+ Reply to Thread
Results 1 to 8 of 8
  1. #1

    Default Open Source Information sources

    Hey everyone,

    I was wondering what is available for Open Source information sources?? Of course, we got Facebook/Twitter (especially useful during the Occupy movement), and the unclassified information that we can get from law enforcement/Fusion centers, but I was wondering what else we could be reading??

    Sean Hickey

  2. #2
    Join Date
    Feb 2007
    Location
    Desert Southwest.
    Posts
    323

    Default


    Quote Originally Posted by Sean1289 View Post
    Hey everyone,

    I was wondering what is available for Open Source information sources?? Of course, we got Facebook/Twitter (especially useful during the Occupy movement), and the unclassified information that we can get from law enforcement/Fusion centers, but I was wondering what else we could be reading??

    Sean Hickey
    Well, sir, amongst the Good Book and a few other selections, my day eventually takes me here: http://www.dhs.gov/dhs-daily-open-so...ructure-report I worked in the critical infrastructure sphere and never shed the habit. --K.
    Bitter clinger to my guns and religion....

    "When I die, I desire no better winding sheet than the Stars and Stripes, and no softer pillow than the Constitution of my country."--Andrew Jackson

    Psychological Operations: Because physical wounds heal.

  3. #3

    Default

    Quote Originally Posted by SpecialAgentKC View Post



    Well, sir, amongst the Good Book and a few other selections, my day eventually takes me here: http://www.dhs.gov/dhs-daily-open-so...ructure-report I worked in the critical infrastructure sphere and never shed the habit. --K.
    Thank you Sir!!!!

  4. #4
    Join Date
    Nov 2006
    Posts
    6,453

    Default

    Quote Originally Posted by Sean1289 View Post
    Hey everyone,

    I was wondering what is available for Open Source information sources?? Of course, we got Facebook/Twitter (especially useful during the Occupy movement), and the unclassified information that we can get from law enforcement/Fusion centers, but I was wondering what else we could be reading??

    Sean Hickey
    Information about what?
    A man who will not lie to his wife has no regard for her feelings. - Anon.

    My school was so tough we had our own coroner. - Lenny Bruce

    In my neighborhood, you could walk 10 blocks in any direction and never leave the scene of a crime. - Charlie Callas

  5. #5
    Join Date
    Oct 2010
    Location
    Washington State
    Posts
    751

    Default open source information

    IFPO used to have a a whole list of web sites, broken down by topic / source. I don't remember if it is on their website or a "members only" type thing. As mentioned, city or county "crime map" websites are a must. Some are better than others, but it can give you an idea of what's going on around you.

    Some open source sites require a fee or membership, but if your department has a budget line for "training" or "professional memberships" I recommend looking into sites that would be useful for the type of security you're doing. For example, those companies with overseas operations should check out Stratfor's reports.

    You also have to think out of the box a bit. For example, one year we were having some issues with a member of a rather obscure right wing radical group. While I have some issue with the politcal stances of the Southern Poverty Law Center, they have excellent information of extremist groups in America. Not techncially a "security" site, but uselful none the less.

  6. #6
    Join Date
    Nov 2006
    Posts
    6,453

    Default

    Okay, I can see that we need to explain some things about intelligence rather than just blathering about a bunch of sources.

    The FIRST thing is to answer the question that I asked: Information about WHAT, exactly? I wasn't just talking to hear myself talk (or to hear my keyboard clatter). The answer to this question drives absolutely everything you do by way of gathering intelligence, or even surfing for "information", unless you have a lot of time to waste and it doesn't matter whether you learn anything useful or not. If you're just looking for stuff to read you won't need to progress further in this lengthy post. (But hey - you wanted stuff to read, right? So read!)

    The SECOND thing is to identify the relevant information that exists right now, within your own facility, but that isn't being systematically collected, collated and analyzed. THESE ARE THE MOST RELEVANT SOURCES YOU CAN HAVE. Before you waste time surfing around on the Web looking for stuff to read, you need to utilize the intelligence assets available to you right within your own operation and your wider organization. Even before you learn what's happening down the street, you need to know what's going on within at least the visible radius of your own facility. It does you no good to read websites while someone's parked across the street surveilling your facility. It does you no good to gather data regarding other facilities seven states distant while the stream of data concerning your own facility's security lies dormant in a pile of un-analyzed incident reports.

