The application of OSINT in the counter-terrorist role

Media Thumbnail
  • 0.5
  • 1
  • 1.25
  • 1.5
  • 1.75
  • 2
This is a podcast episode titled, The application of OSINT in the counter-terrorist role. The summary for this episode is: <p>In this episode of the World of Intelligence podcast, we speak to Don Rassler, Director of Strategic Initiatives at the Combating Terrorism Center at the U.S. Military Academy at West Point. The conversation in this episode is focused on the utility and application of OSINT in the counter-terrorism arena.</p>

Speaker 1: Welcome to The World of Intelligence, a podcast for you to discover the latest analysis of global military and security trends within the open- source defense intelligence community. Now onto the episode with your host, Harry Kemsley.

Harry Kemsley: Hello and welcome to this edition of the Janes World Intelligence Podcast. I'm Harry Kemsley and as usual, my co- conspirator on this podcast, Sean Corbett. Hello, Sean.

Sean Corbett: Hi Harry. Hi Don.

Harry Kemsley: Good to see you, Sean. Thanks for joining as always. I'm also very pleased to introduce our esteemed guest today, Mr. Don Rassler. Hello Don.

Don Rassler: Hello.

Harry Kemsley: Thanks for joining. For those that don't know Don, Don Rassler is the Assistant Professor in the Department of Social Science and Director of Strategic Initiatives at the Combating Terrorism Center, CTC at the US Military Academy, West Point. His research interests are focused on how terrorist groups innovate and use technology, counter- terrorism performance and the evolution of counter- terrorism practices and strategy and understanding the changing dynamics of militancy in Asia. Don has conducted counter- terrorism focused assessments for headquarter staffs and advised operational units in overseas environments. He's the co- author of Fountainhead of Jihad: The Haqqani Nexus, 1973- 2012. A book released by Oxford University Press in 2013 and sits on the editorial board of the Combating Terrorism Center, CTC Sentinel. His work has been cited by New York Times, Washington Post, CNN, Foreign Policy, Los Angeles Times and numerous other outlets, including today, Janes. Welcome Don. Thanks for joining.

Don Rassler: Thank you. My pleasure.

Harry Kemsley: So for those of you who've heard recent podcasts, you'll know that Sean and I have been very keen to move from last year, where we spoke about a number of things to do with the power and potential of open- source intelligence, OSINT, into this year, now starting to relay that potential into the real world arena of modern day challenges that we face. Don, given your expertise and background, you'll be not surprised to learn that today, the aim today is to illuminate how the open- source intelligence environment has started to really make a difference in the counter- terrorism arena, which you know so much about. So I'm going to spend a little bit of time looking at some broad lessons about what open- source intelligence is and what it means to counter- terrorism work. And we have of course, 30 plus years of recent experience of working in the counter- terrorism environment. But of course, in the current context, we also have a reemergence of what could be described potentially, state- on- state sort of heavy metal war fighting again. But nonetheless, we still have enduring counter- terrorism challenges as well. So today, we're going to be looking at that topic of the utility of open- source intelligence in the counter- terrorism arena. Now to get us started Don, what I was going to ask you to do first, is just take us on a journey from your experience, of what it is counter- terrorism has needed and how open- source intelligence has supported that from your experience. And then Sean, we'll dig together a bit further down into that over the next few minutes. So Don, could you get us started then on that opening question, of open- source intelligence, it's utility in the counter- terrorism arena?

Don Rassler: Sure. It's a great question to start with. And then with my time at the Combating Terrorism Center and the research that I've done, it's been interesting to see how the landscape of open- source research has evolved during my time at CTC. And one metric of that, is to look at that through the lens of unique sources of data. So one of the things we've always done at CTC, is leveraged primary sources, you know, material produced by terrorist groups, insurgence, militants. Oftentimes, it's scooped up during the course of operations. And so, our center has a history of looking at that data and after it's been exploited for tactical operational value and aggregating those collections of data and looking at them through a strategic perspective. And so, it would be unique 20 years ago, to pick up hard copy files, maybe one thumb drive with megabytes of data in 2001. You fast forward then to the mid 2000s and if an operation would recover a gigabyte, that would be considered a lot of data. And now we fast forward to the current time or at least several years ago and you're talking about terabytes of data being recovered, sometimes during individual operations. And so, this is material that's been scooped up, produced by militant groups. And then if you combine that data with all of the publicly available information that's available online and the flow and amount and richness of that data coming from a lot of different sources, there's a lot of information and there's a lot of open- source information. And so, this presents unique challenges for the counter- terrorism community. And as look back in the rear view on the past 30 years, I think one of the most interesting things is, there have been a number of radical transformations in how the counter- terrorism community has been able to process, analyze and leverage data, all sorts of data to include open- source data or material that's been collected on the battlefield. And those transformations have led to the development of counter- terrorism or counter- terrorism capabilities. And we today, have exquisite capabilities in that regard, tied to the exploitation and processing analysis of data. And so, I think that when I look back on a key lesson learned over the last 30 years, that's one key piece that stands out. In our current moment, when I think about lessons learned and the evolution of the threat and data, one of the challenges that we have is that, today, threat environment is more complex ideologically, organizationally, geographically, than it was on 9/ 11 or even before 9/ 11. And so, as we look forward at data and how we process and think about data, is going to be key to our ability to manage those challenges and the complicated environment that we're in. I would also say that, when we look back on the last 30 years of counter- terrorism, I think there's a lot of lesson learned. Data and particularly open- source data can be useful to help us monitor the evolution of the threat from a longitudinal perspective. So it provides that foundational context about, what is the arc of this trendline for specific group or a specific region look like, when we look back 20 years? What if we isolate it for five years? It's helpful for an analyst to say," All right, is the change that I'm seeing today, is that meaningful, is that different?" So if you're a new analyst, it might be new to you. It doesn't necessarily mean that that change in and of itself, is new or meaningful without the broader context. And so, that's where I also think open- source data can be tremendously powerful. Open- source data I also think is quite useful for counter- terrorism and to think about, we can look at our own counter- terrorism performance, evaluate it and improve. Particularly in an era of various national security priorities, from counter- terrorism to strategic competition, we need to think about and leverage all the data that we can to manage those priorities. And so, from a counter- terrorism perspective, we could look at questions like, signature approaches, decapitation approaches to counter- terrorism, of either killing or removing a leader. Have those been effective? Under what conditions have those been effective? And we can leverage open- source data combined with other data at times, to help in this moment to refine, to think about where we've been, what has worked, what hasn't worked and what the future holds. Lastly, I would just offer, that when we think about lessons learned and the evolution of counter- terrorism of terrorism data, I also think that it's also helpful to think about what other actors have learned over the last 30 years, in observing the counter- terrorism fight, the counter- terrorism wars? And I think about different actors, like Russia and China and I think about proxy warfare and proxy potential because I would imagine that if you're Russia and China, you might look on the last 30 years and say," There are ways in which terrorism has been useful to their strategic objectives, as a strategic distraction for the United States, the United Kingdom, a range of different partners, to allow countries, Russia like China to make progress towards their objectives." And I would also say that, those countries, Russia and China in particular, Iran, have also had 30 years of looking at how we fight wars, how we engage in operations. And while we have more data looking at how a country like Russia might engage in war, gray zone warfare or other type types of warfare, when we have look at a country like China, we don't have as many data points. And so, that's where I think about the future of data as well related to this issue, it can help us to minimize the surprise space, whether we're talking about terrorism inaudible or when we're talking about strategic competition in countries like China and their future performance on the battlefield or use of proxies in that area.

Harry Kemsley: Don, that's fantastic. I think we've got at least three or four hours worth of material to go through there. So get another coffee, let's get ourselves comfortable. But before I get onto that, Sean, you go.

