beyond vehicle crime: impact of technology
TRANSCRIPT
Beyond Vehicle Crime: Impact of Technology
Hong-Eng KohVice President (Corporate)The Society for the Policing of Cyberspace (POLCYB)
Visiting ResearcherChina Public Security University
Global Lead, Justice & Public Safety (JPS)Industry Solutions Group
Graphic used with permission from the C3 Report
Copyright © 2016 Oracle and/or its affiliates. All rights reserved.
Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
2
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 3
1993…
Ang Mo Kio Division
Bedok DivisionAirportDivision
CentralDivision
Tanglin Division
Clementi Division
Jurong Division
To Malaysia
WoodlandsCheckpoint
VOI
INTERPOL’s 2014 Analytical Report on Motor Vehicle Crime:
69.4% driven to border
Note: The map shows the current divisions of Singapore Police. Back in 1993 there was another division: Geylang.
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 4
1996… To Malaysia
WoodlandsCheckpoint
VOIVOIAutomated Vehicle Screening System*• Automatic Number Plate Recognition (ANPR)• In one year, detected more than 250,000
vehicles with outstanding traffic summons or parking fines
• Over 150 vehicles wanted for investigation
*source: https://www.ida.gov.sg/About-Us/Newsroom/Media-Releases/2002/20061116160211
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 5
1998…
VOI
Electronic Road Pricing (ERP)
✗No access because of privacy concerns
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 6
UK Surveillance Camera Commissioner• Roles:– encourage compliance with the surveillance camera code of practice– review how the code is working– provide advice to ministers on whether or not the code needs
amending.
• Responsibilities:– providing advice on the effective, appropriate, proportionate and
transparent use of surveillance camera systems– reviewing how the code is working and if necessary add others to the
list of authorities who must have due regard to the code– providing advice on operational and technical standards– encouraging voluntary compliance with the code
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 7
Meanwhile in China…
RFIDTracking
(ITS)
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 8
European Union eCall: in all new cars from April 2018
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 9
UNODC: Global Motor Vehicle TheftAs at 10 Feb 2016
2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 20130
0.5
1
1.5
2
2.5
3
3.5
4
Mill
ion
of M
otor
Veh
icle
Better security features, surveillance, tracking technologies and
information sharing (INTERPOL INVEX)
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 10
London Metropolitan PoliceFebruary 2015
• In 2014, over 6,000 cars and vans across London were stolen without the owners’ keys• That is an average of 17 vehicles a day• Represents 42% of all thefts of cars and vans• The majority of such thefts appear to be the result
of organized criminals using key-programing devices to create duplicate keys for vehicles
*source: http://content.met.police.uk/News/Drivers-urged-to-protect-vehicles-against-keyless-theft/1400029791185/1257246745756
• Possible vulnerabilities: Keyless ignition, Bluetooth, GSM, Wi-Fi, etc.
• Criminals learn how to circumvent modern immobilizer technology
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 11
Recent Car Hacking News• Hacker Disables More Than 100 Cars Remotely•Wreaking havoc on a Toyota Prius• Vulnerability within the GM OnStar mobile app • Hacking of the Tesla Model S• Chrysler Recalls 1.4 Million Cars After Jeep Vulnerability Exposed
July 2015
https://youtu.be/MK0SrxBC1xs
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 12
Why?• Petty criminals, drug addicts• Joyriders• Organized crime, drug syndicate• Trafficking, means of transport• As a weapon, terrorism
How?2013 Tiananmen Square Attack• Five dead (including 3 terrorists)• 38 injured
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 14
Digital Disruption & Sharing EconomyWorld’s largest taxi company owns no taxi
Largest accommodation provider owns no real estate
Most popular media owner creates no content
Largest phone companies own no telco infrastructure
World’s largest movie house owns no cinema
Largest software vendor don’t write the apps
Why BlackBerry Messenger was rioters' communication method of choice
7 Dec 2011
“Everyone in edmonton enfield wood green everywhere in north link up at enfield town station at 4 o clock sharp!!!!”
“Ah, who wants to buy rioting kits? Gloves, masks, petrol bombs: £5”Crime-Sourcing
The Independent 20 Apr 2015
• 8 counts of fraud• Posed as staff from Barclays, Lloyds and
Santander• Sometimes putting on a woman’s voice• Duped major organizations such as
Thomas Exchange Global• Over £1,819,000
Trickery
Neil Moore
Prison escape via mobile phone highlights social engineering vulnerability 30 Mar 2015
“Moore created a fake web domain that closely resembled Southwark Crown Court service's official address in order to send bail instruction via email to the prison's custody inbox. After executing what I would consider to be the simplest of all Social Engineering techniques, he was released.”
