Intelligence Improvement
The intelligence services of the United States are among the best in the world. Nevertheless, they are not perfect, and certain aspects of their operations are subject to criticism. They may also benefit from improvements in other areas, such as cyber-intelligence and the utilization of publicly available data. This report highlights two concerns related to US intelligence services and suggests improvements in related fields.
Public Information and Transparency
Due to the development of the Internet and its use by various individuals and organizations, more information is easily accessible from any location than ever today. However, according to Weinbaum, Parachini, Girven, Decker, and Baffa (2018), intelligence agencies have not yet embraced openly available data as a source of intelligence. This inefficient use of the available information is an area that could be improved with significant results.
Many companies collect public information and analyze it using big data approaches, particularly machine learning, to sell the resulting information to interested parties. It is possible to cooperate with them to obtain intelligence, or the intelligence community may develop their tools for the purpose. This method allows for data collection speeds that are superior to the efforts of an individual or a group and enable highly precise guesses based on large amounts of contextual information.
A common argument used by information professionals is that open data has less value because it is not classified. However, the modern trend of declassifying information and making the internal proceedings of governmental organizations more transparent removes a notable part of that argument’s weight. Also, classified information presents its dangers, as demonstrated by recent scandals involving the publishing of classified information such as the WikiLeaks case.
Furthermore, public data may even reveal information that is supposed to be secret with enough analysis. Weinbaum et al. (2018) provide examples of classified locations in North Korea and Russia being approximated using open sources such as Google Maps and Twitter. This ability could prove highly beneficial to an intelligence service, as the availability of the information enables data gathering on other countries while also highlighting potential weaknesses of the nation and ways to mitigate them.
It should be noted that the use of open data by information agencies calls for more transparency displays in turn. Bruneau (2014) states:
if, on the one hand, the IC can point to the publication of Statement for the Record to the Senate Select Committee on Intelligence Worldwide Threat Assessment of the US Intelligence Community of James R. Clapper, Director of National Intelligence of January 29, 2014, as an important proof of transparency, critics can point to secret NSA metadata programs under Section 215 of the USA PATRIOT Act which, in their view at least, violate Americans’ right to privacy. (p. 5)
When intelligence agencies begin using personal information that is not publicly available, the public immediately starts questioning the lawfulness of their methods.
Bruneau’s point is valid because electronic surveillance that aims to access non-public data without the person’s consent explicitly forbidden by Executive Order 12333 – United States Intelligence Activities (1981). As such, a degree of transparency is necessary for the full utilization of the potential of publicly available data. If government analysts utilize data that they discovered by parsing openly available information, then the public has to be assured that the information was obtained lawfully.
Cyber-Intelligence and Defense
The attackers have always been ahead in the cybernetic arms war, as they can exploit the passive nature of the defenders and discover weaknesses in secret before using them to cause damage. As a result, currently, it is difficult for an organization to claim immunity to cyber-attacks, and data breaches happen in highly secure systems regularly. Nevertheless, defending the cyberspace is one of the duties of intelligence agencies, and they have to develop new countermeasures and monitor possible attacks continuously.
The US cyber-defense system suffers from a lack of organization and coordination. According to Pernik, Wojtkowiak, and Verschoor-Kirss (2016), “all federal departments and agencies are in charge of the protection of their ICT systems” (p. 15). This division interferes with the cooperation and prevents security advancements from spreading across the entire system at a sufficiently quick rate. Furthermore, it makes a fast and efficient response to a cyber-attack highly challenging.
Such unification would not require a significant reorganization, as most of the necessary structures already exist. The various information security departments of the government agencies would begin answering directly to the National Cyber Security Division. The development of sufficient infrastructure would take more time, but as a considerable part of cyber-security installations is not physical, the expenses would be lower than usual. However, it would likely be necessary to hire more staff, and it would take time for the specialists to adjust to the change.
Unifying the country’s cyber-defense system would be an improvement in coordination and enable new strategies. Mandt (2017) describes models for cyber-intelligence analysis and active cyber-defense operations that may significantly improve the effectiveness of protective measures. These models are more useful for larger systems that can employ more specialists and devote more resources to the issue. The unification of infrastructure and the use of these strategies may change the dynamics of cybernetic warfare.
The intrusion analysis model described by Mandt (2017) allows an analyst to use data from a unified system to identify sequences of related intrusion events. The information obtained from such an analysis can be used to determine various factors, such as the attackers’ identity, methods, and goals. If intelligence agencies can use the data to predict the next attack target of the opponents, they can employ active cyber-defense measures, for which many attackers are not prepared.
Mandt (2017) provides an example of such a strategy that aims to exploit the focus on a single aspect of the system and ignorance of the whole that characterizes many modern cybernetic attackers. As many hackers believe their actions are not noticed by the organization they target, they may be manipulated to minimize the damage they cause and possibly harm them by providing them with false information or counter-attacking their system. As a result, the cybernetic warfare field will become more even, with the attackers now having to take risks, unlike the current situation where they can often work without the threat of discovery or repercussions.
Conclusion
The primary areas for improvement available to intelligence services today are related to the Internet and its rapid growth. Analysis of openly available data can reveal significant amounts of valuable intelligence, and cyber-warfare is still a largely unexplored area that remains a potential threat. If intelligence services begin fully utilizing public information and apply their analytical abilities to a unified cyber-defense system, their capabilities may improve considerably.
References
Bruneau, T. (2014). Democracy and security: The current debate on reforming US intelligence. Web.
Executive Order 12333 – United States intelligence activities (1981). Web.
Mandt, E. J. (2017). Integrating cyber-intelligence analysis and active cyber-defense operations. Journal of Information Warfare, 16(1), 31-48.
Pernik, P., Wojtkowiak, J., & Verschoor-Kirss, A. (2016). National cybersecurity organisation: United States. Web.
Weinbaum, C., Parachini, J. V., Girven, R. S., Decker, M. H., & Baffa, R. C. (2018). Perspectives and opportunities in intelligence for US leaders. Web.