Edited Excerpts from an Interview
How has the Internet changed the way terrorists and counter-terrorist operatives work?
Terrorists have moved every bit of operation they could to the Internet. Simply because they are not exposing their faces, nobody is following them on the street and it allows them to get information from somebody far away in an instant and with a sense of security. Governments, on the other hand, are playing catch-up, and for the most part, they are really bad at it because it requires a different sort of thinking.
Earlier, it was thought that we have to go through the entire information database on the Internet. Only a few governments can do that — the US, China and Russia — who have huge systems that cost thousands of millions of dollars, to tap and bring every piece of data on the Internet into centres like the NSA, where you need to sift through them. But as this is too huge a task, they started developing machines with artificial intelligence to pick up interesting alerts. This became so complex that you needed more machines and that created holes in the system and you started losing information.
Smaller countries, including Israel, were looking for smarter and more efficient ways of doing that. The most efficient way is to find out the people driving these activities and then try to get data on them.
We do it through something called social engineering, where you, in fact, become one of them. You want them to accept you. Since this is the Internet and you don’t have to show your face, you can do that by creating virtual humans, who befriend them and become insiders.
How does the system work? Do you have to know what you are looking for?
You start by knowing what you are looking for. Say we sell the systems to a drug enforcement agency. They know what and, more importantly, who they are looking for. So an operative is told by his superior, “Today, I want you to investigate narcotics smuggling in this area of the border.” Now you know what you need to research. We sell the technology and train them so that they can use it themselves. They define their mission, they create their avatars. An investigating officer may be responsible for five avatars, and he is actually conducting a covert operation to infiltrate the cartel. It may take two or three weeks, but eventually they get enough assets in there to be a part of them. Now, he is an insider, so he knows everything. So when there is a plan to smuggle narcotics at, say, 9 pm on Sunday, he is part of the plan.
The US’ PRISM programme was criticised for violating people’s privacy. How do you ensure that you don’t cross that line?
First of all, our systems don’t do anything that is illegal — we don’t intercept, we don’t tap, everything that we do is up to the point where a password is needed, after which the social engineering and avatars come in. If the bad guys decide they like one avatar, then they will provide him with the information to become a part of the group by giving him a user name and password. The system enables us to become insiders, who know the plans, the code words and the details, so we are not listening to conversations. By being an insider, you don’t violate anyone’s rights or cross any legal lines.