Trickery
15 Aug 2015
There’s a Will, There’s a Way!
Prisoners use Ministry of Justice laptops to mastermind £30m drug smuggling operation
South London's Wandsworth Prison
Man Attacks NYC Police With Hatchet; Authorities Probe Possible Terror Ties
Terrorism in Digital Disruption
“Helicopters, big military will be useless on their own soil. They will not be able to defeat our people if we use guerilla warfare. Attack their weak flanks…”
Suspect’s posting:
23 Oct 2014
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 20
Challenges• Silos by geography (USA has about 18,000 agencies)•Rise of technology/cyber-facilitated crime, including
social engineering• Terrorism in digital disruption• Legacy IT doesn’t meet new trends and needs,
e.g. mobility, integration with social channels
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 21
And Even More ChallengesFragmented Incident, Investigation, Evidence, and Intelligence Information• How can we create a trusted environment for the sharing of critical information
across departments and jurisdictions in an end-to-end policing process?
Inability to Analyze & Act on Criminal and Emergency Information• How can we identify trends and patterns to anticipate and prevent incidents?
Operational Excellence Impacted by Limited Resources• How can we reduce crime, enforce the law, develop our staff and protect the
public with limited resources?
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 22
So what can we do?•Public education, especially to counter social engineering•Roles of vehicle manufacturers in enhancing security as
recommended by Kevin Mahaffey*:–Set up an over-the-air update system–Isolate vehicle systems from infotainment systems–Secure each component independently•What else can we do?
*source: https://blog.lookout.com/blog/2015/08/06/tesla-research/
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 23
•National Information Exchange Model (NIEM)•US Department of
Justice & Department of Homeland Security
• Oracle SOA• Development
Tools• LDAP• Database
US California San Joaquin CountyInformation Sharing & CollaborationIntegrated Judiciary Management
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 24
Process Integration: Keeping More Officers Out in the FieldFinnish Police
Business Rules Legislation Policy Procedures Service Rules Behavior Models Scheduling
Internet
Policing Operational Capabilities
Phone eMail Mobile Face to Face PaperChannels
Operations& Response Investigation Intelligence
PropertyManagement
Suspect &Offender
Records Management
Coordination& Liaison
Citizens Trusted 3rd parties Police Staff Legal RepresentativeInvolved parties
Content Management Knowledge Base
Business Intelligence Performance Management Intelligence Analysis Management Reporting
Information Management Database Master Data Spatial Data Resilience & Availability Security
Social
Siebel Public Sector / Oracle Business Process Management
Incident Mgt
Alerts
Case Mgt
Prosecution
Relationship
Analysis
Lost & Found
Evidence
Offender
Custody
Criminal
Firearms
Legal Instr.
Warrants
Services requiring configuration
Integrated Policing Platform
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 25
Finding common Suspects who areinvolved in multiple location event
Identifying people sharing a handset or using multiple SIMs on one handset
Comprehensive summaryof Suspect’s activities
Identifying groups whoare working together
Finding call patterns and people Suspect is calling and their linkages
Big Data based Intelligence Fusion & AnalysisUAE Dubai Police
Intelligence Hub & Alerts
• Database• Oracle Database
Appliance• Oracle Big Data
Appliance• Endeca Informtation
Discovery
And many other functions…
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 26
Big Data Analytics: Chicago Crime Analysis
LiveDemo
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 27
Big Data Analytics: Chicago Crime Analysis(%) Whole of
ChicagoSouth
ChicagoBattery 18.2 19.9Theft 20.7 17.3Criminal Damage 11.5 11.7Narcotics 11.3 10.4Assault 6.1 7.2Burglary 5.9 6.5Robbery 3.7 4.6Criminal Trespass 2.9 2.5Weapon 1.0 1.3
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 29
Dark Web, aka Dark Net, Deep Web
Intelligence Black Market AlphaBay Market
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 30
Dark Web, aka Dark Net, Deep Web
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 31
Dark Web, aka Dark Net, Deep Web
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 32
More News Headlines• Obama’s $4 Billion Plan for Self-Driving Cars Will Make Google
Very Happy– http://recode.net/2016/01/14/obamas-4-billion-plan-for-self-driving-cars-will-make-google-very-happy/
• Toyota to accelerate big data to and from cars with satellite technology running 50Mbps– http://www.techrepublic.com/article/toyota-to-accelerate-big-data-to-and-from-cars-with-satellite-technology-running-50mbps/
• The big data of bad driving, and how insurers plan to track your every turn– https://www.washingtonpost.com/news/the-switch/wp/2016/01/04/the-big-data-of-bad-driving-and-how-insurers-plan-to-track-your-every-turn/
Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 33
@he_koh
linkedin.com/in/hekoh