Circuit Magazine #4 by Circuit Magazine

SUMMER

2009 Â£4.50

Quarterly Magazine of The British Bodyguard Association

HAND TO HAND COMBAT Do martial arts have a role for the modern CPO? STARTING OUT AS A CPO Tips for beginners THE TIMES THEY ARE A CHANGING Factors that have changed the Industry EFFECTIVE EMERGENCY Decision-Making for the Team Leader & Security Manager Plus: Can door supervisors make good bodyguards? Financial answers and Book reviews

So you want to be a penetration tester? 6 page technical guide inside

2 : : Circuit

SUMMER

2009

CONTENTS

The Circuit is compiled, edited and published quarterly by: The British Bodyguard Association. www.The-BBA.org.uk :: Info@The-BBA.org.uk ::Tel: 0845 3102 413

FOREWORD by Shaun West An introduction to the first printed edition of The Circuit

HAND TO HAND COMBAT by Max Williamson Do martial arts have a role for the modern CPO? NEWS National and International news

THE TIMES THEY ARE A CHANGING by Stewart Griffiths Factors that have changed the Industry EFFECTIVE EMERGENCY by Richard Hewetson Decision-Making for Industry Management ASK ANNA by Anna Cooperwhite Financial questions and answers

PENETRATION TESTING by Keith Loose Bring out your inner geek with the first of 6 tech. articles

BOOKLUB by Mike Jones On-topic book reviews

STARTING OUT by Nick McCarthy Tips for beginners

FOREWORD

HOOFING IT by Peter Jenkins Anti-Surveilance whilst on foot

10 12

CAN DOOR SUPERVISORS MAKE GOOD BODYGUARDS? 22 by Robin Barratt

KEEPING YOUR EDGE by Elijah Shaw This Month: Training the Celebrity Bodyguard

GET YOUR KIT ON Industry equipment reviewed and tested

CLASSIFIED Industry advertising section

by Shaun

West

Hi Readers We’re glad you enjoyed the last issue of The Circuit; it was the first one actually created and put together by the new ownership of the British Bodyguard Association and we believe we moved the whole project forward substantially. We enjoyed creating it and thank you greatly for all of the feedback we have received. The feedback was so good in fact, that we decided to trial the production of a hardcopy of the magazine. Isn’t it great finally seeing it in print? Although we are now producing a hardcopy of the magazine we are still providing the PDF version of the magazine at no extra charge as an added benefit to the membership. You can find all previous issues of the magazine in the download section once signed in. This means you can have access wherever you have an Internet connection and can read at your convenience wherever you are in the world. Since taking control of the BBA at the start of the year things have moved extremely fast for us, there has been a complete turnaround of the Association and we are now attracting more and more members from around the globe, which is great news for the growth of the Association.

This quarter has seen two new site sponsors in the form of ISS Training and Icon Services and the welcoming of our newest Corporate member in Camberford Law. ISS will be familiar to many of you involved with surveillance as they have been one of the premier training providers within this specialist skill set for a number of years and we are extremely pleased that they have recognized the BBA as worthy of their sponsorship. ICON Services may not be as familiar to those of us on this side of the pond but for our US readers it will be instantly recognizable. Icon, headed up by Elijah Shaw is a well-established company with Elijah as its figurehead. Camberford Law specialise in providing bespoke insurance services tailor made to meet the needs of the operators and companies working within the security industry.

month we will feature different titles by varied reviewers . All of this coupled with some great kit reviews this has the makings of another great issue. As always we’re looking for any relevant articles and pieces, which will be of interest to BBA members and subscribers of the magazine. If you wish to advertise or feel you would like to contribute to the next issue of The Circuit magazine please email at the address provided below. The Circuit “The magazine written for the Operator by the Operator!!”

Till the next issue……..Stay Safe!!

As always this issue of The Circuit has some great contributions from the membership, a new regular column from Anna Cooperwhite from Whittaker and Co accountants whom will be answering any financial questions you may have. The addition of the book review column will also make a welcome change I’m sure, each

Circuit : : 3

Circuit :: HardTalk

Hand to Hand COMBAT

Does martial arts or unarmed combat have a place for the modern day close protection professional?

by MAX WILLIAMSON This is a question which quite often causes a lot of contention and argument. I think the real question is does unarmed combat have a place in training of Close protection professionals?!! I’m sure there are those who would say, and I indeed it has often been said to me “bet you can’t dodge bullets though can ya?”. Well obviously not, but any system of unarmed combat should be based on prevention rather than cure! My background is one of martial arts, both traditional Japanese jujitsu and modern day derivatives. In recent times I have taken time out to study different systems of martial arts or unarmed combat in a desire to find a definitive system, one which is easy to understand and replicate, and has numerous applications. Systema, isw the Russian system of unarmed combat, originally created for the Spetznatz or Russian Special Forces. Now before I continue, I must first say that I hold the opinion that anything learnt is limited by the skill or knowledge of those teaching! So that said I will continue. This system seems to have some very useful and valid techniques, however it has been branded as being “the complete system which is easily learnt and understood”. I found that all those students that I met of this system seem to hold the opinion that it was quite a long winded system to learn! Hmmm, you see what I am looking for is something which I can easily teach to people in a short space of time and they will easily remember when needed! So I turned to an old friend who is an expert in Ninjitsu, and however closely related to my formative

4 : : Circuit

art, this also fell short of what I was looking for! But, what I was able to do, was taking a little of something away from all the different styles and genres and amalgamate them, so that I am able to take someone, who might have little or no experience and give them the ability to control and preempt certain situations. If you look at the modern day cp based perhaps in Europe or the UK, then they will be unarmed and have to deal with every situation that confronts them, with open hands! So that could be the pushy photographer, or the over eager fan, a disgruntled employ, the possibilities are endless, but they all require presence of mind by the CPO to either preempt the situation and avoid it, or subtly solve it! Where a lot of systems fall short, is that rely on teaching a system of reactions. For example if man A does this, you can do this! You can see where this is going? That’s all very well if the person in question has the presence of mind and quick thinking to apply those reactions within a split second, but if he hesitates, he’s failed!! In my own

mind I believe it is far better to preempt a situation before it escalates, than react to it!! These preemptions can be at most basic of levels. Even crossing the street to avoid a potential situation is an example of this. Being aware of your surroundings, the people around you and reading body language are vital in this approach. To my mind it doesn’t matter whether or not you are thinking purely of your own protection or third party protection, the principals are exactly the same. I think most people will agree that a basic understanding of situation awareness is absolutely necessary for a CPO?!! Situation awareness is where it begins, avoiding situations is far better than having to find a solution in the event! This is where for me unarmed combat, and my own chosen art really comes into its own. Okay, so you have tried avoidance, diplomacy and conflict resolution. These have all failed and you find yourself and your principal in a situation where confrontation is inevitable! How do you deal with it? It could well be in a very public arena, where you’re actions are not only judged, but possible photographed or filmed! We now live in a society where your actions will be scrutinized by the law, not just the public eye. It is imperative that any physical action you take is perceived to be the minimum necessary. Punching someone in the face and casually jumping on their head will probably not only find you in court, but possibly without any work! So how do you deal with situations which necessitate a physical reaction on your part? My solution is a form of Japanese Jujutsu, which takes the best parts of a traditional martial art and puts this together with modern adaptations. I will be the first to

Circuit :: HardTalk admit, that I have been a student for over 13 years and I am still learning, but that said I still believe that someone with no prior knowledge could learn some usable techniques with a small amount of tuition. The basis of any self defence system has to be understanding how the human body and the skeletal system fits together and moves. By understanding “body mechanics” and “body movement” you can learn to control people of all shapes and sizes with very little effort. The principle is very simple, if you know for instance that a wrist will only rotate so far, by gripping someone’s wrist and using their own momentum to move it beyond the realms of normal movement, you are able to control, and if desired disable someone. To the casual onlooker, it would appear that you have done relatively little, therefore maintaining the adage of “minimum force”. The fact that the attacker has a broken wrist can attributed to their own force, not through any brutality on your part and any onlookers could support this. To me this is what makes unarmed combat/

martial arts essential for any CPO, The ability to control people in any given situation, whilst maintaining a very professional appearance with illusion of minimal force. It is not necessary to be the next Jet Li, to be able to effectively use martial arts. You don’t need to be able to dodge bullets or scratch your ears with your feet!! You just need an understanding of body mechanics and a few very simple techniques which can be used in any given situation, to preempt or disarm attackers. So in conclusion, yes I do believe that martial arts have a place in the training of the modern CPO, but it must be the right sort of training! Komodo Red can tailor unarmed combat training courses for varying groups and abilities. Please contact them to discuss your requirements: www.komodored.com

THE NORTH AMERICAN BODYGUARD ASSOCIATION PRESENTS:

ICON Celebrity & VIP Protection Training “Professional guys, they know their stuff & come highly recommended.” ~ Sha money XL, Personal Manager to 50 Cent

Course Highlights • Operating in the world of Celebrity & VIP Protection • Protecting the Principal (Individual & Team) • Transportation movements and logistics • Working the red carpet & major events • Dealing with fans, paparazzi & stalkers • How to market yourself and establish a career in the industry

Make yourself more marketable in the new economy! Icon Services Corporation is proud to present a five-day course of practical theory and hands-on training in the world of Celebrity & VIP Protection. If you are new to the bodyguard industry or a current operator looking to refresh and polish your skills, this course will offer excellent instruction into the professional side of Close Protection work. Taught by industry veteran Elijah Shaw, who in addition to his corporate clients, has traveled the world as the personal bodyguard of international public figures such as musical giant Usher, supermodel Naomi Campbell, and rap megastar 50 Cent, the course will offer real world problems, scenarios, and solutions from instructors that are currently active in the industry.

www.Industry-Icon.com/Training Discount for BBA & NABA Members

GUANTANAMO INMATES OFF TO ITALY! Italian Prime Minister Silvio Berlusconi met with US President Barrack Obama at the White House and agreed to the request; this will help towards the aim of the US administration to close down the camp. Nine detainees from the camp have already been transferred to other countries such as Saudi Arabia, Bermuda, Iraq and Chad but at this time it is unclear exactly how many other countries will accept detainees and just how long it will take to close down the Guantanamo camp.

ELECTION CAMPAIGN STARTS IN AFGHANISTAN. Elections are due to take place in August with President Hamid Karzai seeking re-election but facing competition from 40 other candidates. Not only have posters of the incumbents’ rivals have already begun to appear but there have also been vehicles with loudspeakers roaming the capital, Kabul, urging people to vote. This can only be a good thing and go a long way to ensuring a good turn out in what will hopefully be full and fair elections.

TIME TO TWITTER! Twitter is a free social networking and micro-blogging service that enables its users to send and read each other’s updates, known as tweets! You can follow The Circuit Magazine at; www. twitter.com/circuitmagazine and the British Bodyguard Association at: www.twitter.com/theBBA Twitter is fun and easy way to keep up to date with what is going on with your fellow tweeters but please remember to ensure good PERSEC and OPSEC when Tweeting!

Location: Minneapolis, Minnesota (USA) For more info contact: 1 (651) 695-8778 or email Training@industry-icon.com elijah_fp.indd 1

Circuit :: News

12/06/2009 12:42:35

Circuit : : 5

Circuit :: News

65th Anniversary of D-Day SRI LANKA ARMY CLAIMS VICTORY OVER TAMIL TIGERS June 2009 has seen the 65th anniversary of the D-day landings at Normandy. Allied veterans took part in a series of events in France on the eve of the 65th anniversary. A parachute drop started off the commemorations to mark the airborne phase of the Normandy landings that many say launched the beginning of the end of the Second World War.

Prince Charles and Gordon Brown both attend a ceremony alongside the French and US presidents. Elsewhere, vandals have smashed eight Commonwealth war graves and 12 veterans’ memorial stones at a cemetery in Wallsend on Tyneside, UK. The Royal British Legion called the attack “heartless” and “disgusting”.

SIA LAUNCHES SECURITY LICENSING FOR NORTHERN IRELAND Licence applications are now being accepted by the Security Industry Authority from individuals working in the private security industry in Northern Ireland. Applications are also being welcomed from security suppliers wishing to apply for the SIA’s Approved Contractor Scheme. Andy Drane, SIA Acting Chief Executive and leader of the implementation programme, said: “SIA regulation in Northern Ireland will ensure standards of training and professionalism in the private security industry are the same across the whole of United Kingdom. “From 1 December 2009, the public will benefit from one regulator and one licensing scheme, which will allow them to have confidence in a regulated and trusted industry.” John Montague, SIA Head of Investigation for Northern Ireland, said: “Our priority is to communicate with all sectors of the security industry in Northern Ireland to help them understand the benefits of regulation and what they need to do to comply with the legislation. A number of people and organisations have already started to make good progress towards getting licensed. We advise all companies and individuals not to underestimate the time and resources it takes to get licensed and we urge those yet to start the licensing process to do so now.”

After 25 years of civil war the Sri Lankan President Mahinda Rajapaksa says his country has finally defeated the Tamil Tiger rebels. If this is indeed the case it would be the first time since 1983 that the while of the country has been under government control since 1983. The body of the feared Tamil Tiger rebel leader Velupillai Prabhakaran was shown on news reports sending out a message to those that may still be supporting the faction that their leader was dead. Estimates suggest that the fighting has displaced 265,000 people and killed as many as 100 00.

SOME ROYALS TO LOSE THEIR CLOSE PROTECTION Providing round-the-clock protection to junior Royals such as Princess Eugenie Princess Beatrice is to be reviewed. A recent incident when Princess Eugenie was on holiday has brought this matter in to the public eye at a time when many are feeling the pinch due to the recession. Many are questioning if some of the younger members of the Royal family actually need the current level of protection that they receive? It is thought that the total cost for protection of the Royals may be beyond £50 million. It would be a brave decision to remove protection from those that currently receive it as sod’s law dictates that once this is done the very worst will happen!

MP Expenses: Public Image Never Lower Public feeling about the United Kingdom’s Members of Parliament is at an all time low after the latest round of revelations regarding the MP’s expenses. All 3 of the major parties have been badly affected by the latest allegations. Tens of thousands of pounds for security patrols outside the homes of MP’s, large mortgages being paid by the tax payer, new kitchens, refunds for charitable donations, plasma TV’s; the list goes on and on. Many of the MP’s have decided to pay back the monies that they took from the public purse but this is doing little to quell the tide of public feeling against them. There are worries that this could result in a swing of votes towards the more extreme parties with a general election probably no more than a year away.

Pakistan Vs Taliban

A peace agreement between the Taliban and Pakistan forces has collapsed with the Pakistan security forces launching operations against the Taliban in Swat, Lower and Upper Dir and Bunir Districts. The peace agreement proved short-lived when the Taliban failed to live up to their side of the agreement (handing in weapons), instead of doing this they advanced on other districts. Since the breakdown of the agreement Pakistan forces have had great successes and this can only help bolster the effort against the war on terror.

