Building Bridges with the U.S. Intelligence Community


Guest blogger Jeffrey Carr is a cyber intelligence expert, Principal of GreyLogic, columnist for Symantec’s Security Focus, and author who specializes in the investigation of cyber attacks against governments and infrastructures by State and Non-State hackers. Jeff is the Principal Investigator for Project Grey Goose, an Open Source intelligence investigation into the Russian cyber attacks on Georgia in August, 2008.

About three weeks before the start of the Russia-Georgia war last August, the Office of the Director of National Intelligence issued a directive entitled “Analytic Outreach”. In it, DNI McConnell authorized members of the 16 agencies that comprise the U.S. Intelligence Community (IC) to reach out to people outside the IC, “to explore ideas and alternate perspectives, gain new insights, generate new knowledge, or obtain new information.

As someone who writes about Intelligence and National Security matters, particularly in the area of Cyber Warfare, this Directive was pretty inspiring to me. I had long held the opinion that Web technologists and researchers had an important role to play in Government. Unfortunately, I had no way of communicating that vision to anyone who mattered so I just decided to act on my own and launched an Open Source Intelligence gathering effort called Project Grey Goose, which brought together an eclectic mix of hackers, spooks, and techies from inside and outside the Intelligence Community.

Imagine how happy I was six months later to hear about a formalized and much easier way to bring outside expertise into the IC thanks to the dedicated efforts of a few intelligence professionals and the Deputy Director of National Intelligence for Analysis. Appropriately enough, this project is named BRIDGE.

According to its creator, Dan Doney, BRIDGE hopes to do for Public-Private collaboration what the iPhone Apps Store has done for the iPhone and its customers–produce a mind-boggling explosion of innovative applications for use by the Intelligence Community. We aren’t at the mind-boggling stage yet because BRIDGE is still in its infancy, but there are some pretty cool apps which I’ll describe in a moment.

In addition to being a development sandbox, BRIDGE also allows intelligence analysts to interact with outside experts whether they be in industry, academia, or other government agencies at the Federal, State, Local or Tribal level. Alternative analysis has long been a recommended approach to avoid myopic thinking by specialists. BRIDGE provides a platform for debating alternative viewpoints and comparing evidence across agencies, specialties, and borders of all kinds.

Since BRIDGE is Dan’s brainchild, I’ve asked him to convey its purpose and function:

BRIDGE is designed to enable crowd-sourcing of intelligence applications–following the iPhone AppStore model–by providing a low barrier-to-entry platform to stimulate innovation and enable analysts to discover next generation capabilities that have value to their mission.

BRIDGE takes the Wiki model which enabled end users to easily contribute textual content en masse, and extends it to technology providers, enabling them to contribute technologies that enhance the intelligence mission in a matter of days. It is important to emphasize BRIDGE is not a Web2.0 tool, it is a low barrier to entry environment where promising Web2.0 tools can be placed – and analysts can use them to uncover their value prior to acquisition.

Since BRIDGE exposes key web services that emulate the mission environment, promising tools can be plucked from BRIDGE and quickly integrated into classified environments. This enables providers to develop against these endpoints in an unclassified setting, get feedback from users enabling shorter development spirals, mash-up new combinations of services, and dramatically reduce the time it takes to transition software to the mission setting. BRIDGE uses a “perpetual beta” model giving users an EARLY look at technologies–and a chance to provide feedback while they are still maturing.

Another unique characteristic of BRIDGE is that it provides an environment for Analytic Outreach–a place where IC analysts can reach out to expertise elsewhere in federal, state, and local government, in academia, and industry. New communities of interest can form quickly in BRIDGE through the “web of trust” access control model–access to minds outside the intelligence community creates an analytic force multiplier.

Here are three of the six applications currently in use on BRIDGE. Dan tells me that dozens more are on the way.

