arno reuser

Defence Intelligence and Security Service


"...Using this public source openly

"...Using this public source openly

and without resorting to illegal

and without resorting to illegal

means, it is possible to gather at

means, it is possible to gather at

least 80% of information about the

least 80% of information about the

enemy...”enemy...”

Al Qa'ida : Defense studies in the Jihadagainst the tyrants, p.75

Sharing information Sharing information from a Dutch perspectivefrom a Dutch perspective

Arno H.P. ReuserArno H.P. Reuser ([email protected] [email protected])([email protected] [email protected])

Old world : information is power, guard it safelyOld world : information is power, guard it safelyNew world : information is enlightment, share it freelyNew world : information is enlightment, share it freely


Arno H.P. Reuser [email protected]

3

Historical perspective

13th century: • English monks compile a central catalogue

15th century: • Johannes Gutenberg 'invents' printing• growth of book presses in the Low Countries• censorship by authorities

16th century: bibliographies• National bibliographies• Of books to come / in print• Of books that never came• Index Librorum Prohibitorum (1515-1966)

16th century: • Konrad Gessner (last Universal Scientist)• 1545: Bibliotheca Universalis sive Cat…



4

Historical perspective 2

17th - 18th century• Books > journals > reports > documentation

19th century: • national libraries

20th century: • commercial online services • Internet

Today:• home pages• portals• blogs• RSS syndicated news feeds

Bodleian library, Oxford, U.K.



5

Have people forgotten about what's already there?Have people forgotten about what's already there?

• Commercial vendorsCommercial vendors Dialog, EINS, Factiva, Lexis-NexisDialog, EINS, Factiva, Lexis-Nexis

• Databases Databases : : EIU, NTIS, DTIC, Medline, Chemical AbstractsEIU, NTIS, DTIC, Medline, Chemical Abstracts

• Public recordsPublic records• VerticalsVerticals: :

BBC Monitoring, OSC, Oxford BBC Monitoring, OSC, Oxford Analytica, Periscope, Jane'sAnalytica, Periscope, Jane's

• National librariesNational libraries and systems and systems Union catalogues, national bibliographiesUnion catalogues, national bibliographies

• IndexesIndexes: : Patent indexes, citation indexesPatent indexes, citation indexes

An example of OSINT 'analysis'An example of OSINT 'analysis'



6

Example analysis

OSINT as starting point of analysis:How to find out if Iran is producing chemical weapons: use results from one source as input for the next source:

1) 1) Which types/kinds/names of pesticides are there?Which types/kinds/names of pesticides are there?(source: Beilstein facts, Derwent chemistry resource, Gardner's)(source: Beilstein facts, Derwent chemistry resource, Gardner's)

2) 2) How much of these materials were exported to Iran? How much of these materials were exported to Iran? (source: Piers Import & Export)(source: Piers Import & Export)

3) 3) How much farming land does Iran have?How much farming land does Iran have? ((source: CIA World Fact Book, LOC country profiles, EIU, etc.)source: CIA World Fact Book, LOC country profiles, EIU, etc.)

4) 4) On average, how much pesticide is needed per hectare On average, how much pesticide is needed per hectare arable land.arable land.

(source: 'pesticide usage statistics' (source: 'pesticide usage statistics' http://pusstats.csl.gov.ukhttp://pusstats.csl.gov.uk))

5) 5) Answer: 2 - ( 4 * 3 )Answer: 2 - ( 4 * 3 )



7

Terror in The Netherlands

Other ‘incidents’:Other ‘incidents’:

• ““Hofstadgroep”Hofstadgroep”• Abu Khaled (spiritual leader)Abu Khaled (spiritual leader)• Samir Azzouz (schiphol, nuclear reactor, Ministry of Defence)Samir Azzouz (schiphol, nuclear reactor, Ministry of Defence)• Mohammed Bouyeri (murder Theo van Gogh), life sentenceMohammed Bouyeri (murder Theo van Gogh), life sentence

Politically motivated murders:Politically motivated murders:• Prince William of OrangePrince William of Orange (10 july 1584)(10 july 1584)

• Pim Fortuyn Pim Fortuyn (politician)(politician) (6 may 2002)(6 may 2002)

• Theo van GoghTheo van Gogh (filmdirector) (filmdirector) (2 november 2004)(2 november 2004)