6 : : Circuit

STARTI NG OUT by Nick McCarthy Argus Europe

We often get asked about top tips for new comers to the industry so have put together some ideas that we believe would be worth considering

First of all you have to get your curriculum vitae/resume in order! This really is vital and something that is so often overlooked completely or treated with contempt! No matter how good you are on the ground you will require a CV. Get your friends, family, co-workers, whoever to read it and be critical when doing so. Have a look at other peoples CV’s and see if you can pick up anything from them. When writing your CV do not use a fancy font that may make it difficult to read; a CV that is difficult to read will only end up in one place…..the shredder!

out there, local business clubs, after hours socializing whilst on a task and associations such as the British Bodyguard Association are all excellent ways of networking. Writing well thought out, intelligent articles for The Circuit will give you valuable exposure and you will soon become regarded as a subject matter expert meaning that people may seek you out and engage your services.

Your CV must be truthful, lie and you will be found out and your credibility will be ruined, possibly forever. A photo on a CV, particularly a Close Protection CV can be a good idea and will often be requested by those reading them; politically correct or not, this is the case.

Advertising! Advertising can be a phenomenal success or an absolutely heartbreaking experience so you must do your research before making a decision. Obviously we all have a budget to consider and you must be stringent with it and once it has been spent then let that be it until the next financial year!

Consider getting yourself some business cards! You do not have to spend a fortune on these at all but they are an excellent way of passing on your contact details to those who you may meet whilst on a task or at a networking event. One thing not to do is to do what is known as ‘carding’ within the industry; that is handing out your own cards to a client when you are working for someone else for that very client! If you do it and get caught not only will you not get any more work from that particular contact but also word will get around and people will avoid you like the plague!

It may seem really obvious but make sure that you do not have a ridiculous e-mail address such as fatsteve@fatty.com as this will not be well received by a “white socks potential emshould not be ployer! Other small worn with a details such as the way that you suit; although answer the phone a small point it are really imporwill be noticed tant. If you do not recognize an by everyone” incoming number and pick up saying, “yeah, what? Who is that?” it is not going to make a good first impression with anyone! Instead try, “hello, Chris speaking” and then deal with the rest of the call in a similarly profes-

Networking is absolutely key to your success with the security industry! There are various ways to network such as Regimental Re-unions for the ex service personnel

Anyone interested please e-mail the BBA at: admin@the-bba.org.uk letting them know of your interest in writing for The Circuit.

sional manner and the chances of the call going well increase significantly! Someone calls to offer you work and you answer in an acceptable manner, (so far so good) but whatever you do, do not spoil it by making the 1st thing out of your mouth “how much”! This is guaranteed to put peoples back up straight away and will probably be an extremely short conversation! Another often forgotten aspect of the whole telephone manner thing is the voice mail message! Lots of you military guys do the message while on the .50 calibre range in Brecon……”I’m a bit busy right now, if you leave your name and number……..” which might sound pretty cool while you are serving but unfortunately it does not when you are trying to gain employment on The Circuit! A simple message will suffice; just make sure you record it in a quiet place and not Liverpool Street Station during rush hour! Writing e-mails is another aspect of general etiquette that many people think does not matter……..well it does! Writing e-mails solely in capitol letters is A BIG NO, NO! IT LOOKS REALLY BAD AND WILL PROBABLY RESULT IN YOUR E-MAIL BEING DELETED STRAIGHT AWAY! It really is just bad skills and must be avoided at all costs. Another point on e-mails is that you never know who is going to read them so, despite the temptation, do not write an abusive e-mail as it may well come back to haunt you way beyond what you might expect! Gentlemen…….white socks should not be worn with a suit; although a small point it will be noticed by everyone and if noticed at interview will not go down well! Okay then, so these are just some of the smaller aspects that you should look at when entering in to the Security Industry, many of them will be obvious to some of you but maybe not so to others. We can all pick up the odd tip from our peers and I hope that some of you will have done so from this column.

Circuit : : 7

Circuit :: HardTalk Close Protection

THE TIMES THEY ARE A CHANGING 5 major factors that have substantially changed the role of the Security Manager in recent decades by STEWART GRIFFITHS

Terrorism A major factor as to why the security managers’ remit has changed has to be as a direct result of the September 11th attacks in the United States and the overall threat of global terrorism. Whether successful or not, it is clear that the new form terrorism is not going away and instead, is becoming more advanced all the time. In light of these attacks the need for new measures were seen and, consequently, all old systems and procedures were scrutinised and replaced with newer, more sophisticated and advanced systems. This did not simply mean the installation and implementation of advanced equipment but the training and education in matters of security and procedures. The reverberations were felt as far down as the men on the frontline, whether that be the Close Protection teams working in high threat areas, like Iraq and Afghanistan or the guard standing outside your local supermarket. The security manager would have to have planned the introduction of all these issues, take an active part in educating his team, continuingly making them more efficient, observant and aware of what is happening around them.

‘Standardisation and licensing is not the only factor that efficient security managers need to be aware of’

8 : : Circuit

Although the UK has dealt with terrorism throughout its history, we are now up against a modern strain of the threat, one that has no boundaries. Someone who lives by the code of “The gates of Paradise are under the shadows of the swords” will be hard to defend against. Therefore, it

has called upon a new breed of security manager, one that is educated in the skills to identify weakness and implement strategies to combat this threat. However, the security manager can only put these actions into play if he has the correct background knowledge, qualifications and staff with the essential training.

Criminal Behaviour / Qualifications and licensing Due to the modern criminal becoming ever more devious and sophisticated, we require a more in-depth knowledge of security planning and procedures. With the introduction of the Internet there have been thousands of breaches of security, ranging from basic fraud to the most intricate of scams and even identity theft. These all require measures to combat this threat and protect the general public. This is where the Security Industry Authority (SIA) is trying to ensure a level of professionalism and a set standard to be obtained by all whom wish to pursue a career within it.

Circuit :: HardTalk Now, everyone from a bodyguard to a CCTV operative will need to have passed the necessary individual qualification to secure the approval needed from the SIA.

Health & Safety Standardisation and licensing is not the only factor that efficient security managers need to be aware of. With the tightening of health and safety laws and procedures over the last decade it has become a key factor that needs to be closely monitored and maintained within every security manger’s plan. There is far too much at stake to allow breaches of health and safety. The Health & Safety At Work Act 1974 and the Management Of Health & Safety At Work Regulations 1999 means that an employer must provide, as far as is reasonably practicable: Safe provisions of plant and systems of work  Safe storage, handling and transportation of articles and substances  Provisions of information, instruction, training and supervision  Adequate facilities and arrangements for welfare. The security manager must make a suitable and sufficient assessment of the risk to which his team will be exposed while going about their work and those not directly under their employment but acting on their behalf.

‘Finance is a major constraint to all security managers ‘

The main thrust of all recent legislation is the assessment of risk and the controls that one must implement to reduce it wherever possible and practicable. Without a suitable and sufficient risk assessment there is no defence in a court of law. The introduction of health and safety legislation has proved that not only must there be a duty of care to the members of staff but also to the general public.

Financing This all needs to be done to a budget. Finance is a major constraint to all security managers and will drastically affect their plan to rectify any problems that their risk assessment has exposed. The constraints of financing can be enormous and can dictate whether a job will achieve its objectives or fail. People always look to save money when it comes to matters of security. This often results in short cuts, thereby leaving the whole assessment vulnerable to breaches that will ultimately be exploited by an ever-developing threat.

Conclusion A security manager is no longer a free agent to manage and enforce as he or she pleases. Actions must be managed within a legislative environment that asks for prior considerations and a measured response that is acceptable within the law. Gone are the days of being a security consultant by day and a bouncer by night. The Security manager can only deal with all these threats and constraints by continuingly educating, evolving and developing themselves and their team in all areas of the industry.

Circuit : : 9

Circuit :: HardTalk Close Protection & Corporate Security

EFFECTIVE EMERGENCY by RICHARD HEWETSON

Richard Hewetson has over 20 years of significant military, government and commercial Close Protection, Surveillance and security experience. He has served in both the Parachute Regiment and Royal Military Police Close Protection Unit and has personally provided Close Protection in military and civilian arenas to British Ambassadors and UK Special Envoy’s, (for and on behalf of the British Government’s Foreign and Commonwealth Office), members of the British and Saudi Royal families, Members of Parliament, personal bodyguard to 2 General Officers Commanding British Forces in Northern Ireland, A-list celebrities, CEO’s, owners of world’s leading companies and some of the most powerful and influential business leaders in the world today. Experienced in all matters concerning the protection of persons specifically at risk and the physical security of major corporations, governmental and military buildings, compounds and private estates, he has led and conducted Close Protection operations in 38 countries across 5 continents and is widely recognised as being the subject matter expert at the very top of his profession.

10 : : Circuit

Security, as a whole must be the most broad, wide ranging subject and one that has seen the most substantial and dramatic increase of attention in recent times. Naturally, the term ‘Security’, can signify or represent different things to different people dependant on that individuals’ location, occupation, responsibility and status. Almost everyone and everything incorporates some level of concern for security. Whether it involves security of the environment, economic, national, international, global, and social, information technology, communications, company, military or personal. Security affects each and everyone one of us. At some point in time, we are all concerned. We are concerned due to the repercussions of and course of events of, if that security was not present. Repercussions that include but are not limited to; acts of criminality, military, and terrorist. Our lives and our way of life depends on levels of security to which the responsibility falls heavily as a burden on the shoulders of those in position of power or command. A responsibility that, if not conducted in a manner that is professional, efficient or diligent, the outcome of consequences materialising could indeed become dire. However, even if those in position of power or command are professional, efficient and diligent, times exist whereby actions cannot be prevented, either ‘Acts of God’, i.e. natural disasters; flooding, earthquakes etc. or indeed, from the example in Close Protection/ Bodyguard terms, actions resulting from the genuine impossibility of protecting someone from everything, all of the time. But what is the procedure for policy makers in their decisions during such crisis or emergency and does the Chief Security Officer or Security Manager in charge really need to discuss the situation with others prior to acting on decisions made? During the initial stages of security implementation, whether physical or electronic systems or procedures, one must first assess the threat and the level of risk in accordance to the threat. Security managers make informed decisions about security risks that are directly or indirectly under their control as part of their responsibilities. Within the context of security risk management, threat and risk assessments suggest where to avoid, reduce and accept such risk, as well as how to diminish the impact

Decision-Making for the Team Leader & Security Manager of threatening events. As in close protection, it is impossible to determine the correct type and amount of protection unless the type and amount of threat has been established. Once the potential for harm has been evaluated, a determination must be made as to what resources and actions are necessary to control those risks. Where possible, the avoidance of risk is preferred. The purpose of a threat assessment therefore is to determine what risks exist and to separate serious from non-serious. In this manner we can develop plans that will avoid some of the risks, and we can determine how much of our resources to deploy against the threats that cannot be eliminated. We do not over-react or under-react. Over-reaction and under-reaction are almost invariably the result of knee-jerk responses. They come from a lack of planning; a failure to anticipate and prepare for an event. However, even though the threat and the risk of exposure to that threat is assessed, potential remains for incidents to arise. Not due to the lack of forethought in planning or an incorrect assessment of the threats and risks exposed but that the chance of probability remains, no matter how slight or diminutive. In these instances and in most cases, operational procedures are/ should be drawn up. Influencing factors at a given time that affect the selection of certain procedures and actions. These events are often described as Crises or Emergencies. All persons/ companies/ agencies or governments involved in these emergency responses are instructed or informed in the course and method of action to which they should take and which they -should - subsequently train until the best possible state of preparedness is achieved. ‘Word Net Search 2.1’ defines ‘Emergency’, as ‘a sudden unforeseen crisis (usually involving danger) that requires immediate action - an emergency is a situation that poses an immediate threat to human life or serious damage to property’. ‘Legal-explanations.com’ defines ‘Emergency’ as ‘a sudden, unforeseen happening which requires action to correct or to protect lives and/or property’. As one can clearly see, both sources define an emergency as an unforeseen event; however, It is arguably to the contrary in most cases. The term ‘Unforeseen’ is not the correct description in this instance. Unforeseen is unanticipated,

Circuit :: HardTalk unexpected and unpredictable. A hijacked aircraft in UK airspace, for example, is always diverted where possible to Stansted Airport. Members of the Police, SO13 Anti-Terrorist Branch officers, 22 SAS Counter Revolutionary Warfare Wing, specialist police negotiators and Metropolitan police chiefs and intelligence officials from MI5 are all in attendance with an in-depth remit and strict procedures to adhere to. Intelligence chiefs will have been preparing, getting as much detailed information as possible from any passengers that may have been freed. They will ask how many and their location in the plane the hijackers are sitting, who is in the cockpit and cabin, what weapons the group have, their emotional state and how they spend their time. The scenario has been discussed at length and constantly rehearsed. The situation is indeed a crisis, however, was not unforeseen, unanticipated or unpredictable. They are situations that have occurred in the past and will undoubtedly occur in the future. They are situations that have been planned for to facilitate the most successful outcome and conclusion. In the event of a terrorist incident at Dover or Folkestone for instance, ‘Operation Stack’ is implemented whereby the M20 is closed coast bound between junctions 11 and 12, and used as a lorry park. Events such as adverse weather which prevent ferries from sailing, or industrial action at one of the ferry terminals also give reason for the implementation. These are circumstances, that if overlooked could result in serious consequences. In cases of national or regional emergency or crisis, or during events abroad with major implications for the UK, a UK government coordination facility exists. This facility is often referred to as COBRA, for Cabinet Office Briefing Rooms, although the ‘A’ added is often confused with a relatively benign conference room A of the Cabinet Office, but this usage is established even within the government. Within a large company framework, the Board of Directors would sit an emergency Board Meeting with the specialists or advisors from the relevant departments including the Chief Security Officer. These emergency meetings would be mirrored in most establishments or companies regardless of the business at hand, although, naturally, somewhat filtered as we travel down the chain, level or size of the company. It can then be seen that the implementation of prior planning and preparation for emergency situations is of paramount importance and thus, has been adopted by government agencies and companies worldwide and across the board. So, what for the lowly security manager or close protection team leader that does not operate on such a large scale and, with extreme limitations on expenditure for the preparation of hypothetical crisis situations? The security manager has a requirement, a duty to prepare for eventualities that may occur in his area of responsibility, no matter how slight the possibility. He/ she must assess the risks and outline any concerns to company managers/ directors. Guidelines for immedi-

