Why big data analytics holds the key to tackling the changing terror threat

Finding the answers without knowing the who, what or when to look for

By Joanne Taylor, Director of Public Security, SAS

There are fewer spectacular terrorist attacks today – fewer 9/11s. What we learned from the big ones have helped us discover several planned attacks before they happen. There’s a shift in the kind of attacks we’re seeing. So what about the lone wolfs – like Anders Behring Breiviks and the Tsarnaev brothers? How do we find a trail that leads to those unknowns?

Donald Rumsfeld’s famous comment to a US Department of Defense news briefing in 2002 comes to mind. “As we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also - unknown unknowns - the ones we don’t know we don’t know … it is the latter category that tend to be the difficult ones.”

While widely mocked, Rumsfeld’s speech perfectly captured the challenge of the time and even more accurately describes the changing threat landscape we face today. Back in the 90s – before the threat from Al-Qaeda was fully understood – the world was one of organised plots involving known groups and financing routes. Then, intelligence services were typically working with ‘known knowns.’

Known unknowns

Post 9/11, agencies started focusing on ‘known unknowns’. They concentrated on filling knowledge gaps associated with the new threat from extremism and gathering intelligence to counter that threat.

Getting that information means there must be a starting point – a known organisation or set of individuals that can act as a gateway to more intelligence. With organised threats, agencies can ask targeted questions about the organisation and its inner workings.

Success is about asking the right questions to build up intelligence and identify the known unknowns.  But today, you’re more often dealing with unknown unknowns.

Unknown unknowns

These groups may be operating independently with little or no organisation, but they still pose a very real threat. They’re elusive and low-profile, so agencies often don’t see them as high-risk. So, how do you find the trail left behind by these potential attackers from all of the data you have? The real challenge of the unknown unknown scenario is that you simply don’t know what questions to ask – or who or what to look for.

Use a big data stick

That’s where big data analytics comes in. Everyone leaves a data footprint behind – bank accounts, travel patterns, phone records and online activity. This kind of data can be your best source of intelligence. And analytics can be your most effective weapon against the unknown unknowns.

The advantage of advanced analytics is that you don’t need to know what you’re looking for. The technology can spot behaviour in the right kind of area. It can be particularly helpful when you’re looking for the lone wolf.

Advanced analytics lets you flag individuals who have disturbing behavior profiles – not just the ones who are connected to networks or groups that are already under suspicion.

Analytics gives you a place to start, which is likely to be crucial in countering the changing nature of the threats the world faces. Ultimately, it lets you unveil these unknown unknowns, ‘the difficult ones’ identified by Donald Rumsfeld more than a decade ago.

Read more about how analytics can help agencies sift the big data for the important answers.