opinion on Huawei around current political statements, then your opinion is not properly informed.  

INTERCEPT was first published in 2015, before the current Huawei spat started.  Examination of how nation states approach intelligence and the technologies supplied from national manufacturers to the international market is at the core of many of the developments discussed throughout the book.

Having just finished reading INTERCEPT, I have started it again, this time with highlighter in hand as it is full of fantastic quotes and examples illustrating every aspect of the modern cyber challenge.  INTERCEPT is a must for the Cyber and spying community. I can’t recommend it more highly. 

Philip Ingram MBE is a former British Military Intelligence Officer who has walked the corridors of “The Doughnut” and been involved in many cases where the expertise gained through some of the examples in this book have helped enormously. 

Please visit ‘contact us’ if you want further comment from Philip and visit the link below to buy INTERCEPT from AMAZON.co.uk.

Huawei the truth and the myth.

Huawei the truth and the myth.

by | Apr 25, 2019 | Articles

Huawei the truth and the myth.

By Philip Ingram MBE

*** Edited 14th July 2020 to add in a paragraph about why the UK Government has made a decision to ban Huawei equipment from the UKs 5G Network***

We are hearing one name, causing news presenters angst when it comes to pronouncing it, in the press at the moment, it is that of the Chinese telecom giant Huawei. So why are government ministers interested in Huawei? Why are the 5 Eyes community talking about it so much? What is the truth and what is the hype? Finally is there anything else we should be worried about? Philip Ingram MBE, a former Senior British Intelligence officer who has worked with signal intelligence organisations, takes a look.

Techadvisor.co.uk said “You can’t ignore Huawei any more. With increasingly premium smartphones on the market,” the Chinese company is challenging Samsung, LG, Sony and Apple who according to analysis by consulting firm Counterpoint Research, it outsells globally.

Given this great accolade then why are the US Government putting certain Chinese companies under increasing scrutiny and even more. In February, FBI Director Chris Wray told the Senate Intelligence Committee that the FBI was “deeply concerned” about the risks posed by the Chinese phone and telecommunications equipment providers Huawei and ZTE. Both Huawei and ZTE have repeatedly insisted that their consumer devices don’t pose a security threat to the US or anywhere else across the globe. (ZTE like Huawei provide telecom infrastructure devices). The Australian Government has decided, reportedly on national security grounds, to exclude Huawei from involvement in their National Broadband Network.

Nothing New
In a report to the UK parliamentary Intelligence and Security Committee, the Security Service (MI5) said in 2008 that, theoretically, the Chinese State may be able to exploit any vulnerabilities in Huawei’s equipment in order to gain some access to the BT network, which would provide them with an attractive espionage opportunity. So the issue in the press today is nothing new!

Looking at the UK market, Huawei makes everything from the routers and switches that steer traffic across the internet, to BT’s green street cabinets, to the transmission equipment used in mobile phone masts. If you send an email from your home computer or make a mobile phone call, wherever you are in the UK, the chances are your private communications and data will be carried over Huawei equipment. However, it is not the private communications that concerns are being raised about. It is the linking of our national infrastructure across the 5G network.  5G is a step change in the ability to transmit high speed data and will enable our already connected life style to reach levels probably unimagined as yet.

On the back of that report, BT who control the communications infrastructure across the county, started a programme to strip Huawei equipment out of the current 3G and 4G networks and have not planned to put Huawei devices into the core of developing 5G Networks. However, Huawei hit back and opened the Huawei Cyber Security Evaluation Centre (HCSEC) (known as “The Cell”) in 2010 just outside Oxford and put it under the oversight of what was then called the CESG and is now NCSC, the public facing part of the UK’s GCHQ.

This is why in recent statements senior personnel from GCHQ have been able to say they had “a unique oversight and understanding of Huawei engineering and cyber security”. One of the major issues over Huawei engineering is around so called ‘back doors’ being engineered into the hardware on the orders of the Chinese Government, so that the Chinese had a secret method of taking control of the hardware when they wanted to.

