Protecting a country’s most essential public and private sector services against wide-ranging threats and hazards forms an integral part of national security measures. It is arguably the first responsibility of government, says Andy Gent, chief executive at mobile intelligence company, Revector.
Critical national infrastructure sites such as oil refineries, nuclear power stations and water supply facilities act as the life support system necessary for a country to function. People rely on these services for clean water, reliable power and even connectivity. With the potential to disrupt vital services for thousands, if not millions, of people, these critical infrastructure sites are inevitably increasingly vulnerable to terrorist attacks.
As the security landscape and terrorist threat evolves, how can countries protect the vital organs of our life support system against the evolving terror threats?
Identifying and locating potential security threats in real time is essential to protecting these high-value sites, and mobile communications networks can be used to gather information.
Mobile communications have developed from large-scale infrastructure to more modern and flexible networks, presenting new opportunities to deploy them for national security. Historically, mobile phone masts were large and spaced at a significant distance from each other.
Mobile handsets are aware of a few masts (cell sites) at any one time to ensure there was an orderly hand over of communications, providing the user with continuity of connectivity. A by-product of this technology was the capability to triangulate people and find out approximately where they were when they made a call.
As mobile communications became more mainstream, and demand grew for reliable data services, the need for more network infrastructure increased. Technology evolved to provide millions of smaller cell sites that provided infill capacity, particularly in populous or urban areas.
While the network operated in much the same way as before, the average person on a modern cellular network would be connected to cell sites closer to each other than 20 years ago. Hence, triangulation of position through these sites became far more accurate and reliable.
The mobile networks have never exploited this location information and its use has been largely confined to rare legal cases where the location of certain individuals was critical to their innocence or guilt.
As terrorism increased and became more sophisticated, governments became increasingly aware of the opportunities new surveillance and detection technology presents for locating individuals of interest in real time, providing enhanced safety and security to the public. Technological innovations, which were once reserved for intelligence professionals, have now become more widely available.
Since 2003, IMSI-catchers have evolved from prohibitively large, expensive tools to monitor and manage the use of mobile devices into portable devices that can fit into a briefcase. An International Mobile Subscriber Identity (IMSI) is a 15-digit, unique number assigned to the SIM card that identifies mobile users within the network.
An IMSI-catcher acts in a similar way to a cellular base station and logs the IMSI numbers of mobile handsets that connect to it. IMSI-catchers can then be deployed to identify if a certain IMSI is in a certain place. Permission to use IMSI-catchers as covert devices in this way is strictly limited to specific circumstances, and usually requires the approval of senior government officials.
This technology has wider applications, however, in protecting critical infrastructure from terrorist attacks. Security services could use IMSI-catchers to monitor the movements of this individual or even monitor communications from the individual’s mobile to others.
Virtual security fence
One other obvious application of IMSI-catchers is to use them as ‘virtual fences’ around critical infrastructure. Physical fences are often erected close to the perimetre of the critical infrastructure. It could be argued that, by the time an intruder has reached a close perimetre fence of a high value target, they may have enough explosive material to do a great deal of damage.
In 2020, a terrorist attempted to attack a water intake facility in Ukraine with explosive devices, which would have led to a prolonged interrupted water supply to the region.
The cost of building a perimetre fence far enough away to protect against explosion is likely to be prohibitive, so an operator of, for example an oil facility, may instead decide to deploy IMSI-catchers 10 or even 50 kilometres from the site, creating an effective ‘virtual fence’ that identifies any IMSI that comes within this distance of the facility.
Utilising mobile networks
As terrorist attacks get more sophisticated and unpredictable, governments, companies and their security teams face some challenging hurdles when it comes to protecting critical infrastructure sites.
Mobile networks offer huge potential for accessing location information, identifying threats and protecting critical infrastructure sites, and IMSI-catcher technology can be deployed across several different scenarios. As IMSI-catching technology evolves further, it will become an indispensable tool for those responsible for protecting sites which are critical to society’s wellbeing.
The author is Andy Gent, CEO at Revector.
Follow us and Comment on Twitter @TheEE_io