8

Intell services in The Netherlands

NCTbNCTbNationaal Coordinator Terrorisme bestrijdingNationaal Coordinator Terrorisme bestrijdingNational Coordinator for CounterterrorismNational Coordinator for Counterterrorism

MIVDMIVDMilitaire Inlichtingen en VeiligheidsdienstMilitaire Inlichtingen en VeiligheidsdienstDefense Intelligence and Security ServiceDefense Intelligence and Security Service

AIVDAIVDAlgemene Inlichtingen en VeiligheidsdienstAlgemene Inlichtingen en VeiligheidsdienstGeneral Intelligence and Security ServiceGeneral Intelligence and Security Service

KLPDKLPDKorps Landelijke PolitiedienstenKorps Landelijke PolitiedienstenNational Police Services AgencyNational Police Services Agency



9

Information sharing examples

Defense intelligence & Security Service (DISS)Defense intelligence & Security Service (DISS)• Book about the activitiesBook about the activities• Bimonthly journal "Ingelicht" (= informed)Bimonthly journal "Ingelicht" (= informed)• Brochures, leafletsBrochures, leaflets• Law on intelLaw on intel• Two annual reports: one open source, one classifiedTwo annual reports: one open source, one classified• Works in teams instead of departmentsWorks in teams instead of departments

With the General Intelligence & Security With the General Intelligence & Security Service (GISS)Service (GISS)

• Formal agreement on cooperationFormal agreement on cooperation• CT infoboxCT infobox• OSINT OSINTOSINT OSINT

With NCTbWith NCTb• Formal agreement on cooperationFormal agreement on cooperation



10

With the Benelux• Memorandum of Understanding • Cooperate and share on OSINT, IMINT, Training

With Europe• Tampere Summit, October 1999

formal decision to increase judicial cooperation between Member States in order to fight crime, including terrorism

• Plan of Action (21 september 2001)defines terrorist offences, approximates the level of santions between

Member States. • Declaration of Solidarity 25 march 2004.

a terrorist attack against one state is considered an attack against all.the nation under attack is entitles to all manner of

military and other assistance.



11

Appointment of 'Mister Terrorism'• Gijs de Vries, 25 march 2004• to coordinate EU action on terrorism

European arrest warrant • agreed june 2002, in to force 1 jan 2004 to replace

present extradition procedures for serious crimes

European Intelligence Service• Ideas to boost intelligence sharing• Austria Belgium asking for a European CIA• France and UK reluctant to share with 25 Member States• Fr suggests deeper intel sharing between 5 larger

Member States (UK, FR, IT, Ge, Sp)



12

An Open Source Agency?

Who should be leading:

Current intelligence services? • Fusion• Partnership• New intel service for OSINT only

Comercial online services? • Dialog, Lexis-Nexis, Factiva etc.

Do-it-yourself?• Just give all analysts access to the Internet and Google, no need for an OSA,

problem solved. • People want their own information services on the desktop.

"…everything is free, everything is on "…everything is free, everything is on the Internet, and everything is full-text"the Internet, and everything is full-text"

"…If it is listed on Google, then some "…If it is listed on Google, then some has checked it out already" has checked it out already"

(Information World Review, oct 2005)(Information World Review, oct 2005)



13

1 - Internet is NOT: international1 - Internet is NOT: international

interNOT



14

0 500.000 1.000.000 1.500.000 2.000.000 2.500.000 3.000.000 3.500.000 4.000.000 4.500.000 5.000.000

print

film

magnetic

optical

telephone

radio

TV

Internet

surface Web

deep web

email

instant messaging

P2P file sharing

lower 327 74.202 3.416.230 51 3.488 39.841

upper 1.634 420.254 4.999.230 103 3.488 68.955 532.897 167 91.850 440.606 274 0

print film magnetic optical telephone radio TV Internet surface Web deep web email instant messaging

P2P file sharing

Print : books, newspapers, office docs., journals, newslettersfilm : photographs, cinema, TV films, TV series, X-rays, videomagnetic : videotape, audiotape,digital tape, miniDV, floppy disc, Zipoptical : audio CD, CDROM,DVD

InterNET is NOT

How much information 2003?Peter Lyman, Hal R. VarianUniversity of California at Berkeley, 27 Octobre 2003http://www.sims.berkeley.edu/research/projects/how-much-info-2003

Email is much Email is much more important more important

than W3than W3

Books are off Books are off

1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large



15

1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large3 - Internet is NOT: equal to vendors3 - Internet is NOT: equal to vendors

Does size matter?Does size matter?GoogleGoogle - 8 bn- 8 bnYahooYahoo - 4 bn- 4 bnLexis-NexisLexis-Nexis - 4.3 bn- 4.3 bnFactivaFactiva - 275 mn / 3mn monthly grow- 275 mn / 3mn monthly growDialogDialog - ?- ?