    When you start mining the data contained within reports, you'll learn surprising things from spreadsheets that otherwise simply go unnoticed when that data doesn't get systematically collated, organized, summarized, analyzed - and benchmarked against itself chronologically. In fact, this is SO true that THIS IS JOB ONE - mining your own data - before you surf a single website. And, as you stick with this over time, the information that will come out of these efforts will only become richer and more useful. It won't mean a lot at first.

    ...and must there be an "incident" at all? Lots of intelligence has nothing to do with events that generate formal reports. Security people and others within your organization have the opportunity to observe things BEFORE "an incident" occurs. These people are assets. Make a concerted effort to encourage them to share what they observe. While this is like panning for gold - lots of water, rocks and sand with only occasional nuggets - when you DO come up with a nugget it's going to pay off. Talk with people - any people in the organization - and simply invite them to contact you directly if there's ever anything that they see and think you should know.

    It's the failure to develop primary sources within the organization that results in security operations being caught off guard by things that are going on with employees that signal trouble, for instance. How often do you read about someone going postal who's "been acting funny for awhile", a simmering dispute between two employees that turns deadly, or an ex-spouse or rejected lover who shows up and shoots someone - but for some reason no one in security was up to speed on the gathering storm. THESE THINGS DON'T HAPPEN IN A VACUUM. THEY USUALLY DEVELOP OVER TIME. Security intelligence FAIL.

    MOST IMPORTANTLY, THE INTERNAL INTELLIGENCE DISCUSSED ABOVE IS FAR MORE LIKELY TO BE BOTH LESS AMBIGUOUS TO YOUR SITUATION IN TERMS OF ITS IMPLICATIONS, AND HENCE MORE DIRECTLY ACTIONABLE, THAN ANY INTELLIGENCE FROM EXTERNAL SOURCES. When your internal intelligence tells you that there's been an increase in break-ins to employee vehicles between the hours of 2 and 6 A.M., there's no ambiguity and it should be directly actionable. No outside source can give you this intelligence. When you learn that two employees almost came to blows at lunch, it should be directly actionable, and again, no outside source will give you this information.

    The THIRD thing is that you need to understand the significant differences between primary and secondary sources. For our purposes here, consider a primary source to be someone who has relevant information and who you can communicate with directly. If you're not developing primary sources, you aren't doing intelligence at all. Secondary sources, for our purposes, is anything that's published, whether in print or on the Web. Secondary sources can illuminate, but never substitute for, primary information.

    It never ceases to amaze me that people who say they want intelligence have never even visited the crime analysis unit of their local police department - and if you think that what they know is contained in their website "crime maps", you're sadly mistaken. Crime maps are constructed for the general public. Ditto, the criminal intelligence unit, if that's separate from CA, and also the crime prevention unit. Will these people tell you everything they know when you walk in the door? Not likely, but over time as you develop and deepen these relationships they'll unwind and become invaluable resources. In fact, make it a point to develop and nurture every possible relationship you can have with local law enforcement at the city and the county level, from the patrol level on up.

    Ditto, the emergency management department, whether it be local or county. A security manager's intelligence interest isn't all about crime, and EM folks are almost always delighted when security people seek connections with them.

    Ditto, other security managers in your community. Cooperation and information sharing - not rivalry! However, the fact is that this kind of information sharing ALMOST ALWAYS HAS TO TAKE PLACE VERBALLY AND INFORMALLY or "on the QT" as we used to say. After all, private companies have no desire to publish their dirty laundry so you won't find that kind of information in secondary sources!

    Ditto, other governmental agencies like the zoning department can be sources. Who's the city council person for your district? And it's interesting who you can meet and what you can learn at city council meetings. We had an annexation a couple of years ago and any thoughtful person could see it would impact police services adversely - which it has done. That's intelligence, and you would have learned about it first in a city council meeting.

    It wouldn't hurt to meet the crime reporter who covers your beat, and the local reference librarian. Two professions that know a lot about sources, and especially local sources, including people "behind the scenes" in the community who are good to know.

    ...and each time you acquire a new primary source, never fail to ask them if they can suggest other people who you should know as well.

    In short, you should have a Roladex full of the names, numbers and email addresses of primary sources who are LOCAL to you before you start surfing around to read about some chemical plant in Podunk, Iowa that had a release of chlorine that was determined to be accidental or a subway derailment in New York City that disrupted rush hour traffic (which is mostly the kind of thing that you find in the DHS reports, for reasons that I cannot fathom).

