beyond vehicle crime: impact of technology

Beyond Vehicle Crime: Impact of Technology

Hong-Eng KohVice President (Corporate)The Society for the Policing of Cyberspace (POLCYB)

Visiting ResearcherChina Public Security University

Global Lead, Justice & Public Safety (JPS)Industry Solutions Group

Graphic used with permission from the C3 Report

Copyright © 2016 Oracle and/or its affiliates. All rights reserved.

Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

2

Copyright © 2016 Oracle and/or its affiliates. All rights reserved. 3

1993…

Ang Mo Kio Division

Bedok DivisionAirportDivision

CentralDivision

Tanglin Division

Clementi Division

Jurong Division

To Malaysia

WoodlandsCheckpoint

VOI

INTERPOL’s 2014 Analytical Report on Motor Vehicle Crime:

69.4% driven to border

Note: The map shows the current divisions of Singapore Police. Back in 1993 there was another division: Geylang.


1996… To Malaysia

WoodlandsCheckpoint

VOIVOIAutomated Vehicle Screening System*• Automatic Number Plate Recognition (ANPR)• In one year, detected more than 250,000

vehicles with outstanding traffic summons or parking fines

• Over 150 vehicles wanted for investigation

*source: https://www.ida.gov.sg/About-Us/Newsroom/Media-Releases/2002/20061116160211


1998…

VOI

Electronic Road Pricing (ERP)

✗No access because of privacy concerns


UK Surveillance Camera Commissioner• Roles:– encourage compliance with the surveillance camera code of practice– review how the code is working– provide advice to ministers on whether or not the code needs

amending.

• Responsibilities:– providing advice on the effective, appropriate, proportionate and

transparent use of surveillance camera systems– reviewing how the code is working and if necessary add others to the

list of authorities who must have due regard to the code– providing advice on operational and technical standards– encouraging voluntary compliance with the code


Meanwhile in China…

RFIDTracking

(ITS)


European Union eCall: in all new cars from April 2018


UNODC: Global Motor Vehicle TheftAs at 10 Feb 2016

2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 20130

0.5

1

1.5

2

2.5

3

3.5

4

Mill

ion

of M

otor

Veh

icle

Better security features, surveillance, tracking technologies and

information sharing (INTERPOL INVEX)


London Metropolitan PoliceFebruary 2015

• In 2014, over 6,000 cars and vans across London were stolen without the owners’ keys• That is an average of 17 vehicles a day• Represents 42% of all thefts of cars and vans• The majority of such thefts appear to be the result

of organized criminals using key-programing devices to create duplicate keys for vehicles

*source: http://content.met.police.uk/News/Drivers-urged-to-protect-vehicles-against-keyless-theft/1400029791185/1257246745756

• Possible vulnerabilities: Keyless ignition, Bluetooth, GSM, Wi-Fi, etc.

• Criminals learn how to circumvent modern immobilizer technology


Recent Car Hacking News• Hacker Disables More Than 100 Cars Remotely•Wreaking havoc on a Toyota Prius• Vulnerability within the GM OnStar mobile app • Hacking of the Tesla Model S• Chrysler Recalls 1.4 Million Cars After Jeep Vulnerability Exposed

July 2015

https://youtu.be/MK0SrxBC1xs


Why?• Petty criminals, drug addicts• Joyriders• Organized crime, drug syndicate• Trafficking, means of transport• As a weapon, terrorism

How?2013 Tiananmen Square Attack• Five dead (including 3 terrorists)• 38 injured


Big Technology Trends


Digital Disruption & Sharing EconomyWorld’s largest taxi company owns no taxi

Largest accommodation provider owns no real estate

Most popular media owner creates no content

Largest phone companies own no telco infrastructure

World’s largest movie house owns no cinema

Largest software vendor don’t write the apps

Why BlackBerry Messenger was rioters' communication method of choice

7 Dec 2011

“Everyone in edmonton enfield wood green everywhere in north link up at enfield town station at 4 o clock sharp!!!!”

“Ah, who wants to buy rioting kits? Gloves, masks, petrol bombs: £5”Crime-Sourcing

The Independent 20 Apr 2015

• 8 counts of fraud• Posed as staff from Barclays, Lloyds and

Santander• Sometimes putting on a woman’s voice• Duped major organizations such as

Thomas Exchange Global• Over £1,819,000

Trickery

Neil Moore

Prison escape via mobile phone highlights social engineering vulnerability 30 Mar 2015

“Moore created a fake web domain that closely resembled Southwark Crown Court service's official address in order to send bail instruction via email to the prison's custody inbox. After executing what I would consider to be the simplest of all Social Engineering techniques, he was released.”

Trickery

15 Aug 2015

There’s a Will, There’s a Way!