This fear was enhanced when China introduced its new National Intelligence Law and in particular Article 7 of that law which states, “any organisation or citizen shall support, assist, and cooperate with state intelligence work according to law.” Then Article 14 says, ‘state intelligence work organs, when legally carrying forth intelligence work, may demand that concerned organs, organisations, or citizens provide needed support, assistance, and cooperation.” This just reinforces that the Chinese state can overrule Huawei’s claimed independence. Huawei continue to insist that the law is being mis-interpreted.

Back doors
This idea of back doors is nothing new and ‘The Cell’ has found no evidence of back doors being deliberately put in Huawei hardware and they have denied they would ever do so, even if there was pressure from the Chinese Government. One area that possibly leaves hardware vulnerabilities however, is in their basic engineering.

Dr Ian Levy, technical director of the National Cyber Security Centre (NCSC), said on BBC Panorama, “The security in Huawei is like nothing else – it’s engineering like it’s back in the year 2000 – it’s very, very shoddy and leads to cyber security issues that we then have to manage long term.” But what does shoddy engineering mean?

As electronics are developed rapidly and for the mass market therefore as cheaply as possible, development is happening continuously. That development is in the hardware – the physical bits connected together and the software. What many don’t realise is those bits are made of bits and individual chips with a role in a device have their own software giving instructions. Developers have ‘development backdoors’ on chips and component so that updates can be quickly coded or integrated and the sides are supposed to be closed down before the production version is manufactured. Frequently this doesn’t happen as it is another process and therefore cost and development is ongoing often even after manufacture has started, so chips are put into production devices with engineering flaws.

The second area is that security is not designed in at chip level. There isn’t enough coding room for this to happen. However, Huawei is not the only international giant with reported security flaws.

Not just Huawei

Last year there were several reports on the blogging site Reddit saying that some Samsung Galaxy S9 and Note 8 phones were sending users’ pictures to their contacts without their permission and linked the issue to the Samsung Messages app.

Then we had Google confirming that it allows some external software developers to read and analyse the inboxes of Gmail users. “External apps can integrate with Gmail, so customers have options around how they use their email,” director of security at Google Cloud Suzanne Frey said in a blog post.

So who is listening to your conversations?
On the 3rd of July 2018 in the UK Parliament, the UK Defence Secretary, Gavin Williamson was updating MPs on Syria was rudely interrupted, not by another MP, but by his iPhone’s AI App Siri which boomed out “Hi Gavin, I found something on the web for: ‘In Syria, democratic forces supported by coalition…”

Trying to make light of the interruption Mr Williamson said, “It is very rare that you’re heckled by your own mobile phone.” Very quickly afterwards sources close to the minister denied that having the voice recognition software switched on posed a security risk, saying he did not carry that phone during confidential and sensitive meetings.

However, what wasn’t said is if he has sensitive conversations on that phone or with people when the phone is in his pocket. It is always listening.

In 2015 Samsung again warned its customers about discussing personal information in front of their smart television set. The warning applied to TV viewers who control their Samsung Smart TV using its voice activation feature. Samsung said, “when the feature is active, such TV sets ‘listen’ to what is said and may share what they hear with Samsung or third parties.”

Many of these companies use Chinese made chipsets in their technologies.

Papers leaked from America’s National Security Agency (NSA) by Edward Snowden through Wikileaks, revealed that it had hacked into Huawei’s headquarters, obtaining technical information and monitored the communications of its top executives. One of the reported aims was to try and uncover vulnerabilities or back doors in the products to use them for US surveillance operations.

The US Hacks Huawei

This could be why the US director of national intelligence and heads of CIA, FBI, NSA gave public warnings, but it is likely they know more about Huawei than they would be willing to say publicly. There is a distinct possibility that they found vulnerabilities not just in the software run on the phones, but the firmware (the code that makes components talk to each other) and even in some cases the hardware, the components themselves.