Not to mention things like: search language, structured searching, supportNot to mention things like: search language, structured searching, support



16

1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large3 - Internet is NOT: equal to vendors3 - Internet is NOT: equal to vendors4 - Internet is NOT: easy to use4 - Internet is NOT: easy to use

A typical Google query:

intitle:(india|new delhi) intitle:pakistan filetype:pdf -inurl:.com -sport



17

Http://missingpieces.dogpile.com1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large3 - Internet is NOT: equal to vendors3 - Internet is NOT: equal to vendors4 - Internet is NOT: easy to use4 - Internet is NOT: easy to use5 - Internet is NOT: just Google5 - Internet is NOT: just Google



18

Manipulation

1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large3 - Internet is NOT: equal to vendors3 - Internet is NOT: equal to vendors4 - Internet is NOT: easy to use4 - Internet is NOT: easy to use5 - Internet is NOT: just Google5 - Internet is NOT: just Google6 - Internet is NOT: free of manipulation6 - Internet is NOT: free of manipulation

1 - Internet is NOT: international1 - Internet is NOT: international2 - Internet is NOT: gigantic large2 - Internet is NOT: gigantic large3 - Internet is NOT: equal to vendors3 - Internet is NOT: equal to vendors4 - Internet is NOT: easy to use4 - Internet is NOT: easy to use5 - Internet is NOT: just Google5 - Internet is NOT: just Google6 - Internet is NOT: free of manipulation6 - Internet is NOT: free of manipulation



19

An independent Open Source Agency

Tasking an independent Open Source Agency:

• TrainingEducation of OSINT experts

• ToolsDevelopment of dedicated easy to use tools for info exploration/exploitation

• Discussion forumClassified forum for info exchange, info sharing, question answering, networking.

• Research / coordinatingInto indexing information, application of meta data, taxonomies, retrieval

engines, concept searching, clustering technologies.• Resource discovery

Regular publicing reviews on (new) sources• Contracts.

Sources intermediairy



20

OSINT experts

Searching in Dialog Searching in Dialog

? b 390,399? b 390,399 (1)(1)? s pesticides/na? s pesticides/na (2)(2)? map sy t s1? map sy t s1 (3)(3)? save temp? save temp (4)(4)? b 571? b 571 (5)(5)? exs? exs (6)(6)? sort s1/all/cn,lb,co? sort s1/all/cn,lb,co (7)(7)? report s2/all/cn,lb,co? report s2/all/cn,lb,co (8)(8)



21

OSINT experts

DIALOG(R)File 571 :Piers Exports(US Ports) (c) 2005 Commonwealth Bus. Media All rts. reserv.Country ofNon-U.S. Weight DatePort (Pounds) U.S.-based Company Shipped---------- -------- ----------------------------- ------- ARGENT 5,388 BAYER 031214ARGENT 7,771 NA 041226ARGENT 8,049 E I DUPONT DE NEMOURS 040527ARGENT 8,049 E I DUPONT DE NEMOURS 040527ARGENT 9,720 BAYER 040718ARGENT 11,661 NA 050407ARGENT 15,878 NA 041126ARGENT 17,641 NA 041111ARGENT 17,642 NA 050506ARGENT 17,648 BAYER 040509ARGENT 20,873 NA 050216ARGENT 31,178 BAYER 031214ARGENT 31,755 NA 041211ARGENT 31,812 KEY INTL SHPG 040526ARGENT 33,690 KEY INTL SHPG 050409ARGENT 34,593 KEY INTL SHPG 050109



22

Indexing information



23

People have different viewpoints on subjects People have different viewpoints on subjects making it hard to find a universal arrangement making it hard to find a universal arrangement principle or keywords by which to order data or principle or keywords by which to order data or books or digital information. books or digital information.

Books on rabbits. What is the correct Books on rabbits. What is the correct heading/keyword? heading/keyword?

