Translate

Wednesday, August 22, 2012

Countering the internet's demons: Or, why OSINT is the need of the hour

The events in Assam and its internet fallout has the government in a tizzy.
The government got wise to the incendiary SMSes and postings in anonymous websites more than a month after they first appeared.
And now they are hitting out at all and sundry—banning websites, bludgeoning hapless cyber cafés and lambasting Twitter, YouTube and Facebook.
Intelligence agencies claim that they had warned the government of the development and it failed to understand the gravity of the situation. 

People from India's northeastern states crowd a railway station after disembarking from a train from the southern Bangalore city in Gauhati, Assam state 
 

But these agencies, too, became aware of the development well after the worst damage had been done.
In one sense they can’t be blamed. The internet has created a whole new world, and they have yet to understand it.
Where conventionally intelligence has been based on human intelligence (Humint), technical intelligence (Techint), communications intelligence (Comint) and so on, the universal domain of the internet has created a demand for a new category of Open Source Intelligence (Osint).

Facts

Traditionally, open source intelligence is stuff you get from the radio, newspapers, journals, TV, internet.
In some ways, these sources have long been used to supplement intelligence reporting.
But the potent combination of the new communications technologies—the internet and mobile phone—have created a new genre of Osint requirements which you can ignore at your own peril.
Intelligence agencies deal with secret facts, and the process of their verification is very important for them.
A particular source, the standing of an established agent, or a technical process, are all part of this. However, what do you do when the weapon is rumour spread to a crowd through an SMS or an MMS?
Till now rumour has been a subset of real situations —about holy books being burnt, cattle or pig heads thrown at holy places and so on.
What is needed is an ability to take all facts—proven and unproven, factual or fictional and make some sense out of them, ideally before the fire is actually lit.
This is what Osint is able to do.
For a variety of reasons, intelligence agencies have had a bias against what they say is “unverified” facts that Osint provides and in India, as in other countries, Osint has been considered a “second class” source.
Though, mind you, there is no dearth of cynics who will say that many an IB or R&AW report lifts matter from newspapers and magazines and passes it off as intelligence.
Intelligence agencies however, do legitimately need to use Osint to context their reports which are based on secret sources.
But in today’s world where communications technologies can trigger off a mass exodus or create massive protest movements, Osint cannot be ignored.
This is especially so when the Islamists have proved themselves to be adept at using the new internet related technologies.
For example a great deal of information about Al Qaeda has come through the as-Sahab Institute’s postings on the internet, rather than through any secret source.
The as-Sahab has acted as a messaging as well as a production site that comes up with propaganda material for the outfit.
As is well known, the Al Qaeda and other jihadists have used the internet for the purpose of recruiting and in some instances to train their far flung recruits to function as autonomous units.
Since World War II the Central Monitoring Service of the All India Radio, based in Shimla, used to provide reports on radio broadcasts to the government.
Subsequently, some monitoring of TV broadcasts also began. In 2005, the CMS was merged into the National Technical Research Office.

Osint

This must have appeared to be a strange decision, considering that the CMS job was to monitor open radio broadcasts, while the NTRO was supposed to use cutting edge high-tech resources to ferret out secret information.
But the reason for this was mundane—the fledgling NTRO welcomed the CMS into its fold, because the latter brought along a “dowry” in the form of enormous tracts of land on which their monitoring sites were located.
Today, though Osint is part of NTRO, it is only a subsidiary discipline for them.
India, like many other countries, lacks a dedicated Osint organisation or centre.
The Assam fallout should be a wake up call for the government on the subject.
While we have organisations like the CERT-IN or the NTRO to take care of cyber-threats, we have no way of determining when and how internet and communication technologies are being used to incite people or to create a mass movement through propaganda.

Speed

Osint is not just the simple monitoring of the internet, airwaves or TV channels. It also involves deep and sophisticated searches and analyses of the entire internet for trending developments.
This is based on special software which may, for example, trawl the YouTube for particular kinds of messages, or warn against possible social disturbances by monitoring certain chatrooms and websites.
Not surprisingly, the leading companies in the field are in the US whose intelligence agencies have invested in startups like Visible Technologies which trawls millions of posts and conversations in blogs, YouTube, Twitter and Amazon.
Another company Attensity aids the process of digesting large volumes of information and making sense of it.
Recorded Future not only looks at the blogs, YouTube and the like, but also tries to link individuals, groups, organisations with incidents and actions.
The great advantage of Osint is speed.
You do not have to worry about revealing or protecting sources or seeking hierarchical clearance for some bit of information.
It is the slow speed of the government—state and Union— response to the Assam events that allowed the crisis to mature.
The internet has given birth to a whole new world—it is time we understood how to live in it.
 Mail Today August 22, 2012

No comments: