Discovering the unknown unknowns
Joanne Taylor explains why big data analytics is the key in the new age of counter-terror.
On reading the annual report by the Independent Reviewer of Terrorism Legislation, David Anderson, about the changing face of the terrorist threat facing the UK today, I was reminded of Donald Rumsfelds famous comment at a post 9/11 US Department of Defence news briefing in 2002.
He said: As we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns the ones we dont know we dont know. And if one looks throughout the history of our country and other free countries, it is the latter category that tend to be the difficult ones.
Mr Rumsfelds speech was much mocked by the press at the time, but what he said encapsulated the challenge back then, but perhaps more so describes the changing terrorist threat facing the UK today. In the Nineties, when Northern Ireland was the key focus of UK counter-terror efforts, the world was one of organised plots involving known networks of individuals, known financing routes, etc the intelligence services were typically working with known knowns.
In the post 9/11 world, the working practices of the agencies had to change to give greater focus to the known unknowns to fill in the knowledge gaps associated with the new threat from religious extremism we faced; developing a picture of the terrorist networks involved, understanding how they worked together, were trained and gathering new intelligence to counter.
Both of the above assumes you have a starting point. That is a known organisation or set of individuals that can lead to other intelligence. So with these organised threats, national security agencies are in a position to ask targeted questions about an organisation, its modus operandi, who its members are, who they interact with etc.
Exploring the data available and gathering new data is, of course, the key to success in all cases. But in these examples it is about asking specific questions of the vast quantities of data available, to build up the intelligence picture, identifying the known unknowns and then gathering further data to fill in the gaps. This they are very good at and it is to be applauded that we have not had a multiple-death attack on UK soil since the London bombings of 2005.
Mr Andersons report, however, suggests that the modus operandi of terrorism in the UK is once again beginning to change. The issue agencies face in the new terror environment, characterised by smaller and less organised plots, often involving lone actors with few connections or small cells operating in isolation, is that they are now more often dealing with unknown unknowns.
As these groups are low-profile and operating independently, how do the agencies identify these individuals in the vast waves of big data available to them? The real challenge of the unknown unknown scenario is you simply do not know what question to ask, because you dont know who or what to look for so where do you start?
This is where big data analytics really comes into its own. Of course everyone leaves a data footprint and so there will be data about these individuals out there, whether through bank accounts, travel patterns, call records or online activity for example. It is this type of big data that can be the agencies best source of intelligence in this changed landscape and big data analytics their greatest weapon.
The advantage of advanced analytics in this context is that you do not need to know what you are looking for. You dont need to conduct a specific search of the data or ask a specific question. The technology will push information of interest to you it can identify behaviour in the right kind of area, such individuals spending time online looking at information about bomb-making or visiting hate-based websites, unusual travel patterns and associations for example.
Indeed, analytics can be of particular help to agencies when they dont have any specific leads or know what questions to ask when