Sean Corbett: Yeah. Thanks for that. There's a huge amount there. As you said, there's a lot to cover. I'll try and distill my bits into three main points that you brought up there actually. And the first thing is, talking about lessons identify, is to butcher Sun Tzu somewhat, know your enemy. And I think particularly in the military, in the past, we really are guilty of putting adversaries, particularly the counter- terrorism adversity and see it through our own eyes, like the Western lens. But if you start looking at the academia and actually start looking at some of the doctrine that they follow, then you start to see actually what might seem logic to us, is not logic to them. And so, you've got to really understand the enemy, before you start having an effect on them. I think secondly, you mentioned it very well, if you look at the ISIL example, the amount of documentation that was there when Mosul was retaken. And that's not surprising, seeing as they tried to run themselves like a state but that information is invaluable in understanding, not just the philosophy but also the processes and how they actually try to run a state. So banking that and making sure we understand, which brings onto the third point, which is the counter- terrorist piece. Again, I think in the military, we're slightly guilty of going," Right. Let's look at it from a nodal analysis. Let's take out the top guy and the rest will fall." Well of course, it's not like that. But having that understanding of cause and effect and of course, open- source can do that very well because you always get the resonance and the atmospherics about what's happened. So it will help us understand, instead of quite grassly, mowing the grass. Okay, what are the causes? What are the underlying reasons? And therefore, how do we take on that particular challenge in a more strategic and effective and therefore, efficient way?

Harry Kemsley: Yeah. I think for me, Don, what you did was, without realizing it probably, is you sort of canted through a series of topics and key nuggets that are coming out from our previous podcast. You talked about, for example, the volumes of data, particularly I like the perspective you gave in that, we collect data from our adversaries when we them. And previously it was megabytes, now it's terabytes. That tells you a great deal about how important OSINT is to our adversaries. That's again, a really, really important point you made about the volume, just the sheer volume demands that we get better at dealing with it. And technology has started to enable to unlock it and get into the world of open- source information because the volume is there but also the complexity is there. As you said, counterterrorism is a complex thing to do but when your adversary's becoming increasingly diverse, diffuse and complex, then it becomes even more important, you know how to do it. And technology again, is enabling us to unlock it. I think of the things you said there, the bit that's really stuck out for me, which we will probably come back to, is the context. For example, you talked about being able to identify the arc of evolution and then seeing whether something is actually radical, novel, worthy of note or whether actually, this is just part of the norm? It's the pattern development of any organization. But equally, the second thing I really wanted just to pick up on a little bit further, is this idea that other states will learn about counter- terrorism by allied states, by what they see, perceive here, think of what they see. And that they will have done so for 30 years, gives them probably pretty good understandings of how allied powers like to contend with terrorism in a counter- terrorism environment. And as you say, there's almost certainly spill over there into war by other means, into the gray war that we are all currently thinking about, although that's not for today. So a really, really good intro. What I'm going to do though, is I'm going to start to drive us down a little bit deeper into some of those topics. I'm going to ask you to talk to us a bit about some tangible examples of where, in your counter- terrorism expertise, you've seen OSINT specifically step forward. As you do so, just to warn you, I'm going to list an account for some of those things you said in your introduction though because I think there's some really good things there, particularly this identifying the pattern of normality, the arc of evolution. I think that's a really interesting observation, which probably could only come from a broad base of intelligence, like open- source or publicly available. And then again, this insight piece that we might get from watching each other in this war space. So the question to get to it then, for the second part of this now is, are there any tangible examples of where we've seen open- source information, open- source intelligence, really drive counter- terrorism development? Don,