    Not saying there's nothing potentially useful on the Web, but it's when you've started to capture and analyze the intelligence at your fingertips, and when you've established relationships with local primary sources, that you can cast secondary sources in proper perspective. The CIA uses a lot of secondary sources - but they don't mistake secondary sources for primary, or for the intelligence that the agency gathers directly itself from its own assets.

    First - information about what? Second - look inward and locally for intelligence before casting a wider net. Secondary sources, by definition, are mostly yesterday's news, and most of them actually irrelevant to your operation except in a very general sense. They pale in comparison to your own intelligence and a cup of coffee with a local primary source. Make it a point to become "well-connected".

    As for secondary sources, learn how to do two kinds of searches:

    1. Sophisticated Google searches (and other search engines), using the advanced features and filters that they offer. Sites with "a bunch of links" can be helpful, but only as one source. Don't depend on anyone else to curate your secondary sources for you. When you become expert at performing searches, you'll find lots of things that will never show up on sites with "a bunch of links", especially the Deep Web. For one thing, "link sites" can't be expected to cover everything for everyone. For another, link sites are famous for biases and blind spots.

    2. Relevant periodical index searches. By "relevant", I mean searching periodicals relevant to the business that your organization or client is conducting. For instance, it's quite common for articles discussing security and safety issues relevant to chemical plants to show up in chemical industry periodicals, or for cargo security articles to appear in journals that are published for people who work in logistics. Pieces on healthcare security will show up in journals published for healthcare executives. I hope you see what I mean. General news and even security-related "link sites" will rarely if ever include these sources unless an article happens to hit the wider Web - and probably aged a bit. When you do identify an article of interest, see if someone in the organization subscribes to that journal. (The person to show you how to do periodical index searches would be that reference librarian I mentioned earlier.)

    Does all this sound like work? Too much work? Security intelligence is hard work! It requires concerted, ongoing, goal-directed activity that involves the expenditure of time and resources. It isn't a surfing activity.
    Last edited by SecTrainer; 06-12-2014 at 11:37 PM.
    A man who will not lie to his wife has no regard for her feelings. - Anon.

    My school was so tough we had our own coroner. - Lenny Bruce

    In my neighborhood, you could walk 10 blocks in any direction and never leave the scene of a crime. - Charlie Callas

  7. #7
    Join Date
    Nov 2006
    Posts
    6,453

    Default

    ADDENDUM: I mentioned periodical index searches. To be clear, I don't mean the general periodical index that most of us used at some point in high school or college - which covers news-stand magazines that you see at the airport or the drug store, like "People Magazine" or "Sports Illustrated". There are many specialized indexes, one (or more) of which would be relevant to a particular industry. This is where the research librarian can point you in the right direction. Once she shows you how to do a search in the appropriate index(es), chances are good you'll be able to search online from then on as I believe almost all of the indexes are online.

    The secret to working with a research or reference librarian (and I've heard this many, many times) is telling him/her EXACTLY what kind of search you want to conduct - meaning what kind of information you're looking for. People will come in and ask "How do I search for information about street drugs?" when what they really want is information about the relationship between methamphetamine and depression. This often causes the librarian to point them in the wrong direction or to fail to mention a relevant index, so be specific.

    You might say "I work in healthcare security and I'd like to search for journal articles in that field related to anything like infant abductions, drug diversion, theft of medical equipment, patient violence to staff, and those sorts of things that we deal with." Providing other examples if possible would be even better - like treating gang members in emergency rooms. The more you can tell them about the sorts of articles you hope to find, the better - and you're more likely to get all the relevant indexes, some of which could surprise you. It would surprise you, I'm sure, to do a search on "Hamlet" in a variety of industry journals! He's actually mentioned in a wide number of them. The same might be true of the range of topics that would interest you - perhaps you find an article on medical equipment theft in an engineering journal that examines possible technological solutions to the problem. Mention that at the next staff meeting and everyone knows you're a BEAST! More seriously, perhaps you put that down on your "scan" list to watch for future developments.
    Last edited by SecTrainer; 06-12-2014 at 09:09 PM.
    A man who will not lie to his wife has no regard for her feelings. - Anon.

    My school was so tough we had our own coroner. - Lenny Bruce

    In my neighborhood, you could walk 10 blocks in any direction and never leave the scene of a crime. - Charlie Callas

  8. #8
    Join Date
    Mar 2013
    Posts
    515

    Default

    That says it all.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts