Accessing the dark web safely is key to using open source intelligence

When it comes to open source intelligence, most experts believe the intelligence community remains in the early stages of embracing it as a discipline.

While the use of open source intelligence isn’t new, intelligence officials have been working for more than a year to standardize OSINT efforts. Former officials last year established a new “OSINT Foundation” to advocate for a greater focus on OSINT, including through professionalization and training.

OSINT is generally defined as unclassified information, often publicly or commercially available, like social media feeds or cell phone data.

For analysts to gain the full picture of what’s going on across a sector or an area of the world, agencies need to look at the Dark Web.

“We want to be able to enable the US government to get onto the dark web to accomplish agency mission objectives that would be better facilitated through the dark web,” said Jim Schrant, director of strategy and growth, Operations Support and Services at CACI, on the discussion about exploiting the dark web to gain information advantage. “Some of the barriers for the government is technology and being able to access it, having the appropriate level of training and understanding so that once you’re on it, you’re able to operate effectively. It may be to derive intelligence for intelligence objectives, derive evidence for law enforcement objectives, then understanding how to synthesize that entire workflow and process to achieve those governmental objectives.”

Cory Everington, director of Bluestone Analytics, a CACI company, said the dark web is the part of the internet that’s not visible to search engines and not accessible using a standard browser technology. It requires the use of specialized technology to access that part of the Internet. The dark web browsers include Tor, Freenet and ZeroNet.

“In reality, it’s also not a nefarious place, just by default. It was actually funded with a majority of funding by the US government and designed as a safe space for individuals to be able to access outside communication, to access outside information without fear of censorship,” she said. “However, just like any other technology, it has many nefarious purposes. What we see is that a number of threat actors take advantage of the anonymity that the environment provides to use it for illicit activities.”

The risks of the dark web range from sites infected with malware or other cyber threats to photos of disturbing images.

Training of employees is key

The dangers of the dark web means agencies need to train employees on how to use it and protect their potential exposure to disturbing images and information.

Everington said because there are a lot of risks associated with accessing the dark web, employees tend to have a deep learning curve for how to safely use it.

There are tools that provide organizations a safe and secure way to use the dark web without exposing your systems or data.

“The dark web is very much part of what that OSINT space looks like. And through information advantage, which for us we define as really the ability to collect, synthesize and unify open source information into a cohesive package of information to help the government make better decisions, ultimately to drive mission and objectives, there’s a lot of barriers to entry, especially in something as technologically sophisticated and intimidating as a dark net from both a policy standpoint and from just a technical access standpoint,” Schrant said. “Success is really going to be driven through a couple key components. First is obviously the technical ability to go on and do OSINT investigations or utilize OSINT information to help drive those objectives. Second is on very specific technologies, such as the dark web, and the ability to have the proper tools to be able to access and to conduct what that government mission is on those specific technologies.”

He added that without knowing how best to use the technology limits the success of technology itself.

“The training component becomes a critical step to make sure that those government investigators, those government analysts, are able to understand not only how to drive the technologies, but what the left and right limits are so that they can operate safely for their own purposes, for the agency’s purposes, and then for mission success,” Schrant said. “You really must be able to do everything in a very unified and sound manner. So part of this policy unification and then for us at CACI is the ability to unify those capabilities, those authorities and that training into one bundle package. To achieve information advantage is critical to government success.”

Understanding your risk calculus

Schrant said agencies want to use open source intelligence in their missions and realize the risks are considerable. He said they are trying to strike the right balance to take advantage of the information while not exposing their networks or people.

“That risk calculus, whether it be understanding what the technical risks are, understanding what the policy and legal risks are, or simply the risks of exposure to really offensive images to the analyst within an agency, is really important for every agency to weigh and consider,” he said. “We’ve really come to unify and mitigate those risks for the government by enabling the appropriate technology to get the government on safely, and make sure that they’re able to operate in an anonymous environment where those agency risks in terms of those prying eyes from those technical threats aren’t going to come back to trace it back. Additionally, the ability to really exploit all the material that’s out there in a sensitive manner includes the ability to blur images, do things to really protect the workforce.”

Everington said agencies must ensure there are mental health safeguards built into the entire process of using open source intelligence for the workforce.

The training of the workforce becomes more important as more and more agencies are using open source intelligence especially to stop things like the trafficking of fentanyl.

“It really represents what that entire threat structure to the US government looks like. You have a range from Chinese chemical companies that are openly selling pure fentanyl. They’re selling the precursor chemicals to produce fentanyl, and then the elements such as pill presses to stamp out those counterfeit fentanyl pills all on the dark web. Who’s that customer? That customer, most oftentimes ends up being Mexican cartels that want to conduct their business in an anonymous environment. So that becomes a ready point of both information exchange and the ability to conduct these transactions to these key components to fentanyl,” Schrant said. “We also see American citizens directly going on the dark web to acquire these pure fentanyl, fentanyl components or pill presses and etc. To help really drive that in, we’re in an environment where we’re likely to exceed 120,000 fatal overdoses in 2023. That becomes a very clear national security threat that is actively operating in an hourly basis on the dark web.”

Listen to the full show: 

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.