Don Rassler: I think there's a number of different examples that we could point to. On the context piece, one area that I would point to is just, looking at terrorism incident data, the utility of threat metrics and the potential of that data. And so, one of the ways that I think about OSINT and its utility to counter- terrorism, is that foundational pillar or foundational backbone, if you will, of providing that context, which could be combined with other ince. Often, those other ince, forms of intelligence can be more granular or have more specific information. And so, when combined with OSINT, I think that that can be quite powerful. And I think over time, it's been useful and the intelligence or defense communities have recognized and increasing recognized more so, the value of OSINT. I would point to a project I recently were on as an example of this and the value of incident data. Our team at CTC was asked to look at counter- terrorism in the Philippines. And there's a lot of different reasons for that. One, because in 2017 with Marawi and the ISIS threat there, the takeover of a fairly large city in the Southern Philippines of Mindanao, that lasted for five months, was a big deal. And the US Department of Defense has provided counter- terrorism assistance to the armed forces of the Philippines for nearly 20 decades as a formal partnership. So in looking at the issue of counter- terrorism in the Philippines, we leveraged baseline incident data, about that broad arc again of saying," How do we look at what this threat environment looks like?" One of the things we often see, the intelligence community is very preoccupied with near- term threats, as they should be and that's completely understandable. And that's in many ways, is the world that they live in. And part of our value as an organization is that, we sit on the Hudson River at West Point. We have the luxury, space and time to pull back from issues and problems. And we're not worried about thinking about, is there going to be an ID on this road, that's going to blow up for our team? And so, we stitch together attack information, data about arrest to provide that broad mark to say," Is the problem today in the Philippines, from a terrorism perspective, worse than it was the previous decade?" And what we found was that, yes, it is. Even setting aside issues like Marawi. And then we can leverage that data in a foundational way and match it with metrics and data about counter- terrorism. For example, the targeted strikes from Philippine precision strike aircraft, match that with counter- terrorism data and see what it tells us about counter- terrorism performance. Another example that I would use to talk about the value of OSINT in a practical way, is to think about the nexus between terrorism and strategic competition.

Harry Kemsley: And Don, if I may and hate to interrupt people but I feel compelled to, so I apologize.

Don Rassler: Yes. Do it.

Harry Kemsley: I'm curious, in terms of that incident data you collected, is that open- source or did you get that from the DOD? Was that something that you were able to get by public available means or was that DOD sourced incident data?

Don Rassler: Yeah. So you go to Google and you punch in global terrorism database and then that's going to give you terrorism incident data going back to 1970s. And that's going to give you that backbone. And so, there's other sources like that. There's resources like ACLED, there's the ITERATE database, other incident data sources that are out there, each of which have their strengths and weaknesses. But you pick which is most suitable for your approach and what question you're trying to answer. So there's a variety of resources that are available.

Harry Kemsley: Okay. All right. Thank you. I apologize for interrupting. That was key for me. Janes does an awful lot of work in that space and I'm just curious to know how much of that was useful. Sean, you had something you wanted to say >?

Sean Corbett: Yeah. Just looking at the database of incidents. For me, the real value or one of the very big values of that, is what I know as indicators and warnings. If you look about what's happening in the world right now, clearly there are some big strategic state- on- state issues we need to look at. And of course, we're not necessary therefore, as focused in some of the ungoverned spaces. But just by monitoring what is being shared on social media and reported, whether that's Twitter or all sorts of things, you can start to see the numbers of instance and where they are happening. Now, when the military or governments don't have their eyes and ears on something as much because they're looking at other things, that gives a great example of, we should concentrate on this. A couple of examples, Libya post Gaddafi, it was almost certainly social media and locals that were starting to flag up the fact that they were seeing black flags over certain parts of certain other places like that. Which then gave us the indicator's warnings of where to look. If you look more recently, the resurgence of advance extremists, Boko Haram, AQIM, et cetera in Northern Nigeria, instance are going up. How much of that is banditry, how much of that is terrorism, isn't the point but we are seeing an increase in incidents in certain geographical areas, where we might not have been looking. So I think that's a really important application of this for the CT world.

Harry Kemsley: Yeah. Thanks Sean. Don, I did cut you off, just as you're about to go into terrorism and strategic competition, I think. So let me release again and get you back to that point.