The Chinese Government’s cyber capability is provided by the Strategic Support Force (SSF) and is the military organisation tasked with gaining a strategic advantage in the information and cyber domain via its Network Systems Department. Given Chinese government control over most of its industry and that has been clear reporting for many years that the Chinese government forces its domestic electronic equipment providers to hand over their source code, this will be used by the SSF to exploit vulnerabilities in devices globally. Linking this to the new law reinforces the suspicions with regard to Huawei.

More back doors.
However, when it comes to ‘backdoors,’ it is not the Chinese who have been found out recently. In 2018 five undocumented back doors were found in CISCO routers and detailed in a book entitled No Place to Hide,” by Glenn Greenwald, the journalist who originally broke the Edward Snowden story. Greenwald states that unbeknown to CISCO the NSA intercepts routers and network devices bound for overseas customers and “then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users.”

There is merit to being wary of any one nation having potential access no matter how small it is to critical communications networks by what ever means. However, what is clear is that every nation is at the espionage game and if Huawei routers are being used then possibly another manufacturers tampered with routers are not being used, blinding that intelligence agency.

They are just doing their job.
It is the remit of national intelligence agencies to gain an advantage and they will do so by what ever means. The whole intelligence game revolves around data. Data is key to everything so it can be analysed, cross referenced, processed, assessed and turned into intelligence. The Russians targeting priorities are to gain political advantage and steal military secrets the Chinese focus is primarily on intellectual property; President Trump has stated the US priority, “America First.”

Huawei deny any Chinese state control or vulnerabilities and set up an organisation staffed by UK security cleared personnel to test the equipment they attach into the critical national infrastructure (CNI) and that organisation is called “The Cell.”

Jerry Wang, CEO of Huawei in the UK, wrote to The Times: “Their accusations are a smokescreen for an attack on our recognised technological innovation. They are not based on security concerns, but a barely concealed protectionist trade agenda.”

 

** New**

New UK Ban

On 14th July 2020 the UK announced a decision to ban Huawei from the UK 5G network and this has been called a U Turn. It isn’t – it is a change in the situation.  The US Commerce Department amended an export rule to block shipments of semiconductors to Huawei to “strategically target Huawei’s acquisition of semiconductors that are the direct product of certain US software and technology.”

This rule stops any manufacturer that uses US software and technology from supplying Huawei without a US license (which will never be granted), cutting off many of Huawei’s trusted suppliers. This will cause Huawei to turn to potentially untrusted Chinese component suppliers increasing the potential vulnerabilities of Huawei systems.

The UK Governments decision is siting security correctly, but it is because of a changed security situation caused purely by US trade sanctions. The Huawei issue is nothing more than a move in a US/China trade dispute but enhanced by China’s move to ignore its treaty with the UK on Hong Kong and a message on its wider Human rights stance.

How can I assess this? On 09 July 2020 the UK Parliaments Science and Technology Committee interrogated Huawei about the risk. Huawei said they didn’t know where they were going to get the components to replace those affected by US sanctions from, but asked for a few more weeks to clarify that.  They haven’t been given that time, so in reality we don’t know if there would be an increased risk or not. We have just spent £2Bn on a decision that didn’t need to be made just yet!

**New paras end**

We have several elements to the current debate, espionage, a distinct probability but all sides do it. Trade, and security is an easy cry to scare the markets into protectionist trade policies. Manufacturing standards, whether one manufacturer should have a monopoly on critical elements of a network and with 5G the way we structure our future Satan enabled world.

One thing to remember about anything you process electronically on a device that is connected to any network, WIFI, mobile provider, is that that data may not be as safe and personal as you think. It is your choice as to what tech you buy but whatever your choice is, think security, think risk, think compromise.

 

If you would like any further comment from Philip, please contact him by clicking HERE

Grey Hare Media Supports INTERPOL World

Grey Hare Media Supports INTERPOL World

by | Jul 31, 2017 | Articles

INTERPOL World 2017 strengthens resolve for international cooperation to address crime and is supported by Grey Hare Media

INTERPOL World 2017 concluded on a resounding note, with 8,362 attendees from over 40 countries and regions gathered at the event to network, source and forge alliances with the security community. 565 government leaders, international organization representatives, technology innovators and academics engaged in robust dialogues at the Congress, addressing future security challenges, with 52 thought leaders and experts guiding the discussion and sharing latest developments. On the exhibition floor, 226 international solution providers from 34 countries and regions showcased and discussed next generation solutions for security threat mitigation and the global fight against emerging crime. INTERPOL World 2017 stimulated collaboration, networking and information exchange between multiple stakeholders who sought to bring about a safer future.