ate responses to such emergencies must be prepared and rehearsed. Within close protection, this is standard practice. Constant ‘What If’ scenarios are considered and a proactive response is initiated to counter such possibilities scrutinising every detail. A bomb threat/ suspicious package, fire and medical emergencies are all ‘standard’ events within large corporations or companies in cities, which can be anticipated and prepared for. A security and risk manager does not necessarily need to implement group decision-making during such crisis or emergency due to the fact that the situations have already been discussed and subsequent actions agreed upon to facilitate an immediate response. Of course, the security manager must inform those relevant persons after the event and only during the crisis where time permits or is necessary, or indeed, instructed in the guidelines for actions on. However, events that have occurred which have not been discussed, anticipated or planned/prepared for that lead to a crisis or emergency such as the involvement of blackmail in the theft of intellectual property during an important takeover bid, would necessitate a course of dialogue amongst company bosses and security managers, and due to the nature would allow a certain amount of time for this to occur. We can therefore see then, the major difference between such instances and ‘ordinary’ situations is the ability by the security manager to deal with the latter without the need to facilitate group discussion amongst other managers or directors. By virtue of the security managers’ responsibility, remit and capability, he can conduct effective decision-making without the need to immediately involve others. The situation does not involve threat to life or serious damage to property and therefore consequences materialising are at the minimum. However, that said, it would be highly likely that the security manager in such instances would not only feel he had a duty of care to inform his superiors of incidents untoward but also out of common courtesy. Although he/ she would have initiated an immediate response to such incidents, the passing of information to superiors of such would begin a dialogue of promoting group discussion and confirmation of actions carried out and/or further actions to be conducted. Assessment, planning, preparation and the training in immediate reaction is vitally important in any security operation. None more so than that of a close protection team. For the most part, the CP Team is concerned for the protection of life and well being of the Principal. Operational procedures such as ‘Antiambush - reaction to attack’ are drawn up and then trained until the procedure becomes a drill. A drill whereby the reaction is instinctive, a reaction that becomes a habit that is solid and yet fluid in the foundation of having been constantly practised. Worst case scenarios, or indeed, scenarios involving every potential eventuality are discussed and then planned and prepared for. Walking drills, vehicle im-

mobilisation drills, vehicle anti-ambush - block front – gunmen right, block front – gunmen rear, block front – block rear – gunmen left, positioning of vehicles, deployment of assets, illegal check points, embus – debus drills, the list is almost endless. During the normal course of duty of a bodyguard, he/she would be capable of working with and influencing senior members of staff. The ability to blend in to dinner parties of a high profile nature. To be able to speak in an educated and eloquent manner. To be meticulous and efficient in all that is said and done. One would address the Principal as ‘Sir’ or ‘Maam’; however, nothing could be further from the stark reality in the event of an attack. In a high risk environment whereby a Principal and protection team has been attacked, he or she is thrown onto the floor of the car, man handled into cover, shouted and sworn at, pushed through doors, shoved into rooms, laid on top of or carried or dragged. This is no place for manners. This is no place for decorum. Life is in imminent danger. Automatic and effective enemy fire, hand-grenades, rocket propelled grenades are all ‘in-coming’. This is not Hollywood or some farfetched adventure story. This is reality and this is why immediate action drills are trained and emergency evacuation procedures are arranged. These are indeed crisis and emergencies, however, effective decision-making is not more difficult to implement. There is no room for politeness or correctness. An action is decided upon by that person in charge and thus, is carried out with speed and aggression. A close protection team leader has no concern if he is ‘stepping on anyone’s toes’. He is the experienced manager and through this experience is confident in his actions. A security manager for a company however, may indeed feel that he/ she needs to act with a little restraint and discuss response actions to a crisis with colleagues and other managers. We have analysed the role of the Security Manager during an emergency and highlighted the importance of communication and discussion in the pre-planning phase of such contingencies. We have outlined the difference between ‘ordinary’ and ‘crisis’ situations involved in decision making and shown that, in such an environment, if the necessary preparation is carried out, an emergency situation is merely a controlled matter of course and not a disorganised shamble of micro-management panic. Every security situation is different. There is no hard and fast rule regarding effective decisionmaking nor is there any rule demanding that decisions must be implemented as a group. Effective decision-making on the part of security managers rests solely with themselves and what they deem acceptable in terms of conducting responses without implementing group discussions. Time is of the essence during emergencies and if we prepare for worst case scenarios then the knock on effect is drastically reduced. We must not only as ourselves what If’, but also...’so what am I going to do?’.

Circuit : : 11

Circuit :: Finance

Ask Anna..

Send your finance questions to Anna Cooperwhite an accountant specializing in delivering accountancy services to people working within the security industry whittakerandcoy@hotmail.com need to complete a tax return or indeed set-up under self employment. Q. I have gone over my 90 days allowance by 20 days does this mean I know have to be taxed on that years income.

your resident Accountant Q. I still haven’t set myself up as working abroad, can I backdate it to when I begin. A. Yes, you can, the form to fill in when you are looking at working abroad is a P85 and you are able to back date this form to the date you commenced your employment abroad. Q. I started working in Iraq in September which is half way through a tax year, is this ok. A. Yes it is, as we claim called a split year and we work out the days allowed in the UK from when you started. Q. Do I have to set myself up as self employed when I work abroad. A. No, if you set yourself as self employed the Inland Revenue assume you are working in the UK and therefore issue tax returns and you therefore pay National Insurance contributions. Filling in a P85 is the only form you need to fill in when you commence employment overseas. Q. I work in Iraq and have an army pension which is taxed at source so will I need to complete a tax return. A. Yes, any UK income be it an army pension or money received from, lets say letting a property needs to be entered on a tax return, therefore what happens is the P85 (Application for Non-Resident) is submitted and a UTR (unique tax reference) number is applied for which then issues tax returns. When your tax return is then completed, the pension information is entered (from your P60), a supplement Land & Property sheet is filled in (if you are letting your UK property) and also Non-Resident sheets are also attached to the tax return. A claim for personal allowances on the Non-Resident sheet is selected so your UK allowances can be used (i.e. your tax code 522L), but you don’t need to worry about any of that as this is something I do for you anyway! However if it is just a pension you have then as this is normally taxed at source there is no

12 : : Circuit

A. If in the first year your time in the UK is 183 days then yes, your income has to be taxed as you cannot over the next 3 years claw those days back, and so, non-residency rules are therefore void. However, 20 days over in your first year is very easy to claw back in the subsequent 3 years (The Inland Revenue look at non-residents over a 4 year period) so, in the next year, you can work an extra week, take a few extra holidays abroad and bring down your second year working overseas to 70 days only in the UK. As long as your average of 4 years is 90 days then that’s fine. Q. In my first year I only spent 81 days in the UK does that mean I lose those 9 days that I am allowed.

though one guy setting up in the security industry it is advisable to set-up as a sole trader to maximize your allowances again, we help you every step of the way with this. Yes, again I am happy to say that we have a broker that has done a number of mortgages for guys working in Iraq & Afghanistan; he understands the industry and has had great results. Q. Do you also look after the security industry in the UK A. Yes, its not just guys working overseas in the security sector, but guys and gal’s all over the world, we have a large number of clients in the UK and as we specialise in this industry know exactly what can be deducted from income earned when putting together an income and expenditure tax computation for you. Q. Can you help with insurance either in the UK or in hostile environments?

Q. I am paying National Insurance Class 2 contributions whilst working overseas do I need to.

A. Yes, I am happy to say that we have know joined forces with an insurance broker that specialises in insurance to the security sector and can provide insurance for all over the world even in the hostile environments.

A. It is entirely your choice, you are under no jurisdiction to pay into the pot, but some like to think its best to continue adding into the state pension fund, umm think of it like this, you may be early 30’s and paying this £8.80 every month to the government, are we going to have a state pension in another 30 years??? What will happen to the money you drip feed in?

Q. Its hard to get a mortgage when I work overseas and am down as non-resident can you help? A. Yes, again I am happy to say that we have a broker that has done a number of mortgages for guys working in Iraq & Afghanistan; he understands the industry and has had great results.

Q. I am a CPO in the UK looking to buy property can you help?

Q. Why should I choose you and not a local accountant

A. Of course we can, we have teamed up with a mortgage company and as a lot of the guys need self cert mortgages, by teaming up with a mortgage company we have that seamless link from accountant to lender.

A. Picking an accountant is like choosing a house, you need to shop around and make sure your investment is a sound one, we understand this at Whittaker & Co and go the extra mile to offer extras like, being online through MSN or Skype every week day, linking up with brokers so not only can we help with your tax but can put you in contact with people that will help you with Insurance and a mortgage. I also over the years have built up a number of contacts within CSA, Security Companies, Training providers and other CPO’s so can assist in this. My husband is also a CPO and works for a security company overseas and being ex army too I understand the lingo

A. Indeed not, we bank them for the next year.

Q. I have some money I want to invest who should I go too? A. Again not only have we teamed up with a Mortgage company but we have done the same with a financial services company, so again we can help you there. We are trying to become a one stop shop for you. Q. I want to come back to work in the UK and set up a Ltd Company is this easy to-do A. Indeed it is, once you come back in the UK (and we advise you do this at the beginning of a new financial year) we have a long chat with you to see which are the best options, a lot of guys think a Ltd company is the best option but sometimes that may not be the case, we assist you in every way and we can and steer you on the best route for your new business. Normally

We have a large number of clients all over the world, and as we specialise in this industry know exactly what can go be deducted from income earned when putting together an income and expenditure tax computation.

Circuit :: OnTheJob

HOOFING IT Anti Surveillance Whilst on Foot

eing followed on foot, would mean that the followers would be reasonably close to you, also on foot, so the risk of them being noticed is much greater so this can be used to an advantage. A person being followed could carry out the following anti-surveillance measures in order to create multiple sightings or unnatural behaviour.

Therefore a number of drills have to be carried out to identify surveillance. Just looking behind you does not identify surveillance – it identifies those who are behind you. However, if you see those same people later on, especially in a different place and you have seen them at least three times then alarm bells should start ringing. If you are trying to identify surveillance, you need to draw any possible team (or individual) into an area where it makes it easier for you to spot. In London for example, if you are on Oxford Street where there are hundreds of people, it will be difficult to

Foot Anti Surveillance Drills (Drilling)

Frequently look directly behind you.

Now this can be overt or covert; overt if it is obvious that you are looking back which will spook the surveillance team, or you can be quite covert about it. Covertly, you would cross the road but listen and wait for a stream of traffic to pass first. This gives me the opportunity to look back several times without it being obvious to what you are doing.

To be even more covert, cross the road at a pelican crossing but pretend to have pressed the button. This now gives you a reason to stand at the side of the road and look back and forth several times (and for quite a while) because the green man isn’t going to change in a hurry. Using the reflections in shop windows is also another method of being able looking back without being too obvious. It may also create a force past.

Drop a piece of paper and see whether it is picked up and examined. A surveillance team will be wary of this but if you provide some juicy bait such as an ATM receipt (or pretend it is), they will attempt to recover it.

get multiple sightings of someone as they mix in with the crowd. Therefore, you will need to move into an area where you have the advantage. Do not be too quick to venture into very quiet areas as an experienced team may pick up on this and not send anyone in as they do not want to be exposed. Let us take a look at the various drills one can carry out themselves in order to detect possible surveillance. Firstly we shall loo at foot drill and then mobile drills.

Remember, on foot, we are looking for a number of things; multiple sightings, unnatural behaviour and the persons demeanour and appearance. If you recall, certain surveillance operators have similar characteristics; they will be the ‘grey’ person, upright bearing, not too young or too old, casual comfortable footwear, practical loose clothing (possibly branded such as North Face etc) and they will have some means of communication so look out for a clenched fist or pressel switch. or they may even walk past to see where you are. Frequently turn about and change direction, though this quite overt. If you change direction, have a reason for doing so such as looking in a shop window, hopefully this will create multiple sightings of the same person if they are not carrying out regular ‘handovers’. Walk

Enter a telephone box and use it to observe your surroundings from. When you leave, keep a close eye on it in the event a surveillance operator is ‘clearing’ the box for any information. Be aware that many people now carry mobile phones and so using a public phone may alert the surveillance team. Enter a shop, large store or mall. Politely hold the door open for those behind you giving a chance to look back or use the doors reflections. If no one follows you in, you can then look out of the store window at your surroundings and the reactions of those in the area. You may see someone going for a trigger such as quickly moving into a phone box, peeping around corners

Circuit : : 13

Circuit :: OnTheJob you should be looking for possible eye contact and use of pressels. If a suspect walks past, lookout for them looking back at you. Challenge anyone suspected of following you. Ask them for directions or the time, and note their reaction, if you notice a professional style watch (G Shock etc) this should also add to your suspicions.

into areas where there is little pedestrian activity such as a quiet housing estate or multi storey car park. If the team is poorly trained, they will be drawn in.

Use large department stores with many exits and levels. Upon entering, suddenly stop to look at the information board. Look out for unnatural behaviour as someone follows you in and then suddenly realizes that you are right there in front of them, they may have to walk past you. Use escalators to your advantage, take an escalator up or down, move away from the exit and observe those that follow you off,

Walk through narrow walkways or choke points. If the team are not familiar with the area they will most likely send at least one person down there.

Walk 3 sides of a square. Walk along a street, covertly noting those behind you as described. Change direction and take another covert look back, noting those that follow you around the same corner of either side of the street. Now take a third change in direction, again looking back and noting if you have seen anyone take the same changes in direction. A person seen once, is just a person on the street, the same person coming around the same corner is likely to be a coincidence but seen a third time should arouse suspicions. This combined with a bit of unnatural behaviour and their demeanour should tell you whether the person is surveillance or not.

Turn a corner and suddenly stop, a term known as ‘corner hanging’. This may force a watcher to go around the same corner and then you observe their actions, do they walk past casually or are they startled like a rabbit caught in headlights. If they do casually walk past, can they resist the temptation to look back at you.

14 : : Circuit

An effective method to create a

reaction is to suddenly create a loss such as turning a corner then suddenly diving into a shop to hide whilst observing what is happening outside. An inexperienced team will soon be noticed by their mannerisms and body language as they desperately try to find and re-locate you. Utilising public transport can cause confusion and create anxiety in the team, especially if you are changing from one type of transport to another as at least one of the team is likely to close in to keep control. Some tactics could be:

Wait at a bus stop and then don’t get on but let the others. Stay on the bus to the terminal, notice who else gets on and remains on the bus. Get on a bus and get off at the next stop.

Stand on a train platform and attempt to be the last person to board it, noticing if anyone else is hanging around on the platform. Get a train but then get off prior to your stated destination.

Get onto a train and then quickly get off before it moves away.

Some of these drills are quite overt and should only be used if you are still struggling to identify a team or if you are trying to lose a surveillance. A new favourite is to scan the area for Bluetooth devices with your mobile phone, especially whilst in confined areas.

On a recent training exercise when I was the target, I got on a train and scanned the area with my mobile phone with the Bluetooth facility, noting who was in the vicinity as certain names/phones come up. Later on I did the same whilst in an art gallery and identified the same name as before. The same name was also present on the train on my return journey about an hour later thus effectively creating ‘multiple sightings’. So ensure that your Bluetooth is switch off. In addition to force multiple sightings within a surveillance, we must also combine it with looking out for unnatural behaviour fro suspects such as: Peeping around corners, peeping over stands or through doors or windows

Mirroring, someone copying your actions, e.g. you cross the road, they also cross the road. This could identify unsophisticated surveillance.

A person being fixated on you or the target. They have a bad habit of staring at you and not noticing what is going on around them

Being Isolated and standing out without any cover. Look out for the person with no reason for being there and just ‘hanging around’. If you move towards them, they will feel very uncomfortable and either ‘act’ or attempt to move into some sort of cover. Are they fidgeting or acting in a dubious manner. Talking to themselves on the radio. Any seri-

cont.

ous surveillance team will have some form of covert communication, so you are looking for those talking to themselves whilst also noting their body language. Any possible surveillance using mobile phones may also be easy to spot as they all have a phone up to their ears at the same time or are wearing hands free earpiece. Try to get a look at the suspects hand or fist. If they are holding a pressel, this can often be seen or if the person appears to be quite relaxed but their fist is clenched tightly, it may be a sign of nervousness or they are trying to hide it. Do they have a vacant expression on their face, this is quite a unique look! Whilst an operator is struggling to hear radio transmissions they may stop and appear to look into the distance, with mouth open and a gormless look on their face, especially from novices or amateurs.