Don Rassler: Sounds good. Yeah. So I think, we talked about in the initial part of this conversation, about what different categories of actors are learning or what we can leverage data to learn about terrorism or counter- terrorism or other actors, Russia and China, Iran are learning or have learned from our activity. And so, I think there's also a lot of opportunity when we think about terrorism and counter- terrorism and how it nest or integrates with strategic competition, interstate competition between states, is to look at how something like counter- terrorism has evolved and is evolving as a form of influence. And so, I think this is an interesting area because say if you are China, for example or Russia and you look at allied activity over the last 30 years with respect to counter- terrorism, you can see how counter- terrorism, many of our partners want counter- terrorism. They're interested in counter- terrorism, they have terrorism problems. And so, counter- terrorism can be used as a way for countries, obviously to mitigate threats, which is a core thing for them to do. But counter- terrorism can also be utilized and be a tool to help countries to expand their influence and achieve other strategic objectives related to things, like access and placement. And so, I think that as we look forward, I think it's going to be interesting to see how counter- terrorism nest as a potential and it appears, increasing form or arena of interstate competition and influence between states. Because I think that one of the lessons learned over the last 20 years is that, counter- terrorism can be a useful tool, beyond threat mitigation in the geo strategic competition arena. And this is an issue that we're looking at at CTC. You could look at it through the lens of what Russia is doing in places like Africa or maybe what China is doing in Tajikistan or other countries. There's obviously threat mitigation concerns but also other objectives in terms of influence. And so, that's where you could look at things like security cooperation data. The number of visits from high level or operational level Russian operatives or individuals, to different places. Match that with terrorism data, match that with economic data and provide this data layer, interconnected picture of how that arena is evolving. And the challenge is that, it's a multi- data driven arena but I think what's interesting is that, there's various pieces of data that we have, that we're not going to have a perfect window from an OSINT perspective because a lot of that activity's clandestine and wants to be hidden by governments. But there is I think, enough data there to provide a picture. Again, an imperfect picture of how that arena's evolving and it's useful from a counter- terrorism perspective because it helps in this arena of multiple priorities, to help to identify where we are competing with our strategic, competitors, Russia, China. Where we are not, where we're seeding battleground, for lack of a better term. And so, there's strategic utility of sort of combining these different OSINT data streams, obviously matched with other forms of intelligence to enrich that picture. So that would be an interesting, not necessarily a current example but crosstalk.

Harry Kemsley: Yeah. I think that has resonance for me. Sean, you think about counterinsurgency from the earlier part of back end of last century and you can't help but notice that state intervention for other means. The idea that you support insurgency to try and drive a political agenda. What you're saying Don is, that that's still a philosophy that's in play here. It's just being done from slightly different means but very much the same outcome. And as you say, add that to the economic impact of belt and road, for example, another means of supporting countries economically and indeed, health. COVID, for example, COVID support. These are all nesting to use your word, into this competitive strategic environment. Sean, did you have your hand up then?

Sean Corbett: No. No. I just agree with all of that. I was going to start talking about, when you mentioned we've been doing this a long time and this is where we go off in tangents. Is that, one of the lessons identified, is maybe we don't always learn the lessons. We got to make sure that even in the terrorist domain, we don't fight the last war. We were very good in Northern Ireland ultimately but not all terrorists are the same and they have very, very different methods of operation. And if you look right down the current battlefield and this is very OSINT orientated, the amount of UAVs that have been used. For example, again, back to the ISIL thing, where they're using current or commercial off- the- shelf equipment, where they're pretty clever in terms of how they're adapting them. But fortunately, are crashing left, right and center. Now that makes two things. A, we can then exploit them and you can out in the open but equally, what it does show is that, the terrorist is getting more and more sophisticated leveraging technology. And whether that's in the cyber domain or with real physical stuff, we've got to keep up with that. And there is definitely a role to play there for open- source intelligence and looking if nothing else, at what they have available of them online, so that they can develop their own capabilities.

Harry Kemsley: Yeah. Maybe we'll come onto the innovation piece in a second, Don but I saw you had your hand up. So go.