One of the key elements of INTERPOL World is INTERPOL World TV and Grey Hare Media provided interview preparation and the INTERPOL World TV presenter Philip Ingram.  Philip is a frequent commentator on BBC News, BBC TV and Radio and has commented for Japanese NTV, Turkish TRT, Irish RTE and many more.  He was the presenter at the first INTERPOL World two years ago.  Describing the importance of INTERPOL World TV Philip says, “INTERPOL World TV does two things, it reminds delegates of the key messages provided by senior presenters at the congress and from major exhibitors at the exhibition.  Additionally, it gives a good understanding for those very busy individuals who could not make this years event so they know some of the issues and can keep up to date with the latest thinking.”

All of the INTERPOL World TV interviews can be accessed here: https://www.interpol-world.com/interpol-world-tv

Collaborative efforts from public and private sectors needed to address future crime

The need for collaboration and openness in information sharing were repeatedly emphasized by various leaders and experts at INTERPOL World.  INTERPOL President Meng Hongwei delivered the opening address that stressed the importance of pulling together expertise across professions, enhancing information sharing among agencies and capacity building at all levels and sectors.

INTERPOL Secretary General Jürgen Stock said at the Opening Launch, “We are witnessing technological and geopolitical uncertainties, leading to a complex international security environment. Responding effectively to these challenges requires constantly adapting investigative procedures, ensuring that investigators have the right skills for this environment, staying ahead of trends, accessing information outside of the police world and preserving evidence wherever they might be hidden or hosted.”

INTERPOL World TV interview with INTERPOL Secretary General Jürgen Stock

Mr Desmond Lee, Second Minister for Home Affairs and Second Minister for National Development, added, “The global community today grapples with a rapidly changing, and increasingly complex security landscape that presents unprecedented challenges. It is critical that both the public and private sectors collaborate closely to understand the current and emerging risks in the operating environment and examine how technology and innovation can be harnessed to their fullest potential to address and mitigate these risks.”

Experts agreed that while technology can move the industry ahead, criminals who have access to the same advancements are innovating at a much faster speed, with more organized networks that disregard international borders. In this light, government, security and law enforcement agencies around the world must come together to integrate and share intelligence and best practices.

INTERPOL World Congress: Confluence of perspectives and strategic approaches

The Congress Agenda for INTERPOL World 2017 was developed by INTERPOL and supported by the S. Rajaratnam School of International Studies (RSIS). This year’s Congress took on an innovative end-to-end structure, which gave delegates a guided experience in exploring the key themes of Cybercrime, the Future of Policing in Global Cities and Identity Management. Delegates to the Congress received a copy of the INTERPOL World Congress reader, a collection of articles on drones, artificial intelligence, darknet, biometrics, smart cities and identity management by speakers at this year’s Congress.

Day One of the INTERPOL World Congress kicked off with the World Economic Forum Cybercrime Dialogue moderated by Dr Jean-Luc Vez, Head of Public Security Policy and Security Affairs, Member of the Executive Committee, World Economic Forum. Experts discussed and deliberated on the escalating threats of cybercrime, coming to a consensus that technology today has exponentially expanded the impact of crime, as actors moved from simply causing disruption to profiteering from their activities. With the estimated cost to global cybercrime now running into billions of dollars, panelists agreed that a consolidated approach is needed, in order to cooperatively detect and investigate crimes on a global level.

INTERPOL World TV Interview with Jean-Luc Vez

On Day Two, discussions around the future of policing saw robust participation from both experts and the audience. As cities become smarter and more global, concerns have risen among security and law enforcement communities on threats to public safety and security. Experts discussed the importance of collaborative public safety and the transformation that needs to take place in police forces around the world, in order to engage communities in the fight against crime.

