Mike Downing, ex-Deputy Chief LAPD, Counter-Terrorism and Special Operations Bureau explores practical approaches to understanding and monitoring threats from extremist movements.
Throughout my career, I’ve witnessed the changing face of both foreign and domestic US extremist groups and the significant impact that new technology platforms and communication mediums have had on the evolution and capabilities of these groups. The speed at which these groups can now spread ideas, incite emotion, infiltrate organizations, and influence individuals has grown exponentially in recent years.
In fact, the US Department of Homeland Security recently published their 2020 Homeland Threat Assessment report and identified domestic violent extremists, whether right or left, as the number one security threat to the US. So, while ensuring the right to free speech and protest is protected, law enforcement and intelligence organizations must also adapt and utilize all tools available to understand and mitigate threats from extremist movements.
“The primary terrorist threat inside the United States will stem from lone offenders and small cells of individuals, including Domestic Violent Extremists (DVEs) and foreign terrorist-inspired Homegrown Violent Extremists (HVEs).”
US Department of Homeland Security; Homeland Threat Assessment, October 2020
Challenges for Law Enforcement
There are many challenges facing law enforcement – some of these have been around forever and others are a result of the rise in new technologies and open-source platforms. The big data challenge, specifically the speed, volume, and complexity of data demands an automated approach to data collection and analysis. Additionally, the many diverse and constantly changing content platforms and sources of data means that manual processes are no longer viable or effective. For example, many adversaries are now moving from traditional platforms to more fringe platforms like Gab, Discord, Reddit, and other foreign platforms. Finally, skilled analysts are a limited resource who are hard to recruit and keep, and analyst teams can quickly become overwhelmed and over worked if they don’t have the required processes and tools in place.
At its core, the functional objective for law enforcement is to prevent unlawful events from happening by anticipating the threat, protecting the vulnerabilities, and mitigating the consequences. This requires having broad investigative capabilities that facilitate a more predictive approach versus reactionary.
In any type of intelligence enterprise, there is also a need to define the puzzle pieces to better understand the ‘richer picture’ that makes up an investigation. It is critical to understand not only the adversaries or POIs but also the overall capability and intent of the extremist organization. To do that you need to understand everything about that adversary. This drives a requirement to cast the net wide and deep in intelligence investigations, particularly with the huge volumes of data that may impact or provide clues in an investigation.
Open-Source Intelligence as a Force-Multiplier
In the face of these challenges, law enforcement and intelligence teams need to deploy OSINT strategies and tactics to understand the adversary, their capability, and intent and be able to stay in prevention mode. Data collection strategy is key here. It is essential to strategically and tactically develop good automated data collection plans – both broad and targeted – to predict where the adversary is headed, how they are recruiting, and what they are planning.
This is where Fivecast ONYX is helping law enforcement not only collect data on these extremist movements but also understand their operational capability and motivations. Targeted and automated collection & threat monitoring against a range of online sources is combined with sophisticated AI/ML-enabled risk analytics in Fivecast ONYX to provide a force multiplication effect saving hours and days of manual interrogation of data. This is a crucial lift for first-response teams drowning in data and struggling to make sense of what they’re seeing.
Additionally, the network visualization of related actors and influencers is an invaluable tool in combatting the decentralized model of many extremist movements. Network visualization helps you develop that richer picture of not only the POIs but the influencers, how they are related, and potential future plans. This rapid identification of POIs and deep risk analysis to uncover the most critical insights helps law enforcement prioritize and make more strategic decisions about where to deploy their resources.
Register for exclusive access to the Fivecast Intel Hub to access case studies, industry briefs, webinars and more to learn more about how Fivecast supports extremist threat monitoring.
Staying in Prevention Mode
In summary, the best way to compete against a decentralized movement is to arm investigators and analysts with broad-reaching online collection tools that enable anticipatory intelligence to understand and diminish the threat. This requires a sophisticated, data driven, and AI-enabled approach across the full investigation lifecycle from discovery to investigation and analysis. By using these OSINT tools and processes, law enforcement has the best opportunity to build a rich investigative picture, anticipate and mitigate threats and preserve freedoms of speech while protecting global communities.