Don Rassler: Yeah. So Sean, you made this comment about, looking forward to the next threat and leveraging OSINT. And I'll just give you one more example, where I think OSINT data can help to enrich that picture. And so, we'll go back to the global terrorism database. And so, if you're looking... and we've learned that, say you're a country like China and you see maybe the utility of terrorism as, either a strategic distraction or something that may be valuable, even in an indirect way for their national security objectives. Think about the likelihood of state- to- state conflict, direct engagement between, maybe a country like the United States and China over a particular area, whether that's likely or not. And that how both parties might be incentivized to play in the gray zone space, so the asymmetric warfare space. And so, you think about, at least I think about issues like proxies and you say," All right, well what's the proxy landscape potential for a country like China?" To me, if I were asked to look at that question, what I would do is, to go to the GTD, the Global Terrorism Database, as a starting point. And to look and say... One of the things that the GTD codes for is, going back to the 1970s or attacks ideological stream. So groups that would fit into the communist inspired bucket, look at that map. It's not a threat area that we typically think a lot about but what does that look like? And map that out because if you're going to think about future or proxy potential or who might be the potential partners for a country like China, if they were interested in that, that would provide a base level. It's not going to tell you everything and obviously they might pursue paths that might be different from that. But I just think it would be interesting and it's an interesting case because to me, it demonstrates that, that data's there as a starting point to build off of.

Harry Kemsley: Yeah. We certainly Sean, have we not spoken about the foundational benefit of using an open- source intelligence platform to get you started, to prime the pump. And we talked about that plenty of times, Sean, you and I. Because time is going to get shorter, so I'm going to move us on. I think we probably could spend another hour on that topic. So that's four or five hours that I've got lined up for conversation. Hope the listener's got an extra cup of tea. Let's move on to innovations. I think one of the things you highlighted in the previous point there was, how we can see what the terrorist is potentially doing. I think Sean, you said a second ago about the use of unmanned air vehicles and they're crashing those. Well okay, but they're trying to use them. So what else could we learn from open- sources, that would help us start to track some of those innovations that the terrorist threat is trying to create? Don?

Don Rassler: Yeah. I think there's a lot that we can learn. And I think that a key piece of this is, looking at different types of data that can be leveraged and added to a composite picture, that would help to enrich our understanding of how phenomenon and particularly, functional threat streams like, say terrorist use of unmanned aerial systems or what people call today, small drones. How that threat stream is evolving. I recently wrote a piece for the publication law fair that looked at this issue about terrorism innovation and how we can leverage publicly available data and other sources of data, to anticipate the future directions of tech enabled terrorism. And in that piece of it, there's five points in five categories of data that in my view, would be useful to help us better understand the trajectory of those types of threats. So one category would be looking at failures. So failure laboratories of say groups like ISIS and to say," All right, well, we are clearly concerned about like the Islamic state's tech development battalion, a key innovation node that provides insight organizationally into, where the Islamic state innovated and where it didn't. Obviously we're concerned about the areas where they're innovating and operationalizing those ideas in a real way. Those are of a media concern but the broader mix of areas, where they played with an innovation but didn't necessarily pursue, it might be something that they'd come back to. So when we think about innovation, I think that's one important category to store data on, to code it and to understand, so we can map out threats. Another area I would point to, is to look at the interplay between defensive and offensive forms of innovation. So I've done a bunch of research looking at terrorist use of drones. And when I began looking into that topic in 2012, our team at the Combating Terrorism Center started to... we were looking at it through a defensive lens. So looking at how the Salafi- jihadist community of supporters online were talking about how to defeat the West strategic weapon system, so our armed drones being used against them. And they were try talking online about out how they could leverage different approaches or tools to minimize the effectiveness of that strategic tool. And by extension, they started to talk about," Well, how can we use a tool like that?" And so, you see snippets of those conversations and these things, defensive and offensive innovation often interplay in relation to each other. The third bucket is asymmetric mirror imaging. And so, we have used the West, United States, allied partners, the US in particular, has used armed drones as a key weapon and platform to degrade groups like ISIS and Al- Qaeda in various locations around the globe. So the utilities there for us shouldn't have been a surprise to say," If there's an opportunity for ISIS to develop their own creatively modified fleet of armed drones themselves, that they might want to do that for a lot of different reasons, symbolic, the operational utility." The fourth bucket would be to look at hobbyist innovation. And I think this is an area where, if you just look online, the DIY hobbyist community is a creative bunch. They're an enterprising bunch and it's really great to see the things, how they innovate and use tools. And that community is trying to innovate and use tools because they're interested and they want to see what they can do with the tools. Not engineered for harm. But then you add in a group like Al- Qaeda or the Islamic State and thinking about it through that lens and saying," Okay, there's a person in 2008, post a video on YouTube with a remote control helicopter, firing a handgun successfully, remotely." As a terrorism researcher, I look at at that and say," Oh, that's really cool but that also has an application for people who have malign intent to do harm." So that's an area where I think we could do a better job of cataloging and looking at that community and what's going on as a resource and even bringing them in the fold to help advise, to be quite honest. The last area that I think is important to look at, are just commercial product enhancements. And so, when we look and think about it through the lens of drones or small UAS, it's entirely predictable that the technology's going to evolve. They're going to fly farther, they're going to fly faster and they're going to have more capabilities than they have today. So one example that I looked at in the piece, was DJI's first- person view, FPV drone. And as a terrorism researcher, I looked at this new drone that was released by DJI. Right out of the box, flies 90 miles an hour, has different features that would be useful in some type of attack. I've also looked at drone racing in those platforms, as a key area of concern. So to me, I think figuring out different ways to look at these different data piles and how we can add structure to them and how we can look at the arc... leverage them to look at the arc of a functional threat stream, I think would be a very useful thing to do, some of which can be automated or ideally, as time evolves, hopefully most of which could be automated to help us. Why is that useful? Well, if we just look at the Islamic State case. If were to have taken that approach and looked at those different data streams, in 2014, 2015, it would not have been a surprise to us to say," Hey, ISIS has developed a fleet of drones that they're going to use in an offensive way." And when we look in the rear view, we're like," Oh, okay. Of course, it wasn't a surprise." But I think, if we can get a little bit ahead of it and leverage that data, so we can think more about countermeasures, mitigation in a proactive way, before it becomes a real problem and again, we're not always going to get it right. There are always going to be surprises but I think it helps to minimize the surprise space, which I think is really useful.

