The Challenges of Using Commercial-Off-the-Shelf (COTS) Technology for OSINT Analysis Within the U.S. National Security Community

Share this post

The Challenges of Using Commercial-Off-the-Shelf (COTS) Technology for OSINT Analysis Within the U.S. National Security Community

The OSINT Race 

Criminal actors are aware of the vast amount of data available to understand and undermine United States policy, democratic processes, and the economy. Therefore, the internet becomes a powerful weapon for both sides of the cyber war. In order to operationalize OSINT, the U.S. Department of Defense must have access to the most innovative technologies. They must also master the information domain in order to plan for and counter the enemy before they strike. Publicly available information (PAI) on the internet can be turned into valuable cultural, political, economic, social, and demographic intelligence. With unfettered access to this, U.S. forces can be predictive, understand the cyber terrain, and gain elevated influence. Are commercial-off-the-shelf (COTS) technologies the right tools for national security online missions?

Technical and Operational Mission Requirements 

OSINT is not just an independent mission set. It most often overlaps more complex missions. The OSINT cycle is subsumed into other intelligence disciplines, adding its own challenges with the management of massive quantities of data.  

OSINT operations require human intervention to analyze and validate collected data. These operators require wide data coverage from a variety of tools. They must also access countless online sources while carefully managing their attribution to protect themselves, their operation, and their mission. For instance, gathering social media intelligence requires access to mobile applications, while gathering dark web intelligence requires access to Tor. Teams using one operational platform will gain the high ground while others shuffle through disjointed tools, leading to possible intelligence gaps, overlooked connections, and slow operational responses. The suite of required third-party tools should be easily integrated and funnel data throughout one platform as needed for flexible data management.  

The evolution of OSINT over the past 50 years has required analysts that may not have a technical background to engage in click-heavy processes. Just because a platform is complex in its integrated architecture doesn’t mean that it can’t be simplistic in data workflow and interface usability. Operators need aggregated data from the clear, deep, and dark web with the ability to pivot instantly between web spaces rather than managing separate data feeds. Further, given their directive to personally maintain a low social profile online, operators can be hesitant to embrace the unfamiliar value of social media platforms. 

To ensure compliance and maintain threat oversight, an OSINT operation’s administrators require full visibility into mission activities. This includes a complete audit trail of collected data, user activity tracking, as well as controls like permission settings and approval process features that allow teams to create seamless workflows for reporting.  

Where COTS Tools Fall Short 

The DoD must fully leverage private-sector COTS tools to discover the unredacted truth of their environment. However, these tools are often tailored to the needs of the commercial industry and big business rather than for national security. Data mobilization by private-sector technology companies needs to be translated into capabilities that specifically enable the DoD in OSINT missions.  

COTS tools generally provide layered analytics and compelling options for maintaining a constant finger on the pulse. However, the technical framework and operational methods often aren’t taken into consideration with emerging COTS tools. 

Social media aggregation is increasingly challenging. These include obstacles like partial datasets, varying short and long-form formats of data, and the need to have real-time and constant access and retention. It’s becoming more commonplace for operators to abruptly lose access to data for reasons like ineffective managed attribution techniques or total lack thereof. The consequences can be frustrating and even catastrophic to time-sensitive missions where lives are at stake. 

As we’ve stated, COTS tools are developed with commercial purposes in mind, and they are rarely perfect fit for national security OSINT requirements. Companies use these tools to determine their customers’ buying behavior to build a custom influential marketing strategy. Mismatched and commercially intended capabilities can delay the required vetting process for DoD solutions, leaving them constantly trailing behind the pace of technology. 

OSINT collection tools are abundant and evolve steadily. The incremental improvements, however, fall short of the progressive upward trend of data aggregation complexity and the ability for criminal actors to mobilize correspondingly. 

A costly alternative is to develop native tools within the DoD’s classified networks to collocate the technology. This is thought to elevate security for retention and analysis of more sensitive data that is collected, but often leads to ballooning costs in procurement and maintenance.  Moreover, the risk that results from delayed production time leaves operators constantly lagging in technology—with each release meeting yesterday’s mission requirements. 

A Method to the Madness 

Although the market is saturated with COTS OSINT tools, the methods of utilizing these tools are paramount to the safety of your operators, mission, data, and organization identity. This level of protection can only be offered through the integration of popular OSINT tools with predetermined mission-focused methodology, efficient workflow, comprehensive oversight, and identity management united in one holistic platform. 

Nfusion, secure managed attribution platform, is engineered specifically for national security operators to systematize OSINT collection activities and increase the value of that data contributing to real-time analysis and mobilization responses. 

Learn more about Nfusion

Resources: rand.org