Prisoners use Ministry of Justice laptops to mastermind £30m drug smuggling operation

South London's Wandsworth Prison

Man Attacks NYC Police With Hatchet; Authorities Probe Possible Terror Ties

Terrorism in Digital Disruption

“Helicopters, big military will be useless on their own soil. They will not be able to defeat our people if we use guerilla warfare. Attack their weak flanks…”

Suspect’s posting:

23 Oct 2014


Challenges• Silos by geography (USA has about 18,000 agencies)•Rise of technology/cyber-facilitated crime, including

social engineering• Terrorism in digital disruption• Legacy IT doesn’t meet new trends and needs,

e.g. mobility, integration with social channels


And Even More ChallengesFragmented Incident, Investigation, Evidence, and Intelligence Information• How can we create a trusted environment for the sharing of critical information

across departments and jurisdictions in an end-to-end policing process?

Inability to Analyze & Act on Criminal and Emergency Information• How can we identify trends and patterns to anticipate and prevent incidents?

Operational Excellence Impacted by Limited Resources• How can we reduce crime, enforce the law, develop our staff and protect the

public with limited resources?


So what can we do?•Public education, especially to counter social engineering•Roles of vehicle manufacturers in enhancing security as

recommended by Kevin Mahaffey*:–Set up an over-the-air update system–Isolate vehicle systems from infotainment systems–Secure each component independently•What else can we do?

*source: https://blog.lookout.com/blog/2015/08/06/tesla-research/


•National Information Exchange Model (NIEM)•US Department of

Justice & Department of Homeland Security

• Oracle SOA• Development

Tools• LDAP• Database

US California San Joaquin CountyInformation Sharing & CollaborationIntegrated Judiciary Management


Process Integration: Keeping More Officers Out in the FieldFinnish Police

Business Rules Legislation Policy Procedures Service Rules Behavior Models Scheduling

Internet

Policing Operational Capabilities

Phone eMail Mobile Face to Face PaperChannels

Operations& Response Investigation Intelligence

PropertyManagement

Suspect &Offender

Records Management

Coordination& Liaison

Citizens Trusted 3rd parties Police Staff Legal RepresentativeInvolved parties

Content Management Knowledge Base

Business Intelligence Performance Management Intelligence Analysis Management Reporting

Information Management Database Master Data Spatial Data Resilience & Availability Security

Social

Siebel Public Sector / Oracle Business Process Management

Incident Mgt

Alerts

Case Mgt

Prosecution

Relationship

Analysis

Lost & Found

Evidence

Offender

Custody

Criminal

Firearms

Legal Instr.

Warrants

Services requiring configuration

Integrated Policing Platform


Finding common Suspects who areinvolved in multiple location event

Identifying people sharing a handset or using multiple SIMs on one handset

Comprehensive summaryof Suspect’s activities

Identifying groups whoare working together

Finding call patterns and people Suspect is calling and their linkages

Big Data based Intelligence Fusion & AnalysisUAE Dubai Police

Intelligence Hub & Alerts

• Database• Oracle Database

Appliance• Oracle Big Data

Appliance• Endeca Informtation

Discovery

And many other functions…


Big Data Analytics: Chicago Crime Analysis

LiveDemo


Big Data Analytics: Chicago Crime Analysis(%) Whole of

ChicagoSouth

ChicagoBattery 18.2 19.9Theft 20.7 17.3Criminal Damage 11.5 11.7Narcotics 11.3 10.4Assault 6.1 7.2Burglary 5.9 6.5Robbery 3.7 4.6Criminal Trespass 2.9 2.5Weapon 1.0 1.3

Dark Web

Internet / Social


Dark Web, aka Dark Net, Deep Web

Intelligence Black Market AlphaBay Market


More News Headlines• Obama’s $4 Billion Plan for Self-Driving Cars Will Make Google

Very Happy– http://recode.net/2016/01/14/obamas-4-billion-plan-for-self-driving-cars-will-make-google-very-happy/

• Toyota to accelerate big data to and from cars with satellite technology running 50Mbps– http://www.techrepublic.com/article/toyota-to-accelerate-big-data-to-and-from-cars-with-satellite-technology-running-50mbps/

• The big data of bad driving, and how insurers plan to track your every turn– https://www.washingtonpost.com/news/the-switch/wp/2016/01/04/the-big-data-of-bad-driving-and-how-insurers-plan-to-track-your-every-turn/

http://recode.net/2016/01/14/obamas-4-billion-plan-for-self-driving-cars-will-make-google-very-happy/

http://recode.net/2016/01/14/obamas-4-billion-plan-for-self-driving-cars-will-make-google-very-happy/

http://www.techrepublic.com/article/toyota-to-accelerate-big-data-to-and-from-cars-with-satellite-technology-running-50mbps/

http://www.techrepublic.com/article/toyota-to-accelerate-big-data-to-and-from-cars-with-satellite-technology-running-50mbps/

https://www.washingtonpost.com/news/the-switch/wp/2016/01/04/the-big-data-of-bad-driving-and-how-insurers-plan-to-track-your-every-turn/

https://www.washingtonpost.com/news/the-switch/wp/2016/01/04/the-big-data-of-bad-driving-and-how-insurers-plan-to-track-your-every-turn/


[email protected]

@he_koh

linkedin.com/in/hekoh