Harry Kemsley: Yeah. Again, another six or seven hours worth of work to be done there. So Sean, I will let you summarize that for a couple of minutes. By the way, Don, I'm going to book you for at least a month worth of podcast, just letting you know that in past. Sean, go ahead.

Sean Corbett: Yeah. We haven't got much time, actually. I was just going to add to that. That's more the concrete side but there's the softer side as well. We haven't even and we haven't got really time to discuss this, looked about the information campaign, which is now so important for the terrorist. And how they do manipulate media, whether that is for messaging, whether that's for implicitly or explicitly directing operations or whether it's even recruitment. I think one general point I'd make here, that we're always making and I'm always going to make is that, OSINT can provide a very important addition to and supplement in support of the exquisite collection capabilities. I don't think anybody is saying and never will say that OSINT will be able to answer everything. But particularly in this case, it can provide that really important nuance. And the understanding back to the piece that we were talking about, the context that we might not otherwise have. And I think, summarizing from my perspective anyway, that is going to get even more important, as all of the government resources get sucked into the more state- on- state big strategic issues that we have to deal with right now, we're going to have to rely more and more on open- source information intelligence. So it's just going to become more important.

Harry Kemsley: Yeah. crosstalk-

Don Rassler: That's why we have to get better at it and gain efficiencies and automate where we can.

