Previous 191 / 204 Next
Normal view
Case study A10/5
Hypothetical case study from the Operational Case
Cyber-defence
A state controlled agent provides the infrastructure to several other state controlled
malicious Computer Network Exploitation (CNE) programmes. These programmes are
responsible for espionage against the Government and UK industry at massive scale.
The security and intelligence agencies’ ultimate aim would be to identify that agent and
any others supplying infrastructure to the programmes in order to find any of the new
computer equipment before it is used.
In order to do this the security and intelligence agencies would need to use bulk EI to
survey a location from where they believe the infrastructure is being procured, in order to
identify activity characteristic of the procurers. In order to find these individuals, the
security and intelligence agencies would need to acquire a large amount of data from
which to identify likely candidates, who would then be subject to more targeted
intelligence investigation.

Case study A10/6
Hypothetical examples from the Operational Case
The difference between targeted thematic and bulk EI
Scenario: Intelligence suggests that a Daesh inspired cell in a particular location in
the Middle East is plotting an imminent bomb attack against UK interests in the
region. The intelligence requirement is for the security and intelligence agencies to
find and identify all the individuals in the cell as fast as possible and uncover their
plans. To do this, the communications of the individuals in the cell need to be
acquired.
Example 1
Interception reveals that the cell are all using a unique anonymisation package to
hide their online identities.
An EI warrant is used to obtain a high volume of equipment data (not content) from a
large number of devices in the specified location in the Middle East. By applying a
search term (a ‘selector’) that is unique to the anonymisation package to the ‘pot’ of
data collected, only data relating to the cell members is retrieved for examination.
From this information, the content from only the cell members’ devices can then be
collected and examined.

187

Select target paragraph3

  • Uwazi is developed by uwazi

    in Kenya, Ecuador, Spain, Germany and USA.

  •  
  • Surveillance Oversight Database
  •  
  • Library
  • Login