Collaborative Analysis of Competing Hypotheses

  • Web-based Analysis of Competing Hypotheses enables analysts to gather evidence collaboratively and think more critically about the plausible scenarios, mitigating bias
  • Collaborative views enable analysts to hone in on differences, making debate more constructive and encouraging deeper reasoning

Hot Grinds

  • HotGrinds serves as an evidence-based structured discourse forum at the crossroads of a wiki, a collaboration platform and social network
  • Semantic search, expertise identification, and management overviews of debate provide greater collective awareness and enhanced collaboration


Visually Structured Analytic Software

  • Organize ideas from many sources and many analysts into 2D conversation maps, significantly improving efficiency and situational awareness.
  • Identify the strongest evidence on all sides of an issue by tracking individual user credibility and the wisdom of the crowd

One of the new applications coming up will be a Web-based version of Palantir Technologies‘ Analytic Platform, loaded with real data collected by myself and some Grey Goose colleagues during the Russia-Georgia cyber war.

If you’re interested in joining BRIDGE, the process is pretty simple.

  1. Register at the BRIDGE portal.
  2. Send Dan an email with a short description of your interest in BRIDGE.
  3. Your request will be reviewed and if it’s deemed that there’s a match between your project or expertise and BRIDGE’s mission, you’ll be sponsored as a new member.
tags: , ,
  • http://basiscraft.com Thomas Lord

    This certainly looks interesting. Putting on my skeptics hat I have two questions of a somewhat philosophical nature:

    a) How can we vet this offer? I note that the WHOIS record for the firm points to a Canadian firm. Mr. Doney’s credentials look impressive and there is some trust afforded by your mentioning him in so public a forum as this but… on the other hand … how can one “trust but verify”? Is the sponsorship system supposed to cover this?

    b) Ok, I don’t mean to go into hysterics here but it is easiest to state this real concern using an extreme example: In *form* this kind of public/private-sector blending of concerns and formation of tight, closed networks of trade — well, in *form* it starts to resemble, for example, the political and economic position of, say, the East German Stazi from back in the day. And, if function follows form…

    I become worried when the IC creeps towards a monolithic, tribal self-identity and when it makes “outreach” efforts to recruit the private sector. I kind of prefer the messy, chaotic, fractious IC community: that seems healthier in some ways. Certainly coordination is needed for some things but it isn’t automatically good just because it’s orderly. I kind of like that the FBI are such losers in terms of information sharing: they are too often bad enough as it is (for example).

    What say you to that admittedly exaggerated provocation?

    -t

  • Jeffrey

    Hi Thomas: Regarding your first question, you more or less provided your own answer, meaning there are some reasons to believe that what you read is true (my credentials as well as Dan’s), but I cannot supply you with any assurances beyond that.

    Regarding your second question, well, I don’t quite see a question in there. If you’d like to re-phrase it in a little clearer way, I’d be happy to attempt an answer.

    Jeff

  • http://basiscraft.com Thomas Lord

    The second question (the “Stazi” reference):

    It’s kind of an existential question: why should this thing (“BRIDGE”) be? What is it a symptom of? There are some tells in the way you set up the story. For example, you speak of “the IC” and refer it indirectly to a piece of legislation from 1947 that formally institutes it but that’s not what it is, as I’m sure you well know. It is, rather, a big public / private sector jumble that on the one hand sometimes provides useful information to the military or to the civilian branches and on the other hand it is a dangerous, out of control, relic that by all external appearances is not the slightest bit reformed, other than superficially, from such excesses as became exposed in the COINTELPRO and MKULTRA hearings of the 1970s. Economically and in terms of command of capacity for violence and oppression it bears an alarming resemblance to organized crime.

    That’s a delicate thing because the dichotomy runs deep and for many, quite personally. The logical function of an intelligence unit of a state government is certainly legitimate and “the IC” doesn’t fail to provide, to a degree, in that area but look at it: it’s much larger and more arbitrary and more suspect than is justified by its performance in service of the state. And BRIDGE, in that view, appears to be an infrastructure and social / economic organizing effort to double down on the structural problems of “the IC”.

    Foundational to “BRIDGE” is an us/them polarization with real socio-economic consequence. That is the stuff of cold-war era paranoid mentality and it tends towards destructiveness of culture and civil society.

    The question is why should this thing exist? What entitles the category of self identity “member of the IC”? Isn’t this what Ike warned about? Who are you and what do you think you’re doing? Don’t you notice how much your little approach to “clubbiness” resembles the worst excesses of some of the most oppressive nation states in history, no matter what your supposed intent is?

    -t