Look out for those who continually touch their earpiece. This is a sign of lack of confidence, as the person is afraid that it will fall out. If you are able to get close enough, this is something to be looking out for.

If you carry out a U turn, or hold a door open for the person behind you, do they deliberately avoid eye contact or are they reacting strangely when face to face Look out for cross contamination. If you suspect an individual them keep an eye on him. He may identify another watcher by hand signals, eye contact or using a mobile phone. You may also want to make a direct challenge someone you suspect as surveillance. ‘Are you following me you bastard?’ can really put off a surveillance. The guy will now have to pull off from the team and it is likely that as a consequence, the whole team would also have to lift off. If you really want to put them off, take a photograph! If challenged indirectly, ‘Excuse me, can you tell me the time’ (or ask for directions), this will spook the operator and get him concerned, he will want to get out of the way afterwards. His response and body language should tell you a lot and if you ask him the time, you may get a glance at his G Shock watch, compass or a covert earpiece.

An unprofessional team is easily spotted and very easily caught out because they act unnaturally and they do not carry out the correct procedures, which prevent multiple sightings. An experienced surveillance team is more likely to carry out tactics to ensure that they are not spotted, and if they suspect that they are being drawn into a compromise, they are more likely to ‘lift off’ from the surveillance and let the target run rather than continue and confirm suspicions. ©Peter Jenkins 2009

Footballer home attackers caught offside thanks to redDNA

Burglars who target the homes of footballers and other high-profile stars can now be identified by a unique redDNA spray.ccc The UK’s Protective security industry can now turn to forensic DNA experts RedWeb Security to help track down and convict those responsible for burglary, assaults and robbery. It follows a spate of high-profile media covered attacks at the homes of Manchester United, Everton and Liverpool players whilst away on European and international duty. The RedWeb Sentry 500 forensic trace alarm may look like a standard system at first glance. But it has a massive difference – it contains a red spray with biosynthetic DNA coding that irrefutably links criminals to the crime scene.

It can even be triggered by radio waves thanks to a RFID (radio frequency identification) circuit board so discreet that it can be hidden in between bank notes or in high-value goods, such as jewellery boxes.

ering entry and exit points with a highly sensitive microwave detection field. The system is triggered as soon as the attacker leaves, directing a jet of redDNA containing highly visible and indelible red dye and biosynthetic DNA code. The robber stays marked, even when he thinks he washed it all off, as the dye can stay under the skin for days. It means the strength of forensic evidence helps secure a conviction – the criminal is indelibly and irrefutably linked to the scene John added: “We think it’s the ultimate deterrent. Criminals will know they are more likely to be caught; it can integrate into existing security alarm systems and can be triggered in a number of different ways. “The indelible red dye also improves the quality of eyewitness statements making it even harder for criminals to avoid detection.

“Let’s face it, you’re not going to forget seeing someone running away with bright When triggered, the harmless redDNA can red dye over them.” As you would expect penetrate clothing and balaclavas to leave from a market leader, RedWeb doesn’t stand a red mark. Even if the dye is washed off, it still and is always looking for new ways to leaves its unique DNA code under the skin for stay ahead with its redDNA technology. Its several days, helping police to place criminals scientists have also pioneered the use of RFID at the crime scene. Police then use a UV light (radio frequency identification) alongside to scan offenders for redDNA, which has more the RedWeb Sentry 500. The technology is than a billion different combinations. Unlike so discreet and robust enough not to be conother spray products on the market claiming fused with any other device, so there are no to have a unique DNA code, only RedWeb has false alarms. A programmable covert reader a unique DNA spray that cannot be replicated. automatically detects the RFID chip and arms Backed by Association of Chief Police Officers, the RedWeb Sentry 500, which is triggered RedWeb Security has already used the crimestopping science to help police convict violent without the need for any human intervention. But don’t take RedWeb’s word for it. Take attackers. Robert Madden’s. His convenience store in Now it is available to the members of the Manchester had been attacked seven times in British Bodyguard Association for the first just five months. In each attack, youths were time. John Hutton from Custodia, who works armed with baseball bats, knives and even in partnership with RedWeb, said “redDNA is firearms. RedWeb was the solution chosen to designed to protect people in serious situatackle the problem, using a covert RedWeb tions – and provide forensic evidence to help Sentry 500 integrated with a CCTV system. the police solve crime. Obvious signage was used to warn potential “RedWeb’s ground breaking DNA solutions for robbers the shop was protected. In the case personal protection can be deployed or inteof a burglary or robbery, intruders would be grated seamlessly with clients’ existing security caught on camera and marked with RedWeb’s systems to provide the ultimate deterrent to unique biosynthetic DNA spray for identificacriminals through the threat – and likelihood - tion and prosecution - the ultimate deterrent. of conviction.” The deterrent has been a complete success: there have been no attacks since the RedWeb The RedWeb Sentry 500 is usually positioned installation. Customers are more relaxed, staff above entry/exit points and could be utilised as part of a security plan to protect properties, are more secure, and the business is now of office complexes, warehouses, convenience course, more profitable. Robert added: “The stores and schools. It can sit overtly as a red criminal youths come into my shop and ask box on the wall or be covert. Microwave sen‘what is this RedWeb?’ To which I reply: ‘Rob sors in the Sentry 500 are activated by home me and you will find out.’” or business alarm system or panic button, cov- For more info. visit www.redwebsecurity.com

Circuit : : 15

SO, YOU WANT TO BE A

PENETRATIO by Keith Loose Each of the next 6 articles will cover a specific segment of the penetration testing process finalising in an article describing a real life penetration testing assignment. In each article I’ll briefly describe some of the tools that the professional penetration tester (and more often than not the attacker) will use. Parts of these articles will at times descend into the technical details; I will try to keep these relevant with a view to further publishing future articles on technical specifics.

Article 1 – an introduction to Penetration Testing

In this article, we will describe the process of a penetration test and its importance to the overall security of companies, individuals and you the Close Protection Operator. It might also be useful for people with a technical background looking to start a career in ethical hacking. You will be introduced to some of the terms you’ll find in the hacker’s world, the differences between different types of hackers are and briefly what threats to companies (and individuals) exist and how penetration testing is a crucial step in reducing risk. Finally this article will cover the initial stages of beginning a penetration test.

Article 2 - Infrastructure Testing

Here we will explore the electronic infrastructure that commonly supports modern businesses, briefly how they work and how an attacker can get past perimeter defences and the servers that host applications. I’ll show you some examples of being able to scan networks past the firewalls installed to prevent such things and weaknesses in WiFi networks.

Article 3 - Application Testing

The second logical step, the applications and systems running on the infrastructure, this article will show you just some of the techniques that can be used to manipulate applications in ways that the original developers didn’t intend – we will look at real world examples from a simple publically facing website, a “internal only” intranet website and a complex payroll system.

Article 4 -

Physical Security

I will cover various aspects of physical security in this article that I’m sure you will be a lot more familiar with - access control methods, locks, alarms, CCTV and manned guards. We will also briefly look at hacking physical security hardware such as door access control systems, CCTV recorders and briefly touch on lock bumping.

The first in a se articles that wi introduction to penetration tes

Whatis.com Definition:

“Penetration testing is the securitysystem or network to seek out vulnera exploit.”

Sure some clients may request that you specifically perimeter of their network which is covered by the description is not complete; the real bad guys don’t system or network” and neither should a penetrati cover all possible avenues of exposure and more im to ensure that developments in techniques and too previously secured. This is often where many penet staff can fall short – a true (extensive) penetration “An individual or group of individuals circumventin area” be it a email server, folders within a fileserver, the garage or the CEO’s office. Yes, this probably sound a profession but as stated, it’s because we are playi involved that separate us from the criminals.

irstly, you may be thinking what is the relevance to the CPO? Simple – knowledge is power, if schedules are held within an electronic system (as invariably they are) then the motivated attacker has a potentially huge source of information. Imagine the bad guy knowing where your principle is going to be, when and what he/she is there to do. Need to know the size of the security detail – then head over to the payroll/invoice ledger and take a look, he’ll probably get a nice list of names and addresses to throw into the mix.

Article 5 - Social Engineering

As you might imagine this is really only the tip of the information iceberg that could be retrieved once internal IT systems have been compromised and we haven’t even begun to talk about what could happen if the attacker has malicious intentions.

Article 6 - Bringing it all together: Capture the flag

As with all sectors of the security industry, the good operatives are able to put themselves in the mindset of the attacker, for the penetration tester this is a slightly harder task as there is a

In the penultimate article of this series we will look at what is the most important element of a company and is also usually the weakest link in a secure system... people. Why hack a system when someone will tell you the password or why break into a building to secure access to an internal system when someone will kindly hold the door open for you! To finish the series I will describe in detail, step by step a real life penetration test and the steps that should’ve been taken to make the job harder.

16 : : Circuit

ON TESTER..

eries of 6 ill give you an o corporate sting

Penetration testing

-oriented probing of a computer abilities that an attacker could

y restrict activities to testing the electronic e above definition but in my opinion the t limit their attack vectors to probing a “computer ion tester. A complete penetration test should mportantly should be repeated at regular intervals ols do not enable access into something that was tration testing teams with very talented technical test should be termed ng security measures to gain entry to any secure

server room, the key box to a high end car ds more like the description of a cat burglar then ing devil’s advocate and it’s (mainly) the ethics

big difference in understanding how systems work and how they can be exploited for “fun or profit”. Because of this there is often debate about what penetration testers should actually test, how they do it and their personal backgrounds. For instance this is a definition of penetration testing taken from Life as a tester can vary wildly depending on these jobs, one minute you can be in a nice warm comfy office probing the target network/ application from afar, the next jumping in bins (dumpster diving/ bin spinning depending on which side of the pond you are on) at the back of murky office blocks – but more on that later. Just as in many sectors of the security industry, real-life hacking is a far cry from what is demonstrated in the movies, it doesn’t take seconds (well, usually!!) and to the outsider can appear to be very redundant or monotonous. Uniquely the actions of a penetration tester could cause things to stop working, which as you might image could be a big issue. The latter may

be the goal of our dreaded black hat (see DDoS sidebar) but it will be a very quick way for the wily pen tester to lose a client – no matter what liability waiver you have had them sign, that just stops you for getting sued. The one constant in all types of test and scenarios that an ethical hacker may face is the protection of the clients systems, you need to do just enough to prove the vulnerability and this proof must cause no damage what-so-ever, if ever in doubt don’t do it! A prime example of this is publicly available exploit code.

Exploit Code When a vulnerability in a piece of software is discovered, hackers, security researchers and proficient penetration testers will often create what is known as exploit code; obviously each group has very different motivations. This code is often posted on the internet for all to see, again for many different reasons. The one common theme running throughout all sets of code is the potential for damage, even if an innocent security researcher is writing a proof of concept for his PhD paper with no malicious intent what-so-ever. Exploiting vulnerabilities within operating systems usually involves finding somewhere to input some data (a form running on a web server for instance), and the size of the buffer (the amount of memory allocated to hold the data being inputted) and at this point adding in some extra data say with commands to reset the password of the logged in user, this is called the payload. At the point where the buffer is full, the memory “overflows” into the adjoining memory blocks, usually in use by a different application or part of the operating system. At best, the block that you have managed to overflow your payload into is not critical and it executes – hey you’ve exploited vulnerability, at worst the blocks of memory you’ve just overwritten were a crucial part of the operating system that at the time was handling system calls resulting in the whole system crashing to the floor in a unusable mess… What I’ve just very briefly explained (and totally over simplified!) is a “buffer overflow attack”. Now, the inherent problem with having your attack successfully run (i.e. to have the target system execute your payload without crashing) you have to ensure the memory blocks that get overwritten are not critical to the operation of the system which is a very difficult thing to achieve. It’s rare to find exploit code that runs reliably against say, all versions of the Microsoft

Windows 2003 Server operating system without causing the odd crash here and there, which isn’t exactly conducive to business is it?

DDoS sidebar Put simply, if computer A is talking to computer B and it sends some malformed data that causes it to crash then it has suffered from a Denial of Service attack. Now attach those computers to the internet, add in computers C-Z, have then all send genuine data to computer B all at the same time and you’ll find a limit very quickly where computer B is no longer able to provide services to anyone else – this is a Distributed Denial of Service attack. So, what’s the relevance you ask? You know all these zombie nets we keep on hearing about in the press, millions of PC’s under control by a small number of master computers – guess what – aside from tasks such as mass emailing (read: spamming) they often are used to launch DDoS attacks against publically facing sites. The profile of these attacks has changed over the years, once-upon-a-time the bad guys targeted big corporate giants such as Microsoft predominantly for kudos in underground circles, today DDoS attacks are driven by groups looking to extort money from banks, online betting companies, online poker companies, anyone with good turnover and a reliance on having a website accessed by customers to make money (or save face).

Vulnerability Scanning One of the true arts of penetration testing is having the ability to determine if a system is exposed to a particular vulnerability without actually exploiting it. Don’t get me wrong, if you know for sure you can do it safely, go for it – there’s no better way to prove you’ve succeeded in your goal(s) by directing the client to go a look for a particular file on their uber-secure server but make sure you know what you are doing. I mentioned earlier that a penetration test should be run regularly to ensure that new techniques are not now applicable to the environment being protected, predominantly this should consist of regular software based vulnerability tests, if not for the simple fact that once setup they are easy to repeat. Its key that experienced staff setup and adjust the scans as/ when required, but this is far, far cheaper than hiring a full tiger team every few weeks!

What’s in a name? What is a hacker? The term ‘hacker’ has been distorted by the media over the years,

Circuit : : 17

Circuit :: TechTalk traditionally a hacker is someone that can (corporate speak alert!) think ‘outside the box’ – is interested in finding out how things really work and perhaps using them for a purpose that they were not originally designed for. More recently penetration testers have been given the moniker “Ethical Hacker” which I personally think sums up the job perfectly, but I’ll continue to highlight the different terms you may come across when reading information about hackers/ penetration testers/whatever! White hat Hacker – the good guys, security administrators that will run networks and protect their own (read: their companies) electronic assets by attempting to legitimately infiltrate them. The white hats are the closest colloquial term for an average corporate penetration tester; it’s common for teams of such people to be termed a tiger or red team. Black hat hacker (or cracker) – the bad guy, this is the term used to describe the motivated attacker that usually has a agenda; nowadays these are usually people involved with organised crime or oppressive governments. Grey hat Hacker – this hacker type is slightly difficult to describe, but is in a nut shell, a hybrid of the white and black hat hacker types. For instance, in April 2000 grey hat hackers hacked into a very high profile web site within the developer community (www. apache.org) – they gained total control over the server and rather than deface the pages or use the powerful server to distribute viruses (as is what usually happens in this scenario) they fixed the problem that they exploited to gain control and privately told the apache.org administrators their configuration error. Yes they broke the law by illegally accessing the server but did they actually doing anything bad? These guys definitely fall into the grey hat camp.