The globalized nature of crime was also discussed in depth, especially in light of challenges in identity theft of people, goods and vehicles. Day Three of the Congress saw leaders exchanging strategic views and ideas on border controls, immigration and identity fraud. Key takeaways include the urgent need for information sharing across all stakeholders, common standards for tools and best practices, and the importance of the human factor in exercising caution when managing identities.

INTERPOL World Exhibition: The answer to emerging security challenges

The INTERPOL World Exhibition saw solution providers showcasing the latest in security technology solutions that aim to equip security and law enforcement agencies with heightened capabilities. These innovations aid in detecting, preventing, investigating and ultimately solving crime more efficiently.

In crime investigation, the ability to recreate crime scenes can help investigators observe details missed during the on-site investigations. FARO’s creative booth demonstrated how its line of laser scanners can capture 3D scans of crime scenes for off-site forensic investigations. The FARO software enables data analytics on scanned data to recreate the scenarios accurately with details that investigators might have missed during on-site investigations.

Another attention-grabbing showcase was the security robot developed by Singapore-based Concorde Security, designed to assist on-the-ground surveillance using a combination of cameras, wireless connectivity and machine learning capabilities. Oneberry Technologies’ RoboGuard™ also attracted much attention, as the sleek remote monitoring vehicle demonstrated its capabilities around the exhibition floor.

INTERPOL World TV interview with Oneberry Technologies.

IoT devices and systems have notoriously broken the barrier between the cyber and physical world, but their security features have been lacking. Kaspersky Lab introduced its breakthrough Secure Operating System for IoT systems, that aims to protect software and data systems from the consequences of the intrusion of malicious code, viruses and hacker attacks.

Drones and other unmanned systems are certainly becoming mainstream, with several exhibitors showcasing various innovations used in safety and security operations. Among them was Canon, which showcased the latest six-rotor drone, designed to carry a cutting-edge camera that can capture images even in extremely dark situations – making it the perfect drone for search and rescue situations. Hikvision Digital Technology’s falcon series drone, designed for aerial surveillance, stood out amongst others for its portability, thanks to its all-carbon fiber design and foldable flying arms.

Huawei set up a command center on the exhibition floor that allowed attendees to truly experience the latest in command system technology via virtual reality. Huawei also signed individual MoUs with five companies – Agent Video Intelligence (Agent Vi), Ipsotek, Xjera Labs, Thuraya Telecommunications Company and Ascent Solutions, committing all to the joint development of public safety solutions and expanding its Collaborative Public Safety ecosystem. The signings took place at the Huawei-run Collaborative Public Safety Forum held in conjunction with INTERPOL World.

INTERPOL World TV interview with Huawei

The INTERPOL World Theatres, an expertly curated programme of seminars and workshops, took participants on a deep dive into key innovative technological evolutions. For instance, the session “Threat Hunting to Combat Cyber Crime” shared how organizations can leverage on existing network information to gain a competitive edge in the ongoing cyber war with criminals. Workshops were also conducted to provide participants with a hands-on learning experience. The IEEE Communications Society (IEEE-ComSoc), together with ECU, held a workshop on forensic computing, to share the latest tips and tricks on how to recover digital evidence.

INTERPOL World 2017 concluded on a successful note, with 91% of the exhibitors satisfied with the event – a significant 12% increase from the previous edition. The number of attendees also rose by 7%, with 98.4% of them satisfied with their experience at INTERPOL World 2017.

“This year marks the second edition of INTERPOL World, once again providing a unique platform for stakeholders such as law enforcement, government bodies, academia, international security experts and solution providers to discuss the spectrum of future security challenges and chart the way forward to combat emerging crimes. As we face unprecedented forms of crime occurring every day, we need to understand the implications of this trend on law enforcement and the security community worldwide. I am pleased that INTERPOL is once again able to host the top minds in the industry and I look forward to forging stronger collaboration among the players in the months to come,” said Mr Noboru Nakatani, Executive Director of INTERPOL Global Complex for Innovation.