Indexing information

A farmer A farmer will look under will look under VV for for VerminVerminA girlA girl will look under will look under PP for Petsfor Pets

A butcherA butcher will look under will look under MM for Meat productsfor Meat products

A researcherA researcher will look under will look under LL for Laboratory animalfor Laboratory animal

A fashion designer will look underA fashion designer will look under FF for Furfor Fur



24

Tools

Volume in drive D is Data Volume Serial Number is C0C2-4AE6

Directory of D:\osint\OsintDat\persbureaus\foreign broadcast information service\compleet\_recent\2006\01\11

12-01-2006 18:12 <DIR> .12-01-2006 18:12 <DIR> ..11-01-2006 12:06 5.835 AFP20060111011001-v1.html11-01-2006 09:43 4.823 AFP20060111516001-v1.html11-01-2006 12:06 13.365 AFP20060111516002-v1.html11-01-2006 13:53 10.675 AFP20060111516003-v1.html11-01-2006 13:53 9.984 AFP20060111521001-v1.html11-01-2006 13:53 6.598 AFP20060111525001-v1.html11-01-2006 12:06 5.127 AFP20060111528002-v1.html11-01-2006 09:43 4.140 AFP20060111601001-v1.html11-01-2006 09:43 3.959 AFP20060111601002-v1.html11-01-2006 09:43 4.053 AFP20060111601003-v1.html11-01-2006 13:53 7.091 AFP20060111606001-v1.html11-01-2006 13:53 4.423 AFP20060111606002-v1.html11-01-2006 13:53 4.621 AFP20060111606003-v1.html11-01-2006 12:06 5.266 AFP20060111609001-v1.html11-01-2006 13:53 4.090 AFP20060111610001-v1.html

C:\Program Files\Mozilla Firefox\firefox.exe



25



26

27

Meta data

<META NAME = "DC.Coverage.Region" CONTENT = "Africa" ><META NAME = "DC.Coverage.SubRegion" CONTENT = "West Africa" ><META NAME = "DC.Coverage.Country" CONTENT = "Benin" ><META NAME = "DC.Subject" CONTENT = "DOMESTIC POLITICAL" ><META NAME = "DC.Subject" CONTENT = "LEADER" ><META NAME = "DC.Title" CONTENT = "Benin: Resignation of Defense Minister Reported" ><META NAME = "DC.Source" CONTENT = "Cotonou Le Matinal (Internet version-WWW)" ><META NAME = "DC.Description" CONTENT = "Beninese defence minister said quits over row with president Text of report by Abdouramane Toure entitled "For major contradictions: Osho resigns from the government" published by Beninese newspaper Le Matinal website on 11 January Nothing is going on well between President Mathieu ><META NAME = "DC.Publisher" CONTENT = "FBIS PIOS" ><META NAME = "DC.Format" CONTENT = "text/html" ><META NAME = "DC.Date" SCHEME = "WTN8601" CONTENT = "2006-01-11T07:54" ><META NAME = "XDC.OrgFileName" CONTENT = "AFP20060111011001_000123_a.html" ><META NAME = "DC.Date.Modified" SCHEME = "WTN8601" CONTENT = "2006-01-11T12:06:35" ><! -- ***************** end of DC Meta Data block ***************** --> <TITLE>Benin: Resignation of Defense Minister Reported</TITLE>



28

Meta data Meta data Meta data Meta data

Meta data

Problem (or challenge?)

• Each information service provider uses its own scheme• Need different query for each provider

Information service

Information service

Information service

Information service

query query query query

Dublin Core meta data




One query for all



29

Done!

Remarks? Comments? Questions? Additions?



30

x



31

counter

Dutch Data Protection Authority • "…supervises the fair and lawful use and security of your personal data to ensure

your privacy today and in the future"

Personal Data Protection Act • "Wet bescherming persoonsgegevens"

International campaign againt mass surveillance (ICAMS)

Political parties• D'66 (left-wing democrats)• "High quality intelligence are the most effective method against terrorism"• "When in doubt, rather safe than sorry"



32

Eurojust• established in 2002 • stimulates and improves the co-ordination of investigations

and prosecutions• improves co-operation by facilitating the execution of

international mutual legal assistance and the implementation of extradition requests.

Europol • European Union law enforcement organisation• handles criminal intelligence;• to assist the law enforcement authorities of Member States

in their fight against serious forms of organised crime

arno reuser

Documents