Attacker Profiles Of course there are always exceptions to any kind of profile, but generally speaking the majority of attackers can be pigeon holed into one of the following categories:

Script Kiddies: Non-skilled persons that engage in hacking for the sake of it that would be termed as un-motivated. The term script kiddie came about as this type of individual downloads self contained programs or scripts written by others and runs that blindly without fully understanding what they can do. They have a rudimentary-intermediate understanding of the internet and systems and have to manipulate them for their own goals and often indiscriminately scan large sections of the internet looking for potentially vulnerable targets.

Organised Crime: Organised crime group (predominantly

18 : : Circuit

eastern European) have, over the last 5 years become more and more involved in electronic crime. They usually pay very talented programmers large sums of money to launch specific attacks or write complex viruses to release into the wild to facilitate the building of BotNets. The crimes perpetrated include (but are not limited to) extortion using DDoS threats, extortion using information theft, identity theft,

Corporate Espionage: Corporate spies are usually very highly skilled and very rarely get caught. When they do it’s more common to find the incident gets swept under the rug as the PR damage can further enhance the damage done to a company. They have varied goals that range from simple information capture to more destructive objectives and as you might imagine are motivated by money, they are ‘professionals’ after all…

State Espionage: State funded information warfare has been getting more and more press recently with reports that China and North Korean have for some years had dedicated teams of hackers whose sole job, is to infiltrate the systems of foreign states and companies. Proven (although adamantly denied) recently when a group of intrusion analysts investigated a incident at the Office of the Dalai Lama and exiled Tibet groups (http:// www.theherald.co.uk/news/foreign/display. var.2498574.0.Chinese_hack_into_files_ of_Dalai_Lama_and_exiled_Tibet_groups. php) The virus (more correctly a Trojan horse that was used to lift confidential documents) used to infect these computers was created specifically for the job and not a random infection; more crucially information gathered from one of the computers was used to arrest an Chinese national that acts as a message broker to exiled Tibetans – the case against her made direct references to e-mail captured from machines within the office of the Dalai Lama. Titan Rain

Motivated nosey parkers: Once upon a time 99% of all talented hackers fell into this category; that is before other people discovered that there is money to be made in this hacking game! They tend to have a very high level of knowledge about networks and systems and how to manipulate them for various purposes and usually have no financial motivations. A good example of this is Gary McKinnon a British citizen who is currently fighting extradition charges to the US for hacking into various NASA and US Military systems looking for proof of alien research. As also is highlighted by Mr. McKinnon’s case these individuals are usually blissfully unaware of the monetary value of the damage that they can cause. And finally the most dangerous of all -

Disgruntled Employees: They are inside the company already, with access to the systems and knowledge of where they are, what they are used for and usually their weaknesses. The majority of IT security is focused on protecting the perimeter, once past this it is not uncommon to find a fully open system that can be manipulated in a variety of ways. The skill set of this profile varies drastically from highly technical System Administrators to nontechnical but motivated sales staff. There have been cases of UNIX Administrators leaving so called “Logic bombs” on high-end computer systems running manufacturing processes set to self-destruct on a particular day after and potentially as damaging to a company’s bottom line a marketing executive downloaded the contents of a company’s central sales database to a external hard drive ready to help smooth their transition into a new company – that handy “export to excel” function isn’t always so welcome!

Networking Primer Here’s a very, very brief overview of the important parts of a network that you need to understand for this article. Packets – all data sent over the wire (or the wireless in the case of WiFi!) is broken down into packets. The receiving side has the ability the reassemble those packets into the information that was originally sent. TCP/IP – (Transmission Control Protocol over Internet Protocol) – this is one of the most widely used protocol available networks today and it is what the internet is built upon. The important parts to understand for our discussion today is the TCP is dedicated to transmitting your data across the network (breaking down into packets and reassembling for instance) and IP is responsible of addressing and routing of the packets – I’m sure many readers are familiar with the IP address that your internet connection at home gets assigned. TCP is connection orientated which guarantees delivery of packets and the sequence that they arrive in. This means if any packets go astray they get resent or if they take different routes to get to the destination and arrive out of order they will get correctly shuffled at the receiving end. UDP/IP – (User Datagram Protocol over Internet Protocol) – the other most used protocol in existence today! UDP operates on a ‘best effort’ principle. It performs better than TCP but if packets are lost they don’t get resent; also it has no concept of sequence/order so both these tasks are delegated to the receiving application and not handled by the transmission protocol. Router – used to route packets from one network to another. Networks are split up into sections and have the concept of a local network. For machines on a network to

Circuit :: TechTalk reach machines on a other remote network (read not with the same local network range) the local network must have a default gateway assigned. This is usually a router with local connections to other networks and a default gateway of its own. Whenever a machine wants to talk to another on a remote network that it doesn’t connect to directly, the request to sent to the default gateway to see if it knows, and so on and so on until a router either reaches the host or responds to say “I don’t know how to reach that host/ network”

specting traffic as it goes through, blocking traffic that is not allowed as defined by a set of rules.

Firewall – Firewalls are usually the first line of defence from the outside (and sometimes inside world). They commonly sit in between the internet and the internal network in-

NS - Domain name system. IP addresses are very difficult for use humans to remember – for instance who knows what XX.XX.XX.XX is? DNS is basically a big publicly accessible

Ports – applications running on servers listen to the network on ports that are numbered from 1-64999 (geek alert - the math heads among you might recognise this as the 16-bit limitation for an integer). There are a number of ports that are ‘registered’ for specific application types, for instance web servers are always expected to listen on port 80 for HTTP traffic (this is the protocol that displays web content in your browser.

database that maps user friendly names to these numbers and vice-versa, when when you type www.google.co.uk into your favorite web browser your computer asks it’s nearest DNS server what is the IP address for www.google.co.uk and DNS will respond XX.XX.XX.XX (well, that’s one of the addresses that it will come back with but load balancing is out of the scope of this article). There are 2 tools that are commonly used it probe DNS – dig and NSLOOKUP. ICMP – the Internet Control Message Protocol, there are a number of message type that can be used for a variety of purpose from check if a host is alive, to see if it’s over loaded to asking it for the local system time!

Beginning the Penetration Test

, so now we’ve covered some of the basics, let’s get on with the job. As with all projects the first stage is actually discovery – you work with the client to ascertain what they are looking to achieve and very importantly define the scope of the test. For instance, financial institutions have a regulatory requirement to have their public facing applications security tested by 3rd party testers, so when working with them you usually find a scope limited to only the application in question, while other companies may request a more thorough set of tests encompassing many facets of their organisation. It’s important to ensure at this point that you follow usual due diligence, ensure the client is who the say they are and that they actually do work for the company in question. Just as vital from the customers perspective is that you sign a non-disclosure agreement – the very last thing they want is for you the trained ethical hacker, to find a gaping vulnerability and go shouting about it to their competitors or the press – that just wouldn’t be cricket… So, here we are. We’ve been called in by the Hacme Hire Tools (HHT) a quickly growing plant hire company that has been involved in the traditional markets for sometime but has embraced modern techniques to good effect, they have a publicly facing web system when new and existing customers can check stocks at specific

branches, book out equipment and all branches are connected to head office by encrypted VPN links. They would like us the assess the security of their online presence only initially and we have instructed the brass to keep our involvement confidential as user behavior always changes when they know they are being watched/tested and who knows – somewhere down the line the scope might be extended to cover other areas of the business. Recon First up we need to gather as much information about the target as possible, the systems they have and use, particularly concentrating on working towards the main objective of course. This task is made a lot easier now-a-days with modern internet usage – especially Google. It’s easy to look up all sorts of information about our potential targets, the domains they own/run, . Getting hold of company documentation can also be handy and depending on the scope of the task taking a drive out to the target site and performing a on the ground reccie can often reveal lots of useful information. It’s not unusual to nip back at night to have a look through the targets rubbish – particularly paper based rubbish – if it has been shredded, depending on the shredder type it may be pretty easy to build important parts of documents again – remember we only need the actual contents of the page not all the whitespace. The recon phase should produce a detailed network/building/structure plan (or any combination of the 3 depending on SOW).

Tools of the Trade

‘Wardriving involves driving around with a laptop and (usually) a omnidirectional aerial to detect Wi-Fi networks’

WarDialing - This term comes from the 1983 movie ‘WarGames’ (which as is happens was my personal motivation for getting into IT security!!) – War dialling is basically dialling a range of numbers sequentially to see if a computer answers. The creators of these programs started calling them ‘WarGames Diallers’ which was later shortened. We would usually look up the publicly available telephone numbers of the target (and any other sources of info – e.g. email signatures in forums) . Wardriving - similar name very different technique; it involves driving around with a laptop and (usually) a omnidirectional aerial to detect Wi-Fi networks. Automated programs are often used to use GPS to map the location then network signal strengths were detected along with other useful information such as the SSID and encryption type.

Circuit : : 19

Circuit :: TechTalk Google Google can be used for all sorts of nefarious purposes, which are out of scope for this article but I’ll ensure some interesting examples are posted into the BBA forum. In the pen test we would use it primarily for building the initial profile of the target and the connections that they might have with 3rd parties and of course for researching those all important vulnerabilities that we might discover. Probing Our goal as this point it to establish a network diagram of our target, with us on the other side of the internet at the very top left hand of the page and contain as much information as possible about the Hacme e-commerce application and the network that supports it. First up, lets investigate DNS to see what we can find; being a publicly accessible system we should at least get a small amount of information. [root@localhost ~]# dig -t soa hacme.com ; <<>> DiG 9.2.4 <<>> -t soa hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39889 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;hacme.com. IN SOA ;; ANSWER SECTION: hacme.com. 86400 IN SOA hacme.com.hacme.com. root.hacme.com. 42 10800 900 604800 86400 ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 89 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:54:11 2009 ;; MSG SIZE rcvd: 96 [root@localhost ~]# dig -t ns hacme.com ; <<>> DiG 9.2.4 <<>> -t ns hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62793 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;hacme.com. IN NS ;; ANSWER SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 76 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:54:23 2009 ;; MSG SIZE rcvd: 45 [root@localhost ~]# dig -t mx hacme.com ; <<>> DiG 9.2.4 <<>> -t mx hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35746 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;hacme.com. IN MX ;; ANSWER SECTION: hacme.com. 86400 IN MX 10 mail.hacme.com. hacme.com. 86400 IN MX 40 smtp.hacme.com. ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 112 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:54:31 2009 ;; MSG SIZE rcvd: 87 [root@localhost ~]#

[Above – shows standard domain referring to a CNAME ] Ah, we can see that the IP address that hacme publishes to the public to access it’s web site appears to actually refer to another machine – this is pretty common, we’ll do a little bit of guess work to see if there is a common standard. [root@localhost ~]# dig -t a www.hacme.com ; <<>> DiG 9.2.4 <<>> -t a www.hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25740 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.hacme.com. IN A ;; ANSWER SECTION: www.hacme.com. 86400 IN CNAME www-3.hacme.com. www-3.hacme.com. 86400 IN A 10.0.0.5 ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 92 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:57:38 2009 ;; MSG SIZE rcvd: 85

20 : : Circuit

[root@localhost ~]# dig -t a www-1.hacme.com ; <<>> DiG 9.2.4 <<>> -t a www-1.hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24134 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www-1.hacme.com. IN A ;; ANSWER SECTION: www-1.hacme.com. 86400 IN A 10.0.0.2 ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 70 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:57:48 2009 ;; MSG SIZE rcvd: 67 [root@localhost ~]# dig -t a www-2.hacme.com ; <<>> DiG 9.2.4 <<>> -t a www-2.hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58381 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www-2.hacme.com. IN A ;; ANSWER SECTION: www-2.hacme.com. 86400 IN A 10.0.0.2 ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 71 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:57:52 2009 ;; MSG SIZE rcvd: 67 [root@localhost ~]# dig -t a www-3.hacme.com ; <<>> DiG 9.2.4 <<>> -t a www-3.hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53910 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www-3.hacme.com. IN A ;; ANSWER SECTION: www-3.hacme.com. 86400 IN A 10.0.0.5 ;; AUTHORITY SECTION: hacme.com. 86400 IN NS ns0.hacme.com. ;; Query time: 72 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:57:54 2009 ;; MSG SIZE rcvd: 67 [root@localhost ~]# dig -t a www-4.hacme.com ; <<>> DiG 9.2.4 <<>> -t a www-4.hacme.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42818 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www-4.hacme.com. IN A ;; AUTHORITY SECTION: hacme.com. 86400 IN SOA hacme.com.hacme.com. root.hacme.com. 42 10800 900 604800 86400 ;; Query time: 57 msec ;; SERVER: 192.168.218.132#53(192.168.218.132) ;; WHEN: Sun Jun 21 18:57:57 2009 ;; MSG SIZE rcvd: 84

[Above – checking for other CNAME’s – only finds another 1 ] At the moment, it looks like there are only 2 servers at the ‘front end’ – let’s gather some other common DNS records to see what they can tell us… Some interesting stuff here, we know have the Name Servers (another name for DNS server) and the Email servers that support the domain. Let’s take a punt… if their DNS server (name server isn’t configured correctly we might be able to download a “dump” of their domain – containing all records. N:\>nslookup *** Default servers are not available Default Server: UnKnown Address: 127.0.0.1 > server 192.168.218.132 Default Server: [192.168.218.132] Address: 192.168.218.132 > ls Server: [192.168.218.132] Address: 192.168.218.132 Served by: - M.ROOT-SERVERS.NET - A.ROOT-SERVERS.NET - B.ROOT-SERVERS.NET - C.ROOT-SERVERS.NET - D.ROOT-SERVERS.NET - E.ROOT-SERVERS.NET - F.ROOT-SERVERS.NET - G.ROOT-SERVERS.NET

[Above – try zone transfer]

Ah well, it was worth a go!

