How Uber Could Help Change Spycraft

Uploaded on 2015-08-24 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The_Intelligence_Process_JP_2-0.png

The US intelligence community wants feedback from the innovative car-sharing company and other commercial startups on its 5-year data-analysis roadmap. The intelligence community quietly released an unprecedented, unclassified five-year-roadmap charting the future of data analysis it wants commercial startups like ride sharing firm Uber to read.

The chart, part of a larger science and technology strategy, is aimed at encouraging unconventional makers like the car service app-developer and traditional tech contractors to help fund answers to oncoming national security problems.
The roadmap is an outgrowth of spring workshops with 40 companies that do classified work and a government analysis of the intelligence community’s science and technology needs.

By syncing private sector research now underway with the Office of the Director of Intelligence’s threat predictions, the right technology will be ready at the right time at the right price, DNI officials say.
The publicly available gap analysis, titled “Enhanced Processing and Management of Data from Disparate Sources,” maps out one of six future growth areas for the spy community. The other graphics are only for the eyes of individuals holding secret security clearances.
“Maybe they’ve got scheduling algorithms that would help us with our logistics problems,” David Honey, DNI director of science and technology, said during a recent interview with Nextgov. “If we can leverage those kinds of tools, maybe we gotta adapt them a little bit, but that certainly beats having to go and pay for those things from scratch.”

Powers U.S. spies need that no one is funding yet include, for example, expertise in determining the biases of social media site moderators, geolocation in the presence of encryption, room temperature quantum computing, and immersive virtual world user experience.
“One of our goals for the coming year is to try and extend our outreach via whichever trade associations are willing to take it on, into the uncleared community as well,” Honey said, sitting inside DNI’s McLean, Virginia headquarters. “That’s why getting this information on to the ODNI’s open website was so important to us. We want to have that outreach to the nontraditional to include the uncleared performer community so that they can gain insight into what the challenges are that we face so that they can come forward with ideas.”

As of four years ago, information technology consumed about 23 percent of intelligence program funding, according to DNI. President Barack Obama has requested $53.9 billion for the program in 2016.
Social Media Overload
Director of National Intelligence James Clapper last month described some information-munching difficulties confronting analysts, such as tracking down lone wolf extremists who have been inspired by Islamic State rhetoric.
“With the way people radicalize on their own, or are radicalized via social media where they don’t leave out a signature, they don’t emit — some attribute or trait or behavior that would lead you to begin watching them,” Clapper said at the Aspen Security Forum in Colorado. “And so we’re lacking that.”
The difficulty is then exacerbated by the use of encrypted, or digitally scrambled, communications, he said.
“Someone is proselyted by an ISIL recruiter sitting in Syria or some place,” and if that potential extremist takes an interest, “then they’ll switch to, you know, encrypted communications that we can’t watch,” Clapper said.
However, it is not believed the homegrown radical Mohammod Abdulazeez, who gunned down five servicemen in Chattanooga, Tennessee, in July, used encryption to hide plotting.
“There’s been no connection made” yet, Clapper acknowledged. He added, it might be beneficial to quantify the use of encryption by terrorists: “I think we probably need to see what we can do to do a better job of keeping some metrics” on incidents “where we ran into an encryption situation and that stymies an investigation,” he said.
The intelligence community is not bankrupt of innovators, by any means.
In-Q-Tel, a CIA-backed venture capital firm, has borne fruit from technologies it helped seed at open source threat analysis firm Recorded Future and data-sleuthing company Palantir, among some roughly 200 startups.
But sometimes, uncleared execs create gadgets and services that have unintentional classified applications, Honey said.
The spy community might look at, for instance, Twitter analytics to discern how a mass civilian casualty incident overseas is affecting foreign sentiment toward America.
Social media “is in many cases an indicator of developments that previously we never would have had access to. One time, the best open source information source would have been CNN,” Honey said. “But today, with all the social media activity that’s out there, we need to understand what’s coming before it gets here — not after it’s already here and now we’re behind the curve in understanding how to interpret it.”
People might ask, “How could you not follow what goes on, on Twitter?” he added. ”Well, it hasn’t been around that long,” he added.
Crowdsourcing Classified R&D
The data analytics roadmap fills up a couple of sheets in a 26-page unclassified 2016-2020 DNI science and technology strategy posted online in recent days.
Bringing the paper to life already has required the use of social media. Contractors and intelligence agencies are crowdsourcing updates to the document and matching agency needs with funded corporate projects on a classified website, Honey said.
The collaboration environment is located on a Top Secret system called Jwics, for Joint Worldwide Intelligence Communications System.
It’s easy to compare this venture to a wiki, but unlike, say, Wikipedia, the spy system must be able to push out edits to relevant agencies and relevant companies in a timely fashion.
Agencies “need to be able to post the challenge in a way that the system automatically alerts the right technology suppliers,” and “if you’re a technology provider and you are posting new solutions, the solutions need to be able to find their way to the customer” without everybody doing a search every day, Honey said.
If feasible, DNI will create a public Web space for individuals without clearances to contribute suggestions for the unclassified strategy, he said.
Other roadmaps designed during the recent contractor workshops chart rifts in, among other things, space capabilities, global proliferation prediction capacity, and the ability of novel sensors to reveal adversary actions.
The businesses that participated in the meetings are gathering a week from Monday to start developing yardsticks for measuring progress in each gap area, Honey said.
Outsiders wanting to help equip spies who have not been briefed on Top Secret intelligence are not necessarily at a disadvantage. They might be more likely to devise technologies that go beyond mere upgrades.
“If you are too close to the classified information, you are going to try to create a faster horse,” Honey said. “Quite often, people who have just a general knowledge of what we’re trying to do are in a better position to help us think about new solutions, than those who are deeply ingrained in the machine.”
DefenseOne: http://bit.ly/1Kpo2bH

 

 

« Investors Pour $Billions in to Cybersecurity
Addressing the Predictive Analytics Skills Gap »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Surrey Centre for Cyber Security (SCCS)

Surrey Centre for Cyber Security (SCCS)

The Centre focuses on three main research directions - Privacy and Data Protection, Secure Communications, and Human-Centred Security.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

DefenseStorm

DefenseStorm

DefenseStorm is a Security Data Platform that watches everything on your network and matches it to your policies, providing cybersecurity management that is safe, compliant and cost effective.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

RIA in a Box

RIA in a Box

MyRIACompliance combines our team of RIA compliance experts with an online software platform to help investment advisers better manage regulatory compliance and cybersecurity responsibilities.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Guardio

Guardio

Guardio develop tools and products to combat modern web and browser threats.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Q-Bird

Q-Bird

Q*Bird's mission is to provide equipment for the current, and future European quantum internet.