This post is also available in: heעברית (Hebrew)

18970649_m כקשאורקIntelligence agencies generate massive amounts of information. How can experts avoid getting flooded by the endless stream of data, and instead use it to their advantage? Intelligence agencies monitor and record all pieces of information – how is the gathered intelligence crafted into a useful tool that can be used by intelligence officers?

Espionage and counter-terrorism organizations all over the world connect their data mining and collection systems to every civilian communications infrastructure, including cellular, landline and internet service providers, effectively acquiring the ability to intercept any phone call, location of cellular phones, SMS message contents, e-mails or surfing data.

The total amount of information is immense and constantly growing. All the information that’s collected using signal intelligence systems, or SIGINT, in addition to large amounts of additional civilian information held by intelligence organizations, such as population registries, border crossings, banking transactions and more, is entered into massive databases that must support quick retrieval of large amounts of data.

Whether it’s an emergency that requires immediate response or a methodical infiltration of a criminal organization, the amount of data collected during every incident is massive. For example, using various technological systems the daily routine of a lone terrorist or terrorist cells can be figured out, making them substantially easier to stop.

The daily routine of an individual can be deduced by analyzing his electronic habits, his phone calls, the e-mail he uses and the name and nature of the websites he visits. Electronic intelligence systems can intercept massive amounts of information, much more than any human being is capable of processing. That information has to be presenting in a way that is clear and immediately understandable.

In order to present the large amounts of intercepted data regarding groups or individuals in a way that makes sense, and to help intelligence officers understand the information and use it effectively, the data has to be presented in a graphical, visual way, rather than textual.

iHLS – Israel Homeland Security

One of the most important means of deducing a suspect’s routine and establishing his connection to an event is carried out using a “connections map”. The sum total of the suspect’s communications with his various social circles (friends, co-workers, family, bosses, etc.) – incoming and outgoing cellular phone calls, text messages, calls using landlines, VOIP chats – are presented visually, with every line representing his entire communication history with a specific target. The width and direction of the line can teach us, among other things, how “strong” is his connection with a specific person, the direction of their relationship (does the suspect receive reports or orders from that individual, or is it the other way around), and the timing and location of their communications.

In this way maps of connections between individuals or groups can be drawn, illustrating, for example, paths taken by orders and guidelines for carrying out terror attacks, quickly reaching the individual terrorist, the one who actually carries the bomb.

Another interesting – and just as important – way to display intelligence data aimed at assisting counter-terrorism or crime fighting efforts, is through GIS-based maps.

Using layers, which can be enabled or disabled in order to hide or display important information to decision makers or forces in the field, a terrorist’s movement route can be represented, sometimes at extremely high resolutions capable of showing specific houses and vehicles. This can be done in real time and used to direct tactical units on their way to arrest or neutralize the terrorist. The layers can include topographic information, road images, demographic, intelligence and municipal information, and more.