Circuit :: TechTalk

During all this probing you should be making a note of all the relevant information gathered. It is usually useful to start to map out the target network in a diagram and start to make some estimations of the network size. All that information and we have only briefly touched on the target network… but things are about to change – we need to start to actively probe the systems that we’ve discovered to gain as much intelligence about them as possible. There are many tools out there that can be used for probing networks but there are two that stand out, Nmap and Hping2. Both of which are incredibly powerful and can be used to directly manipulate packets (small pieces of information sent across the network). Nmap is a very multifaceted scanner, with it you can easily probe entire network, pick specific ports to look for, adjust the TCP options on TCP packets, send UDP packets to ports that usually expect TCP all sorts of juicy goodness… Much of which can be used to determine things like the operating system a application is running on (very clever) or give you the ability to hide your probes from IDS (Intrusion Detection Systems) that might be watching the network traffic. Back to the job at hand, another nmap scan of the web servers would show only a handful of ports open – namely 80 and 443 – these are very common 80 being used for standard web traffic and 443 for encrypted traffic (usually SSL). It’s interesting to note that during the various nmap scans a number of ports show up as “filtered” – this just confirms that the servers are behind a firewall. Now for a bit of Nmap magic, notice at the bottom of the scans it takes a guess at the operating system, usually down to a very specific version – knowing the operating systems being used will be vital later on. Should you just need to check the availability of certain services on the other side of the firewall Hping2 was written to address the limitations (from a hacking perspective anyway!) in the ping tool, a utility that you will find on all modern operating systems. Ping is used to determine if a host is ‘alive’ or listening on the network. It works by sending ICMP packets to the machine and listens for specific responses. It is common to see if a host is attached to the network by typing something like this: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 192.168.10.3 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.10.2 C:\Users\administrator>ping 192.168.10.2 Pinging 192.168.10.2 with 32 bytes of data: Reply from 192.168.10.2: bytes=32 time<1ms TTL=64 Reply from 192.168.10.2: bytes=32 time<1ms TTL=64 Reply from 192.168.10.2: bytes=32 time<1ms TTL=64 Reply from 192.168.10.2: bytes=32 time<1ms TTL=64 Ping statistics for 192.168.10.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

I can ping one of Google’s servers which is not local to my network like this C:\Users\administrator>ping www.google.co.uk Pinging www.l.google.com [209.85.229.103] with 32 bytes of data: Reply from 209.85.229.103: bytes=32 time=20ms TTL=244 Reply from 209.85.229.103: bytes=32 time=22ms TTL=244 Reply from 209.85.229.103: bytes=32 time=40ms TTL=244 Reply from 209.85.229.103: bytes=32 time=21ms TTL=244 Ping statistics for 209.85.229.103: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 20ms, Maximum = 40ms, Average = 25ms

But notice, when I try to ping the Hacme mail server that we discovered in the initial stages of recon I get “no reply” – is the

server really not accessible? We know from our Nmap scan that there is a firewall protecting those machine so presumably they are dropping our ping requests… lets give HPing2 a whirl: C:\Users\administrator>ping www.google.co.uk Pinging www.l. [root@localhost /]# ping www.hacme.com PING 10.0.0.5 (eth0 10.0.0.5): Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 10.0.0.5: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

[root@localhost /]# hping2 -F www.hacme.com -p 25 HPING 10.0.0.5 (eth0 10.0.0.5): F set, 40 headers + 0 data len=46 ip=10.0.0.5 ttl=128 id=22178 sport=25 flags=RA seq=0 rtt=131.7 ms len=46 ip=10.0.0.5 ttl=128 id=22181 sport=25 flags=RA seq=1 rtt=0.6 ms len=46 ip=10.0.0.5 ttl=128 id=22182 sport=25 flags=RA seq=2 rtt=2.8 ms len=46 ip=10.0.0.5 ttl=128 id=22183 sport=25 flags=RA seq=3 rtt=0.9 ms --- 10.0.0.5 hping statistic --4 packets tramitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.6/34.0/131.7 ms

bytes win=0 win=0 win=0 win=0

Hmmm, now the server is responding – so what’s the difference? The eagle eyed amongst you might have noticed the –p 25 argument in the command. There was firewall blocking the ICMP requests to the server, so I told Hping2 to send data on a port number that I suspected might be open on the host (it’s a email server).

Fingerprinting Now that after recon the next logical step is to fingerprint what has been discovered in the recon phase which would produce a list of devices and applications that help to make up the companies infrastructure. In a fuller test this will also include abstract infrastructure devices such as CCTV installations, entry systems, alarm systems and other location specific items, which may sound very much like we’re are setting up for a spot of burglary but remember, we are playing the bad guy here and the SOW might involve us having to gain access to the site in a manner akin to an attacker. As our scope is currently limited to the publicly facing servers we will concentrate on physical security in a later article. We’ve already managed to fingerprint the web servers using Nmap, so lets concentrate on the e-mail server, dns servers and networking infrastructure components (the routers and the firewall) – to do this I’ll introduce one of the favorite tools in my arsenal - NetCat – often dubbed the “Network Swiss Army Knife”, because its versatility, which diminished at all in the 12 years since the latest release (the most recent version 1.1 was released in 1995). We’ve already scanned the e-mail server and noted that it only has s ports open, 25 (SMTP) and 110 (POP3) – two very common ports on email servers, the next step is to connect to each server and ‘grab the banners’ this usually shows us the precise version of the software running. Most applications are very happy to tell the outside world their precise version, which lets the attacker then research into what exploits are available for the version of software running on the server. One notable exception to this is DNS servers running the BIND software. BIND has been attacked successfully over a number of years so administrators have learnt to disable displaying the version, it’s a real shame they don’t learn to do the same thing for various other applications that run on the servers. Next Issue: We shall take our map and start to compromise Hacme’s infrastructure, our goal is to get into places that we shouldn’t be. We shall explain what are doing at each step and introduce some of the techniques used to infiltrate further into a company’s network.

Circuit : : 21

Circuit :: ShopTalk

CAN DOOR SUPERVISORS... written by ROBIN BARRATT

here are currently just over 5100 close protection licenses in the UK and it is estimated that just under 65% of these licenses are held by either former or serving door supervisors, with 25% from former military (with no other security experience), and only 10% pure civilians with no military background or security experience at all. Yet if you ask most of the principal international operational companies if door supervisors can make good bodyguards, most would laugh in your face and say of course not! Many former military and special forces personnel would probably say exactly the same thing - albeit a little more openly and aggressively - and if you happen to make it into a CP team with an ex-SAS colleague and tell him that you were a former (or still serving) door supervisor, regardless of your ability and aptitude he would probably never speak to you again and you would quickly find yourself transferred to RST on 12 hour shifts minding a muddy corner of the garden in the middle of nowhere...in the pouring rain.

“..there is still an ingrained mindset that all door supervisors are 20 stone, tattooed, mindless thugs unable to put a few sentences together”

Although there are currently over 140,000 licensed door supervisors currently in the UK and the industry has changed immeasurably over the past few years, there is still an ingrained mindset that all door supervisors are 20 stone, tattooed, mindless thugs unable to put a few sentences together, let alone work out the logistics of planning and implementing a professional international close protection operation. I recently sent an email to a close protection officer who was on my database from the days when I was running the BBA, notifying him of the release of my magazine On The Doors. He must have been on-line as he replied immediately by saying he works in CP and would never ever, ever, ever involve himself in anything to do with the doors or door supervisors, and could I take him off my database immediately! Which hmm, of course I did. There is still so much stigma against door supervisors entering the CP industry. Yet without the hundreds of door supervisors every year paying for close protection training, many door supervisor training companies (actually most) would quickly go out of business. In

22 : : Circuit

fact it is because of the huge door supervision market that there are now many, more companies than ever offering CP training. I recently visited a CP course run by a well known and respected company in the East of England, almost all their students were door supervisors, with two from the military and just one civilian. Admittedly there are still many mindless morons out there working the doors, as well as quite a few that cannot speak English, but aside from these idiots, the door supervisor industry has changed and there are many, many bright, intelligent ‘ordinary’ people working within this specific sector and using door supervision as a stepping stone into the security industry, including close protection. If you walk through a typical town on a Saturday night you will find that most door supervisors are in fact neither 20 stone nor mindless; most you can have a conversation with, most are generally approachable and most have other jobs and career aspirations that many of the ‘old school’ doormen didn’t have.

Circuit :: ShopTalk

...MAKE GOOD BODYGUARDS? R

egardless of whether you are a door supervisor or a former Officer of the SAS, what it takes to be a bodyguard is exactly the same; “Complete commitment to the job, absolute dedication to your principle, a high and sustained level of concentration and of course a strong desire to succeed, but ultimately a compulsive motivation to protect; you cannot be a bodyguard and be willing to put yourself in real harm’s way for someone you hardly know, if you do not have a sincere and tangible instinct to protect” said Tremaine Kent at CTR Services. It doesn’t take only former Paras, Marines or SAS soldiers to be able to conform to the above criteria, nor does it mean that just because you have had military training that you automatically conform to that criteria either. A well educated, well disciplined, conscientious doorman (or woman) can be as good a bodyguard as anyone and there are a large number of cases where former door supervisors are successfully working in teams in both low and high risk environments. A good friend of mine who used to run a few doors in Edinburgh has been working consistently in Iraq running his own CP team since the war began, and is now chief instructor and team leader for a multi-national security contractor. Another former doorman friend is now running a prestigious security division for the United Nations in the Middle East. A former door woman I know very well (ahem...) is currently heading a team based in London looking after Middle Eastern clients and a coloured female door supervisor is currently looking after one of the UKs top female black singers. The list is endless. Door supervisors can and do make excellent bodyguards, but it is their ability that has rewarded them, not the fact that they were, or were not, door supervisors. Surprisingly, when chatting to a couple of well known UK based companies about this article, a few said that they actually prefer to employ non-military personnel for their low risk, low profile operations. According to them this is because ‘military types’ can stand out and are sometimes far too regimented for a civilian security environment, especially those from a Special Forces background. Door supervisors work especially well with celebrities and at special events; film premiers, music festivals, private parties, corporate events etc. This is due to the fact that the risks posed within these environments are very similar to those working on the doors, something which former SAS personnel know little or nothing about dealing with (although it has to be said that there are a few Sqaddies that do tend to know a little about causing a touch of mayhem on the doors!). But at the opposite end of the scale, door supervisors know little or nothing about war-zone environments and this is where former soldiers excel. Instinctive reaction is undoubtedly a life-saver in contact situations and modern British society (at the moment anyway), gives little opportunity to develop instinctive reactions in life-threatening situations.

illustrations by JON MOSS One of my jobs in Bosnia during the conflict was to pick up budding mercenaries from Zargreb airport and take them onto the front line. Boastful, bragging, loudmouthed doormen (and believe me there were quite a few of them) were generally the first to return home, normally within just a couple of days, whereas the quiet humble soldier would last for months. I have seen a real hard looking tattooed 18 stone doorman literally crap his pants at the first incoming mortar attack, yet a bespectacled ‘Times’ crossword loving ex-SAS soldier stay undercover in Serb territory doing all sorts of ‘interesting’ things for months and months.

“..door supervisors know little or nothing about war-zone environments”

Close Protection isn’t just about high-risk VIP escort in Iraq. As long as you are completely dedicated to the industry, confident and have an ability to learn and to follow orders, there is a place for both door supervisors and exsoldiers throughout the close protection industry. And as long as you are realistic about where you want to work and with whom, door supervisors can, and do make very good bodyguards. Robin started his life on the doors and then went into close protection. He has worked all over the world but for the past twelve years has specialised in providing security and protection services in Russia. He is now an author and freelance writer and publishes On The Doors magazine. www.OnTheDoorsMagazine.com

Circuit : : 23

Circuit :: BooKlub Here at The Circuit, we know that despite your image, you guys like nothing more than curling up with a good book. This month: Mike Jones reviews two on-topic titles

a living, perhaps escorting VIP’s to red carpet events in the West End of London or accompanying them on their family holidays! This is in fact what the author did at first but he soon became bored with it and thus ended up back in some of the worlds hot spots but this time without the back up of HMG behind him! The story shows The Circuit’s rise from somewhat of a niche market to a multibillion dollar industry and lets you in to the fact that the industry has often put profits over safety. We found the book to be an excellent read, the sort of book that we could not put down. Bob Shepherd has been there, done it, got the t-shirt and now he has written the book! One refreshing aspect of The Circuit is that is concentrates very much on the authors time as a civilian and that in itself makes it much more appealing than the normal “when I did selection” stuff that usually makes up a large proportion of these books. Although Bob talks about the infamous Bravo Two Zero mission from GW1 it is not at all a stereotypical SAS book and the author does not shy away from talking about controversial subjects and gives opinions that many will agree with but will be unlikely to voice.

The aptly named

‘The Circuit’ by:

Bob Shepherd The Circuit written by ex SAS Soldier Bob Shepherd is one of the most recent SAS genre to hit the shelves. After almost 20 years of operating in the SAS the author retired to work as an advisor on the commercial security circuit. You would imagine that having left what is considered by many as the worlds most Elite Special Forces unit that the author would settle in to a more sedate way of making

24 : : Circuit

The author does not shy away from any subject in this book, most notably taking on what he believes was the glaring ineptitude of some of the coalition military forces and their civilian counterparts. He also outlines the fact that many of the largest security companies hire the most inept operators in place of what is required; properly trained and equipped military professionals or at the very least highly trained, experienced and well paid professionals!

‘Behind The Lines’ by:

Russell Miller This book is actually a collection of first person accounts of life in Britain’s Special Operations Executives (SOE) and the United States’ Office of Strategic Services

OSS during WWII. The accounts start at the conception of the organisations and work their way through describing the recruiting process, how they were trained and of course the operations and missions that these brave special agents set out on, many of whom did not come back. The SOE/OSS personnel where more often than not parachuted in behind enemy lines carrying false identities, many of them ended up being arrested, interrogated and sometimes executed, paying the ultimate price for fighting for their country. The author, Russell Miller introduces each chapter with an initial introduction before the agents tell of the various adventures and escapes that they lived through. Each account is so full of interest it is hard to put the book down. Supported by a team of back-room boffins who dreamed up ingenious devices like exploding rats and invisible ink. Although the book does not include any photographs, this for me does not detract from what it is, an extremely interesting and enlightening book and one that leaves you with the utmost respect for those brave people that played a significant part in securing a victory for the allied forces. Behind The Lines is a fantastic must read for anyone with a passing interest in Spy’s, Special Operations, or just World War Two in general.

Circuit :: Feature

Keeping Your Edge Training the Celebrity Bodyguard

et’s face it—in the scheme of things, in our industry, the “Celebrity Bodyguard” doesn’t always get a lot of respect. Corporate Protective Agents lump us just above Club Bouncers on the evolutionary ladder, while our peers that handle personal security details in war zones such as Iraq or Afghanistan look at us as glorified baby-sitters. Of course both of those stereotypes are just that: a collection of generalizations that may apply to some but definitely do not apply to all. The Ten Thousand dollar question is, if you’re in the Celebrity Protection Industry, does it describe you? If your sole qualifications for servicing your clients are that you weigh 300lbs or used to play football in college, chances are they might be right. As I look at it, the difference between being a Bodyguard or a Buddyguard comes down to training. Quality training along with the experience gained working with clients on a long term basis (not just standing next to them one night at a club), means you’re on the path to doing the right things as a Close Protection Agent. You’re earning a paycheck supporting yourself/and family, and protecting your Principal. In short you’re a PROFESSIONAL. Never let anyone tell you otherwise.

Sometimes in our industry I find we rely too much on labels. Take a moment to describe

yourself in a few words: Would you say you’re a Bodyguard? Executive Protection Agent? Close Protection Agent? All of those are correct in my opinion. At the end of the day, each one of those titles mean the same to a client who has a potential threat. -- “Mr. (insert title here) please assist me with getting through my day as safely and securely as possible. If the crap does hit the fan, please remove me from the situation as quickly as possible”. Who’s going to do that most effectively? Point blank—the one with the proper training. Its no secret that most of the agents in our profession come from military or law enforcement backgrounds, of course you can’t just stop there. I’m amazed at the amount of individuals that come into my office and think because they had a long career in law enforcement they can walk right into a detail and operate successfully. The same can be said for those with a military background. Both of those careers are excellent building blocks to a future in the Executive Protection Industry. However, both may also come with some bad habits that you have to un-learn before you will be at the top of your game doing EP work. Consider this: reduced to its simplest principals, police officers solve crimes and soldiers win battles. Can you see how years and years of training with those underling philosophies can be a hindrance if you don’t

ELI AH SH AW balance that with formal close protection training made specific to the bodyguard field?

