In April 2013, two homemade bombs exploded near the finish line of the Boston Marathon, killing three people and injuring 264 others. Within days, the US Federal Bureau of Investigation (FBI) released photographs and surveillance videos of two suspects. The suspects were swiftly identified and apprehended, in part through massive, global sharing of information and photos via social media sites such as Twitter and Facebook.
A few weeks later, two assailants stabbed a British Army soldier to death in southeast London. As the off-duty drummer (private) died in the street, one of the killers justified the attack to a bystander filming the scene on a mobile phone. Media outlets acquired the video footage, which sparked anti-Muslim backlash and public outrage.
Whether you praise social and mobile media for advancing public knowledge and assisting law enforcement, or you worry about the dangers of crowdsourcing a serious criminal investigation, one thing is clear: Social and mobile media have powerful public influence. In the words of one journalist, online communities represent a “technologically fortified and massively, instantaneously connected populace.”
Maximizing the potential of open-source intelligence
In the Boston Marathon case, social media was lauded for its ability to aid the government – and condemned for promoting vigilantism, misinformation and wrongfully targeting innocent parties. Boon or bane, depending on how it is used.
The London stabbing case had real immediacy for me, because I live only three hours away in South Yorkshire. In addition to my role as professor of informatics at Sheffield Hallam University, I’m the director of CENTRIC, a center of excellence for research into terrorism, intelligence and organized crime. One of our current projects – Project ATHENA – is investigating the use of social media, particularly as it is used on smart mobile devices, in crisis management.
Project ATHENA will deliver best practice guidelines and prototype software tools for law enforcement agencies, first responders and citizens to use new media more effectively for communication and situational awareness during a crisis. The intent is to add an enabling voice to social media conversations and give citizens the information and guidance they ask for. The software tools we create will help law enforcement and first responders search, aggregate, filter and present knowledge from social media to support crisis management using smart mobile devices.
Thwarting the use of social media for nefarious purposes
Another research agenda at CENTRIC is cybercrime and cyberterrorism. The latter ranges from research on online radicalization and cyber defense to softer issues such as cyber defamation For example, an American professor was the target of a mass-scale hate campaign that used the Internet as a defamation platform. Tens of thousands of emails were sent to mailing lists around the world. Hundreds of blogs with misleading information were created to influence Google search ranking, damage the professor’s reputation and attack his conference.
Now that the Internet is an essential element of the civic and commercial infrastructure, we must be able to prevent such abuses. With more than one-third of the world’s population online – some 2.6 billion people – it’s no surprise that a whole new practice of law has emerged around Internet defamation.
Analytics to support violent crime and terrorism investigations
Our Odyssey project, which focuses on gun crime in Europe, revealed that multiple, heterogeneous systems are being used across the European Union for examination of ballistic material and intelligence. There is little interoperability among these systems, which poses a major barrier for investigations. Firearms can be traded and transported across borders, and the intelligence jigsaw puzzle is not being assembled very well. A weapon could be used to kill someone in country A and then used again in countries B and C with little chance of those cases being linked based on the forensic examination alone.
With funding from the EU and 12 organizations, the Odyssey project seeks to resolve this issue by developing interoperable systems and data, as well as ontologies for semantic reasoning and data mining to bring much-needed consistency for investigating gun crimes.
Building a knowledge matrix
To anticipate, mitigate or prevent risks to public health, safety and security, it’s not enough to produce and consume information. Success in the future will require new levels of connectivity among knowledge sources and across organizations. We must reach a point where we can integrate traditional data sources with new and emerging information sources to create a global knowledge matrix.
Would Sept. 11, 2001 have been just another day if law enforcement could have connected more dots? What if we could have seen that all the hijackers on United Flight 93 had reported their passports missing and ordered duplicates? What if we could have connected that information with the fact that one enrolled in flight school in Florida and failed to change his visa from tourist to student status? How different the world would be if predictive analytics had revealed in advance what the 9/11 Commission uncovered in hindsight?
Behaviors that fall under the radar might immediately become suspicious when viewed in broader context and correlated with other relevant information, much of it generally available on the Internet and social media. New intelligence can be acquired with less intrusion and cost than traditional surveillance, and with little or no authority and approval required. Analysis of this data can lead to new discoveries, but it can also corroborate existing analysis, confirm that investigations are on the right track, and help inform investigative policy decisions.
At CENTRIC, we don’t see social media as the silver bullet. But when you combine traditional data sources such as human intelligence from covert and overt operations with open-source intelligence captured from new media, you can gain a powerful vantage point to see crimes as they are emerging – and shift the focus from investigating what happened to preventing what is about to happen.
Cyber-analytics can provide situational awareness about the security of your systems, networks and enterprise by monitoring activities, uncovering vulnerabilities, threats and patterns, integrating disparate data and predicting future threats and attacks. Read Cyber-Analytics for Network Situational Awareness