The Tradecraft Around New Open Source

By Cynthia Saddy

Cynthia Saddy is a former senior executive with the Central Intelligence Agency, where she held numerous leadership positions including the Directorate of Operation’s Chief Technology Officer (Acting and Deputy), Senior Advisor to In-Q-Tel, Chief of Staff to the Director of Operations, and as a two time Division Chief of Operations responsible for leading large-scale HUMINT and technical programs across multiple geographic regions.

By Kristin Wood

During her 20-year CIA career, Kristin Wood served in the Director’s area and three Agency directorates – analysis, operations, and digital innovation – leading a wide variety of the Agency’s missions in positions of increasing authority. Among her key Agency assignments were Deputy Chief of the Innovation & Technology Group at the Open Source Center (OSC). She led OSC’s open-source IT and innovation efforts to extract meaning from big data.

OPINION — Publicly Available Information (PAI), and its related discipline Open Source Intelligence (OSINT), have long been perceived in government as less vital to national security priorities than traditional forms of espionage and classified information. And while that may have been true as recently as the turn of the century, the unprecedented access to knowledge and the democratization of technology resulting from the Fourth Industrial Revolution challenges that bias.

Indeed, one could argue that New Open Source (NOS) capabilities provided through commercially available information pose an inflection point as critical to national security as von Clausewitz’s challenge of the Napoleonic style of war. For the purposes of our discussion, we differentiate between classic Open Source (OS) and its focus on media and social media analysis and the New Open Source (NOS), which encompasses these but also harnesses digitally created data generated by global activity and the Internet of Things. 

The war in Ukraine has forever changed the world of intelligence and gray zone/hybrid warfare operations. The explosion of NOS on the scene and the speed with which it is made available challenges the very notion of “secret,” “clandestine,” or “covert.”

The vast and continually growing sources of data now mirror – albeit imperfectly – that of our national technical means (NTM) capabilities in scale and scope, and open source once viewed as nice to have, needs to now become a central pillar for how the national security community organizes. The insights gleaned by NOS are disrupting nearly every industry in every country to include national security.

Just look at the impact of NOS on the conduct of the war in Ukraine and at several media articles reporting on the dismantling of CIA asset stables in various countries. Our adversaries and other bad actors have been much faster to operationalize and commit to the transformational shifts required to master the revolution of insights now available. We see it in the effectiveness of their misinformation/disinformation campaigns, their data buys and thefts, and in their ability to respond to operational acts. The trajectory of NOS appears only to be increasing in strength and relevance. Why? Because commercial data is growing exponentially, and in today’s world, data is easier to find and harder to hide.

Did you miss today’s 10-minute briefing on the latest global events impacting US national security?  Get your daily brief with Suzanne Kelly and Brad Christian by signing up for The Cipher Brief’s Open Source Report Daily Newsletter or by listening to The Cipher Brief’s Open Source Report Podcast wherever you listen to podcasts.

We are witnessing the exponential growth of commercial data. This accelerating data curve poses opportunities and challenges to managing and responding to emerging threats. When combined with access to unlimited storage and powerful compute, this data results in gleaning insights previously reserved for those in the halls of government.

Businesses and governments are embracing commercial data to enhance their strategic advantage.  The amount of data today is overwhelming and dwarfed only by the data that is predicted to be available in five years, creating an urgency behind establishing a tradecraft around NOS. Non-government actors in the NOS space are conducting investigations and reaching conclusions which were previously reserved for government. This is an open playing field often with crowd-sourced investigations and transparent methodology that is organically creating a tradecraft around NOS. Just look at what’s happening in Ukraine.  

There is no more compelling story than that of how Ukraine and allies used NOS to expose Russian gray zone and hybrid warfare operations. Throughout Russia’s invasion, commercial satellite images have been used to inform military actions and offer updates through government social media accounts; location data from smartphones and devices is providing insight into Russian soldiers’ activities in Ukraine and the location of Ukrainians at risk; and citizen and NGO social media posts are collecting evidence of war crimes while Kiev’s social media campaigns focus on demoralizing Russian soldiers.

Commercial data, which by its unclassified nature can be shared broadly, is also being used to uncover Russian disinformation and propaganda on a global scale.

Register for The Cyber Initiatives Group Virtual Winter Summit on December 13 to stay ahead of what’s coming in cyber.  Registration is free for this master class in public-private collaboration on cyber issues.  Register today.

NOS is cost-effective and less intrusive when compared to clandestine collection methods. And while this is true, NOS is not meant to replace clandestine collection methods. Rather, it is complementary and can be used to inform clandestine collection with better risk analysis. NOS also allows for more judicious use of those clandestine methods against targets where clandestine collection alone can achieve results. Operators will benefit from better situational awareness, and analysts will have a richer evidence base on which to draw analytic conclusions.

US national security can no longer be protected with the information derived exclusively from NTM; NOS is required. Adversaries appear to be gaining information and intelligence advantages because they have been much faster to operationalize and fully commit to the transformational shifts required to master the revolution of insights now available in the digital domain of NOS.

Even commercial entities such as Bellingcat, one of the foremost of leaders in open-source investigations notes, “the promise of open-source research is that anyone – not just journalists or researchers at select institutions – can contribute to investigations that uncover wrongdoing and hold perpetrators of crimes and atrocities to account.” This revolution of insights is predicated on the adoption of NOS as an equal partner to classified information. After all, in today’s world, the reality is that data is easier to find and harder to hide.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Tagged with:

Related Articles