So how do you build a better bodyguard? In addition to the individual skill sets you bring to the profession, a working knowledge of field medicine is important as well as knowledge of business and social etiquette. Outside of that, there are the fundamental skills that are unique to close protection. The advance work, cover and evacuation drills, and vehicle embussing and debussing techniques. You are only going to become that total package if you train.

There are many reputable schools all over the world ranging from a 1 day seminar to 3 month residency programs. Of course the cost can also rise exponentially into the thousands. Rating and reviews are in abundance on various sites (including the BBA and the NABA) so I’ll leave it to the reader to research and make the choice on which one is the best fit for them. I personally teach a 5 day hands-on course that focuses on the Celebrity Protection side because I wanted to help others achieve their goals and saw a void in this particular part of the marketplace. No matter where you go, keep in mind that training shouldn’t stop when you receive that certificate at the end of the course. Those on top of their game will continue to read books on the industry, become active in organizations and most importantly drill, drill, drill. Master these and you’ll do well in a rewarding field that is in my mind, a perfect balance between service and leadership, hard work and perks.

Elijah Shaw is the CEO of Icon Services Corporation and The National Director of the North American Bodyguard Association

Circuit : : 25

Circuit :: BoyZone

GET YOUR KIT ON

We a look at some of the essential and not so essential tools of the trade so that you don’t have to, gadgets, games, movies and ‘simply must-haves’.

PV-900 Portable Digital Recorder This piece of equipment landed at BBA HQ some months back and we have been having great fun with it ever since.

he PV – 900 is a high-resolution digital video recorder built in to a mobile phone! The camera is low light CCD, which has motion activation a date & time stamp and a unique ‘invisible’ function for covert recording meaning that the phone displays a ‘normal’ phone screen whilst recording so that to the casual observer it looks just like an everyday mobile phone. Another nice feature of the PV-900 is that it can also be used as a DVR for use with external cameras. We found the PV-900 a pretty easy device to set-up right out of the box so if we can do it then everybody should be able to! When you switch on the unit it brings up a home screen where you can set the device up and view your files and this is really easy to do. The device can record in various ways, the most simplistic being manual

recording where you simply push the record button and away you go! You can set the phone up to vibrate when you press record as a bit of a confidence check, it will also vibrate when you move the record button to the off position which again is confidence inspiring.

Also available is motion detection, a particularly neat way to record and an excellent facility in such a small device. The motion detection also has a sensitivity setting although in our experience with these facilities on the smaller products is that all the settings tend to be pretty sensitive and you can quickly fill up the micro-SD card to which the media is recorded on to. The device also has a pre-record schedule which is very useful if you know at what time you want this device to record, for example if you were in a meeting and did not want to been seen fiddling with your phone so as not to alert anyone who may be aware of such devices. Vital with these pieces of equipment is the ability to have a date/time stamp so that anything recorded can be used more effectively as evidence, we also like the fact that the storage is removable so

that if your client wants the original they can have it. The media used to record on to is minds, these cards are often found inside mobile phone devices themselves so having the miniSD slot on the side of the PV-900 is perfectly natural.

This unit has a handy light system that allows you to do a quick confidence check – blue means the unit is switched on, orange means that it is recording. Transferring the recorded media from the PV900 to a computer is really easy, all you need is a card reader and a suitable programme for editing and away you go. This device is compatible with both apple and PC’s. SPEC: • DVR Built Into Cell Phone Completely Covert And Invisible • Resolution: 720 X 480 @ 18 fps / 640 X 480 @ 30 fps • Memory: 16 GB micro SC Card • Recording Time: up to 16 hours recording time • Display: 2 X 1.5 TFT LCD High Resolution Screen • Invisible secret function key to cell phone display while recording • Time And Date Stamping: YYYY/MM/ DD/,HH,MM.,SS • Power Supply: DC 5V rechargeable battery • Power To External Cameras • Completely Covert • 450 Lines of Resolution Color CCD • 4.3 mm lens • 80 degree angle of view • .2 Lux low light rating! • Shutter Speed 1/60-1/120,000 • Power Source-Self-powered by Unit.

Includes: • Invisible Secrets PV900 Cell Phone/ DVR With Camera • Specially Designed Belt Clip Holder That Lets Camera Point Out • Battery Charger Cord • Earphone Jacks • USB connection Cord • Standard RCA Jacks Size: • 4 Inches Long X 11/2 Inches Wide X 1/2 Inch deep

26 : : Circuit

Circuit :: BoyZone

Basic Pistol

This is another excellent DVD from the Blackwater Training camp. Although very American in its production and narration (which of course it is) it is nevertheless concise, precise and simply explained, aimed mainly at those working within a tactical shooting environment wanting a refresher course and basic overview in basic pistol handling. Chapters include: Weapon Safety, Pistol Action Types, Gear Selection, Gear Placement, Fundamentals of Marksmanship, Grip, Stance, Sight Alignment, Sight Picture, Trigger Control, Breathing, Follow Through, Work Station, Loading / Unloading, Ready Positions, Drawing, Retention Devices and Summary.

Bodyguards gear up to use smallest tracker The world’s smallest, police-approved GPS tracker has been launched for UK Protective Security personnel. Small enough to fit in the palm of the hand, the RX-1 from extremetrackers.com, part of RedWeb Security, can track people or Possessions anywhere in the world, 24/7 – even in a van, garage or trailer. That’s because it blends GPS plus SMS and GPRS technologies meaning it is Accurate to 3 metres via GPS and even an incredible 2 cm

via optional RF. Originally designed for the police, it is now being offered to members of the British Bodyguard Association. It is a totally sealed unit with an integral battery and is 100% waterproof and vibration proof.

Defensive Shotgun

This is an excellent comprehensive DVD from the acclaimed Blackwater Training camp. Concise precise and simply explained it is aimed at those with little or no experience with the pump action shotgun but are interested in the weapon and its use for shooting sports, or for those working or intending to work within an employment or tactical arena and need an overview and some initial theoretical weapons training. Chapters include: Introduction, Safety, Ammunition, Weapon Selection, Fundamentals, Stance, Grip, Sight Alignment, Sight Picture, Dominant Eye, Trigger Control, Breathing, Follow Through, Ready Positions, Work Station, Loading, Unloading and Summary.

The discrete RX-1 measures just 22mm x 58mm x 38mm and updates Automatically every 15 seconds allowing real-time tracking. It is powered by a fully rechargeable lithium battery pack or can be hard-wired with just two wires for installation.

Rating 9/10 Product Details Format: Colour, DVD Video, NTSC Language: English Region: FREE Aspect Ratio: 16:9 Rating - Not Rated DVD Release date: May 2008 Run Time: 30 Mins Suggested Retail Price: 25.00 USD www.BWTrainingCenter.com

“The purpose of this course is to teach the fundamentals of pistol marksmanship and gun handling. Regardless of your particular handgun shooting discipline, be it tactical or recreational competitions, the fundamentals always apply. The ultimate goal, in any case, is the ability to execute fundamentals on demand and under any condition.”

Nevertheless, the best bit is the Geo Fencing feature – which electronically “fences in” your target and sends you a text message if there is any movement. You can do this all on-line – no need to download software – so you can keep track from a PDA or web-enabled mobile phone. John Hutton, from Custodia, who has been appointed to exclusively introduce the RX-1 to the personal protection and Surveillance markets, said: “The size and the amazing tracking technology means the RX-1 can fit virtually anywhere – and be tracked virtually everywhere. “Although it’s tiny and very difficult to spot in situ, the RX-1 is very robust and is perfect for surveillance and Protection of Assets. “ It was originally designed to help the police tackle the most difficult surveillance cases – but now is helping protective security personnel offer their clients the latest technology.” The RX-1 retails at £249.99 – with 12 months software license and sim deal from as little as £149.50 Inc vat per annum. RedWeb Security are delighted to offer all members of British Bodyguarding Association a 10 % Discount. For more information about RedWebs products, please call Redweb security on 01827 600 82 or alternatively log onto www. redwebsecurity.com

Rating 9/10 Product Details Format: Colour, DVD Video, NTSC Language: English Region: FREE Aspect Ratio: 16:9 Rating - Not Rated DVD Release date: May 2008 Run Time: 48 Mins Suggested Retail Price: 48.00 USD www.BWTrainingCenter.com

“The purpose of this course is to teach the fundamentals of Pump Action Shotgun marksmanship and handling. Regardless of your particular handgun shooting discipline, be it tactical or recreational competitions, the fundamentals always apply. The ultimate goal, in any case, is the ability to execute fundamentals on demand and under any condition”.

Circuit : : 27

Circuit :: BoyZone

ELECTRONIC DOGTAGS THAT COULD SAVE YOUR LIFE

“What is a UTAG” said Jock head of security for the Led Zep come back gig in the O2 arena. “Oi careful mate” Said “Big Phil” “It could save your life one day” A UTAG is a Digital Dogtag, a piece of kit currently being used by those individuals who do work in high-risk environments working as Close Protection Operators and Security Consultants. Some of the guys and girls who work the doors and summer festivals have also picked up on the idea, which is aiding the emergency services. Risks Contained, a leading provider and trainer in the close protection industry, have jumped on the idea and now issue all of their staff and students with a UTAG.

Traditional Dogtag UTAG

Who invented it? A guy called Phil Campion came up with the idea while he was working in Afghanistan, one of the world’s most high-risk areas at this time. Phil who is a former British Soldier who spent three years in Afghanistan as a civilian contractor came up with the idea, as he did not want to carry all of his important documents everywhere but realised he may have to prove his identity to either aide escape or gain access to life support. “You wore dog tags when you served” he said “so what has changed on the outside? It certainly is not a picnic if you get a high-risk job on The Circuit”

More and more people who have exposed lifestyles are looking to the tag to provide peace of mind. Many companies are now making it mandatory to wear one while on duty. UTAG is a serious piece of kit for serious professionals with serious jobs. How does it work? Essentially, UTAG is a very simple device and we believe that simplicity is critical for this sort of device to be most effective in the situations that it may be used. UTAG have utilised USB technology to provide a secure and simple way of relaying vital information to the emergency services should the need arise. The devices themselves are password protected and each tag has a page that can be read by the emergency services on their computers to give them the information that you want them to have and that they may need. To make it even more usable it also translates into other languages for those working overseas and even has an encrypted and password protected area where passport scans and other important information can be kept should the wearer lose all or any of their important documentation.

Credit Card UTAG

Who could use a UTAG? Realistically anybody can use them. UTAG dog tags are primarily aimed at those involved in the security industry but they have popularity amongst skiers, climbers, hill walkers, adventurists, motorcyclists, cyclists and runners along with others. But lets face it; UTAG products can be used by anybody anywhere! How many times have you been away from home or the office and NEEDED some vital information that you just did not have and could not get hold of anytime soon? Business people, particularly those that travel overseas may find them incredibly useful, as would their aides. UTAG also produce the UTAG credit card and the UTAG sports so there really is something to for everyone. A business person for instance may find the UTAG credit card the most appropriate while a runner may well feel more comfortable wearing the UTAG sports. Will the emergency services recognise it? UTAG’s have the Star of Life etched on them, which first-aiders around the globe recognise, it is a symbol that really draws the eye to those in the medical profession. UTAG products also have the letters ICE (In Case of Emergency) on them, which as you may know is a UK distress signal. In addition the UTAG logo is fast becoming recognised by more and more people as it becomes more popular. UTAG devices have come to the aide of at least eight people in its first year of production and we eagerly anticipate that this number will increase over the coming months and years of production; remember, medics are duty bound to investigate the “Star of Life”. Available now online at: www.utagice.com for £24.50

Sports Strap UTAG

28 : : Circuit

The BBA hopes to offer UTAG products for sale in its up and coming on-line shop.

CLASSIFIED

A.B.I. Solutions A.B.I Solutions is a dynamic, forward thinking company, specialising in surveillance, security and investigations with local, national and international experience. A.B.I provides a wide range of services to the corporate sector and individuals alike. www.abisolutions.co.uk ___________________________ Argus Europe County Durham, T:+44 (0) 8456 123 843 Argus Europe has been providing specialist training for high-net worth clients and their families for close to 20 years, worldwide. Argus Europe now offer accredited training for CPO’s, Surveillance Operators and Private detectives. Argus Europe is an operational company working globally with an extensive variety of contracts. www.arguseurope.co.uk ___________________________ ANZU Executive Protection Fairgate House, 205 King’s Road, Tyseley, Birmingham, B11 2AA Tel: + 44 (0) 121 707 9296 Training services include: Close Protection, Threat Analysis and Risk Management, Close Quarter Combat (including live weapons) Surviving in Hostile Environments, Advanced First Aid Treatments and Protective Driving. BBA Member. www.anzuexecutiveprotection.com ___________________________ Athena Security & Intelligence Consultants Ltd 69 Buchanan Street, Glasgow, UK, G1 3HL Tel: + 44 (0) 141 314 398 Specialist intelligence training and operations for private and public bodies working in permissive and nonpermissive environments. Covert HUMINT, Counter-Intelligence, Hostage Awareness and Negotiation specialities. www.athenaintelligence.co.uk ___________________________ Bob Honiball Self Defence V. Druskio g. 1/22-250, Vilnius, LT04307, LITHUANIA Tel: + 37 0682 22151 Effective self defence based upon the reality of confrontation and physical violence. BBA Accredited training provider. www.bobhoniball.co.uk ___________________________ Camberford Law Plc Lygon House, 50 London Road, Bromley, BR1 3RA Tel: + 44 (0) 20 8315 50 We provide bespoke insurance solutions for Bodyguard, Door Supervisor, and Security companies of all sizes. Cover can apply for worldwide services. It is an exclusive arrangement - not available to anyone else. BBA Associate Member.

www.camberfordlaw.com/closeprotection ___________________________ Canadian Use of Force Systems 7975 Yonge St. # 7124, Innisfil, ON, L9S 1L0, CANADA Tel: + 1 705 456 4333 A professional Use of Force and Defensive Tactics organization teaching a full range of controlled response options for Self-Protection and Use of Force considerations in public and professional environments. BBA Associate Member. www.canadianuseofforce.com ___________________________ Challenger Chauffeuring and Security Ltd Eaton Place Business Centre, 114 Washway Road, Sale, M33 7RF Tel: +44 (0) 161 905 1424 Based in South Manchester, we aim to take customer service levels to new heights by providing smart, high calibre drivers and vigilant, professional door supervisors and security staff. Licensed close protection operatives are also available to work both at home and abroad. BBA Member. www.challengergroup-mcr.co.uk ___________________________ Concept Tactical London, England Telephone : +44 (0)78 538 79913 (0)78 538 79913 Through Concept Tactical well known author and protection specialist Casey Christie provides clients with specialised close protection and a security consultancy service operating to only the highest standard. www.concepttactical.com ___________________________ Control Risks Cottons Centre, Cottons Lane, London, SE1 2QG Tel: + 44 (0) 20 7970 210 Control Risks training services is the training division of business risk consultancy Control Risks. We run courses including close protection, hostile environment training, close protection within hostile environments, first aid and defensive driver training for organisations and their staff, ex service personnel and other private individuals. www.controlrisks-training.com ___________________________ Coversure Insurance Services 23, Croydon Road, Reigate, Surrey, RH2 0LY Telephone : 0800 308 1010 Coversure ( Reigate ) is a Specialist Insurance Broker to the Security Industry including Event Security, TV & Media Security, Guarding and Close Protection. www.1nsurance.co.uk ___________________________ Covert Solutions Group International 27, Old Gloucester Street, London, WC1N 3XX Tel: + 44 (0) 7005 964 17