Harry Kemsley: Particularly where we're starting to see the confluence now of, what we've previously described as a separate thing, counter- terrorism to heavy metal war fighting and all the bits in between. These are starting to blur into one another from what you've said today. And Don, just to give you fair warning, I'm going to just try and summarize my thoughts as Sean has just done. But before I do so, at the end, I'm going to ask you a question. If you had to step away from this conversation and leave the listener with one thing you wanted them to remember, about how you useful to you in counter- terrorism open- source intelligence has been, what would it be? Now, what you've done for us in the last 35, 40 minutes, has given us a wealth of things to think about. And as I've indicated going through, there's hours of conversation, just beckoning. Bits I'm going to take away from the last piece though that you just gave us, particularly around the incident data, is that foundational intelligence quality that the open- source environment can create, that helps you see past, what you call the near- term threat, which is quite rightly what we're all worried about. And also, the ability to evaluate the performance of previous counter- terrorism, how that might be shaping what you do going forward. I also liked and I've just mentioned this idea that, there is a strategic distraction potential for an adversary against a near peer or peer adversary, that might well sit very nicely, nest within, to use your word, the strategic competition that we know we're all facing in the modern world. But the bit that I'm going just to pause on, just for a second in my summary, is that composite picture that you managed to bring together there, about what you can learn and become proactive about, potentially get proactive around by the composite picture that OSINT can provide. And you used the five windows of failures, of defensive and offensive development, asymmetric mirror imaging, and no surprise, as you quite rightly said, the hobbyists. I loved the fact you could go back in 20 or 30 years worth of videos online and find all those innovations that somebody came up with for, quote, bit of fun, bit of exploration, that could actually become quite important. And then as you say, the product enhancements. I am a drone owner and I do know that the first drone I had, lasted for about four or five minutes. The one I'm currently flying is 45, 50 minutes and it will fly a long way from me, if I let it. So I know exactly what you mean by that but all of that, allowing us to take a more proactive stance by that composite picture, that's the bit I really wanted to underscore. The power of open- source intelligence is that ability to draw a composite foundational picture. So massive amounts of help and insight on that. Don, as you can see from the time we've taken, we really wanted to get into that more. So the question then Don, to finish this with, if you had the listener... demanded the listener walked away with just one thing that open- source has done for you in the counter- terrorism environment, what would that be?

Don Rassler: Context, context, context. To me, it just goes back to context. It just demonstrates, can be leveraged about, to understand how environments are evolving, how groups are evolving from a counter- terrorism perspective. It's not going to necessarily tee up your next operation. In some cases, it can and in some cases, it has. But I think the real strategic utility is the broader context and allowing us to understand how issues, groups, problems in the terrorism space are evolving. How we are evolving in a counter- terrorism way as well. How we are being effective. Where we're being successful, where we're not being effective. And leveraging those data points to understand how we move forward and hopefully, how we learn from those data points. And leverage that context, either to further degrade enemies or to get better ourselves.

Harry Kemsley: Fantastic. Don, it's been an absolute pleasure listening to you talk today. Thank you so much for your contribution, which has been immense. I have warned you three times through this conversation, that I am going to come back to you, asking you to do it at least five or six more times. So a fair warning. For me, knowing that you are at the place that you are at, at West Point, ensuring that the up and coming graduates from that fantastic school, have the kind of understanding you're bringing to it, is great comfort. But equally, the fact that we're getting a very, very clear understanding of the power of open- source, the potential, the exploitable potential of open-source, which you've given us today, which we will certainly explore again in the future. So Don, thank you so much for your time today. It has been super,

Don Rassler: Thanks for the opportunity.

Harry Kemsley: Thanks Don. Thanks, Sean.

Sean Corbett: Welcome.

Speaker 1: Thanks for joining us this week on The World of Intelligence. Make sure to visit our website, janes. com/ podcast or you can subscribe to the show on Apple podcasts, Spotify or Google Podcasts, so you'll never miss an episode.


In this episode of the World of Intelligence podcast, we speak to Don Rassler, Director of Strategic Initiatives at the Combating Terrorism Center at the U.S. Military Academy at West Point. The conversation in this episode is focused on the utility and application of OSINT in the counter-terrorism arena.

Today's Host

Guest Thumbnail

Harry Kemsley

|President of Government & National Security, Janes

Today's Guests

Guest Thumbnail

AVM (ret’d) Sean Corbett CB MBE MA, RAF

|CEO and Founder IntSight Global Limited
Guest Thumbnail

Don Rassler

|Director, Strategic Initiatives at the Combating Terrorism Center at the U.S. Military Academy at West Point