A UK based Specialist Security Company with Global reach and are leading providers of Close Protection and Surveillance to Private, Executive and High Profile Clients. BBA Member. www.covertsolutionsgroup.com ___________________________ D.McKenzie Associates Stacey Bushes, Milton Keynes, MK12 6HL Tel: + 44 (0) 1908 225474 Operational management, training, threat and risk assessment, threat management, executive (personal) and corporate security / investigations. BBA Member. www.dmckenzieasociates.com ___________________________ Detective Lacerda P.O.BOX 25996, São Paulo, 05513970 , BRAZIL Tel: + 55 (11) 3452 4388 Providing the full range of security and investigation services throughout Latin America. BBA Member. www.detectivelacerda.cjb.net ___________________________

DM Security (UK) Ltd The Elms Business Centre , 62 High Street, West Bromwich, B70 6JT Tel: + 44 (0) 8444 821 460 A highly professional and reliable outfit catering for all aspects of security and close protection. We have an enviable reputation within the industry and guarantee a friendly, efficient and consistent service. BBA Member. www.dmsecurityuk.com ___________________________ Female-Bodyguard.com 2 William Street, Berkhamsted, HP4 2EL Telephone : + 44 (0) 780 1066315 A highly trained team of female close protection officers providing CP services worldwide. BBA Member. www.female-bodyguard.com ___________________________ Goodege Limited 26 York Street, London, W1U 6PZ Tel: + 44 (0) 207 060 605 Specialists in SIA CP Chauffeur Driven luxurious vehicles. BBA Member. www.goodege.com ___________________________ Griffith Corporation Security Service 332 South Pennsylvania Ave, Glendora, California CA 91741-4231, USA Tel: + 1 775 790 9446 Provides security consultation and serves as the hub of its Security Network Portal. Also operates the Homeland TV Network and Griffith Broadcasting, both of which are online TV channels dedicated to security issues. The firm also operates Air Securitas, a private air security firm providing VIP security and air transportation. In addition to these venues, Griffith Corporation Security Service provides executive protection refer-

To place a classified lineage or box advertisement telephone our sales team on: 0845 3102 413

rals and services. BBA Member. www.griffithcorp.com ___________________________ Hawk East PO Box 339, Stoneville, NC 27048, USA Tel: + 1 336 427 8699 The Complete Bodyguard Training Video Series, VHS or DVD. BBA Member. www.bodyguard-training.com ___________________________ Heimrisks Svartemyrar 2, 458 93 Färgelanda, Sweden The tactical pistol training program is an advance level of the training program and the focus is for the high risk contractor who operates in a hostile environment and with specialist equipment. www.heimrisks.com ___________________________ Icon Services Corporation 1043 Grand Ave. #312, St. Paul, MN 55105, USA Tel: + 1 651 695 8778 A full service security and investigative agency specializing in providing high-level security and bodyguards to international celebrities, public figures and corporations. Licensed, bonded and insured, our diverse roster of clients reads as a virtual who’s who in the corporate, motion picture, fashion and recording industry. Entering into our 10th year, Icon has been the hand picked choice to provide Executive Protection to everyone from Superintendents to Supermodels. BBA Member. www.Industry-Icon.com ___________________________ Imperial Protective Service, LLC 15849 N. 71st Street, Suite 100, Scottsdale , Arizona, 85254, USA Tel: + 1 480 281 1588 Imperial Protective Service’ (IPS) is a security consulting and services firm founded in 1978. IPS provides both national and international corporate, executive and celebrity protective services. BBA Member. www.executiveprotect.com ___________________________ Intelligent Network Services Unit 27B, Wolverhampton Airport, Stourbridge, DY7 5DY Tel: + 44 (0) 845 2572193 We provide a full and comprehensive range of services into all areas of business and the private sector including Close Protection, static security (all UK SIA Lincensed), Private Investigation, Aviation, Maritime & Fire Services and a Secure Document Transfer Service. BBA Member. www.intelligentnetworkservices.org ___________________________ International Protection Group 16 Penn Plaza, Suite 1570, New York, NY10001, USA

Circuit : : 29

CLASSIFIED Tel: + 1 212 947 1681 A highly specialized team of current and former law enforcement and experienced protection professionals that provide the best individual or group protection at every turn. BBA Member. www.internationalprotectiongroup. com ___________________________ International Protection Management Dublin, EIRE Tel: + 353 1800 771 772 Specialists in Security Risk Management & Consultant Bodyguard Services for Media, Corporate, Hotel, Private, Executive and Celebrity Clients. BBA Member. www.bodyguards.ie ___________________________ International Security Academy P.O.Box 5833, Herzeliya, 46000, ISRAEL Tel: + 972 9 950 0969 Our graduates are more recognized, respected and sought after by Distinguish Protection service “consumers” and by most of the “Providers” of Protection services worldwide. Organisers of the 2008 International Summit of Protection Officers. BBA Member. www.SecurityAcademy.org.il ___________________________ IPSS Security Northfield, Aberdeen, AB16 7EX Tel: + 44 (0) 1224 69455 Security and protection services - UK and overseas. BBA Member. www.ippssecurity.co.uk ___________________________ ISS Training Ltd Riverside Cottages, Nidd Walk, Pateley Bridge, Harrogate, HG3 5NA Tel: + 44 (0) 1423 712265 ISS Training Limited are providers of specialist covert surveillance training courses and publications to the security and investigative industries, enforcement agencies and specialist military units. Formed in 1990, we are the longest established surveillance training company in the United Kingdom. Our credibility and reputation is widespread and we offer nationally recognised qualifications. BBA Member. www.intelsecurity.co.uk ___________________________ John C’s Agency Niedersachsen, Winsen, D-29308, GERMANY Tel: + 49 5056 249012 As a professional Company for Armed Close Protection, John C´s Agency stands for professional knowhow and experience in all sectors of the CP, Security and Chauffeur professions. BBA Member. www.johns-agency.com ___________________________ John Featherstone 24hrs : +44 (0)7702 740722, john@ johnfeatherstone.co.uk

30 : : Circuit

Security professional with operational experience gained in a variety of theatres. Main specialities close protection and surveillance. www.johnfeatherstone.co.uk ___________________________

Security, ad Aziende, Istituti BancariCommerciali e Finanziari, a Studi legali e Privati, in tutto il mondo. BBA Member. www.newsecurity-investigazioni.it ___________________________

K SA Security Kodratou 22, Athens , 10436, GREECE Tel: + 30 210 5235558 K Security Agency offers a wide range of services including VIP protection security consulting and risk analysis. BBA Member. www.ksasecurity.gr ___________________________

Primus Group 8, Earlswood Road, Llanishen, Cardiff, CF14 5GH Tel: + 44 (0) 29 20757578 Conflict Management, Workplace Violence, Management & Development, PhysicalIntervention, HSE First Aid Training, Security Consultancy. BBA Member. www.primusgroup.co.uk ___________________________

Komodo Red Security Services Unit A The Courtyard Business Centre, 27 Norfolk Street, Peterborough, PE1 2NP Tel: + 44 (0) 1733 567253 We offer bodyguard, close protection, security, surveillance and consultancy services such as risk assessments. We also provide unarmed combat conflict management training. BBA Member. www.komodored.com ___________________________ MAF Protection P.O. Box: 25996, São Paulo, 05513970, BRAZIL Tel: + 55 11 3452 4388 MAF Protection was formed in 2001 by a Group of experienced independent Security Specialists, who have trained and gained their experience from service within the Armed Forces, Police and Civilian Security Sector. We provide an extensive range of specialised security services. BBA Member. www.mafprotection.com ___________________________ MB Security Service Furstenbergs Gatan 4, Gothenburg, 41664, SWEDEN Tel: 46 (0) 31 150 333 Close Protection and security services worldwide. BBA Member. www.mbsecurityservice.com ___________________________ Military Grade Encryption Phones PO Box 52310, Limassol, CYPRUS Tel: + 357 7777 7276 Built-in encryption software which converts your voice to encrypted data using a constantly changing mathematical formula. It uses a dual layered RSA/AES combination and a changing session key which modifies the encryption algorithm every second. € 1,398.00 + VAT. All prices include new Nokia N73 phone. BBA Member. www.protechcy.com/new ___________________________ New Security via Rome 100, 95030 Gravina of Catania, Sicily, ITALY Tel: + 39 0954 197 546 La New Security di Carmelo La Rosa è stata fondata nel 1993 per fornire servizi di Investigazioni, Ricerche, Informazioni Commerciali, Intelligence,

Protector Network 156 Queens Road, London, SE15 2HP Tel: +44 (0)759 434 9911 The Protector Network provides worldwide operational and training solutions. Closely bound with the International Bodyguard Association and ILETA we are able to provide global coverage through our professionally qualified affiliates. Free membership for BBA members. BBA Member. www.protectornetwork.com ___________________________ Red Diamond Security PO Box 775, Christchurch , 8140, NEW ZEALAND Tel: + 021 0227 0093 Providing professional proactive security ranging from basic security guarding through to Close Protection (Bodyguard/PSD) in Iraq. BBA Member. www.reddiamond.co.nz ___________________________ Richard James Cooper 24hrs : +44 (0) 7890 676839 , info@ richardjamescooper.co.uk Experienced Security Professional and Front Line Close Protection Officer. www.richardjamescooper.co.uk ___________________________ Saint Security Consultants Pte Ltd 20 Kramat Lane, #03-04 United House, 228733, SINGAPORE Tel: + 65 67373104 Licenced by the Criminal Investigation Department of the Singapore Police Force, Saint Security Consultants Pte Ltd was incorporated by former Police officers from various departments and specialist professionals with decades of expertise in Criminal and Commercial Investigation, Intelligence Operations as well as Security Planning and Management. BBA Member. www.saint-security.com ___________________________ Self Protection Services Wingate, Durham, TS28 5LQ Tel: + 44 (0) 1429 836040 Self Protection Services was formed to help fill the void in the North East of England for realistic self defence tuition and to supply close protec-

To place a classified lineage or box advertisement telephone our sales team on: 0845 3102 413

tion and event security services. BBA Member. www.selfprotectionservices.net ___________________________ Sexton Executive Security 10332 Main Street #181, Fairfax, VA 22030, USA Telephone : + 1 703 293 6262 Providing a wide range of executive security services to corporate and private clients alike. Based in the Washington D.C. Metro area with a global reach and an established presence in the U.A.E. to service clients and interests in the Middle East. Overseas Executive Protection training course and Yacht Protector’s course held in Dubai several times throughout the year. BBA Member. www.sextonsecurity.com ___________________________ Shaun West United Kingdom, E: sw@shaunwest. co.uk T: +44 (0)7830 109 601 SIA licensed, Highly Experienced Frontline CPO. Ronin SA trained. Providing security for both corporate and hostile Environments. www.shaunwest.co.uk ___________________________ Sting Protection Germiston, Guateng, SOUTH AFRICA Telephone : + 27 82 791 0119 Our highly trained staff will assure that you receive piece of mind, and that you and your valuables are safe and secure during your visit to South Africa. BBA Member. www.sting-protection.co.za ___________________________ Sun Security Personnel Suite 7/Level 1, 564 Princes Highway, Rockdale, NSW 2216, AUSTRALIA Telephone : + 1300 736 795 Founded in 1992 with a vision to provide a professional and outstanding level of security service to our clients worldwide. BBA Member. www.sunsecurityñcom.au ___________________________ Tony Scotti’s Vehicle Dynamics Institute 1162 St. Georges Ave, Suite 277 , Avenel, NJ 07001, USA Tel: + 1 732 738 5221 The first name in advanced driver training, offering our highly acclaimed Protective/Evasive Driving Programs. Designed specificallyfor today’s executive chauffeurs, executive protection professionals and others who are responsible for providing safe and secure transportation services. BBA Member. www.vehicledynamics.net ___________________________ Varsity Publications PO Box 222, Chipping Norton, Oxford, OX7 5WY Telephone : +44 (0) 870 350 1231 Varsity International Directory of Security & Close Protection features around 2000 Security Advisors, Bodyguards & Executive Protection Spe-

CLASSIFIED cialists and it covers over 150 countries throughout the world. It is laid out by Continent and thereafter alphabetically by Country and City for ease of use. There is a map for every Country covered plus information panels giving vital details such as local currencies, languages spoken, dialing codes and time differences. www.varsitypublications.com ___________________________ Viking Security 185 Langworthy Rd, Salford, Manchester, M6 5PW Tel: + 44 (0) 161 745 880 Our aim is to provide first class security solutions. By using the skills of our dedicated team of professionals, we will ensure the very best service and support is offered to all our clients. BBA Member. www.vikingsecurity.co.uk ___________________________ VIPA Tactical Training P O Box 353, Roweltown, Cumbria, CA1 9DP Tel: + 44 (0) 7954 218125 A specialist training academy dealing with four specific areas of combat: VIPA Civilian Self Protection Program,

VIPA Close Protection Combat System, VIPA Police Defence Tactics and VIPA Military Close Quarter Combat. BBA Member. www.VIPAtacticaltraining.com ___________________________ Watchman Protective Services Inc 1306 Fairlakes Pl, Mitchellville, MD 20721, USA Tel: + 1 866 608 8000 We provide executive protection and security guard services with unarmed and armed security officers and mobile patrol services to industrial and manufacturing facilities, commercial properties, local and federal governments, residential communities and retail establishments. BBA Member. www.watchmanprotective.com ___________________________ Wild Geese Martial Arts Harold’s Cross, Dublin 6, EIRE Tel: + 353 87 672 6090 We run a courses designed to be more than just self defence. You will learn some of the secrets and techniques used by the world’s top Bodyguards to keep you and your principle safe from attack. BBA Member. www.wildgeesema.com

To place a classified lineage or box advertisement telephone our sales team on: 0845 3102 413

Circuit The

This edition of The Circuit was brought to you by: -

Contributors: Robin Barratt, Anna Cooperwhite, Stewart Griffiths, Richard Hewetson, Peter Jenkins, Mike Jones, Keith Loose, Nick McCarthy, Elijah Shaw, Shaun West, Max Williamson Illustrations: Jon Moss

Additional Photography: Kal Wilkins Design and Layout: Kal Wilkins

DISCLAIMER While every care has been taken to ensure that the information contained in this magazine is both accurate and up-to-date, The Circuit accepts no liability in any part for loss or damage incurred by reliance on information contained in this magazine through omissions, errors, howsoever caused. © COPYRIGHT Copyright remains with the authors and contributors at all times. No part of this publication can be copied or reproduced in any way whatsoever without permission from the publisher AND the author / contributor.

Circuit : : 31