Nato osint reader final 11 oct02
Published on: Mar 3, 2016
Transcripts - Nato osint reader final 11 oct02
OPEN SOURCE INTELLIGENCE READER
TABLE OF CONTENTS
Introduction to the NATO OSINT Reader .........................................................................2
Open Source Intelligence: The Challenge for NATO ........................................................3
THEORY AND HISTORY OF OSINT
Understanding Open Sources .............................................................................................9
The Role of Open Sources as the Foundation for Successful All-Source Collection
Review Essay - Open Source Intelligence........................................................................17
APPLICATION OF OSINT
Open Source Information .................................................................................................30
New Risks of Crisis - Fresh Perspectives From Open Source..........................................35
Secrets For Sale: How Commercial Satellite Imagery Will Change the World...............39
INTERNATIONAL VIEWS OF OSINT
Teaching the Giant to Dance: Contradictions and Opportunities in Open Source
Within the Intelligence Community .................................................................................56
Open Source Intelligence: What is it? Why is it Important to the Military?....................64
The Privatisation of Intelligence: A Way Forward for European Intelligence
Cooperation - "Towards a European Intelligence Policy"................................................74
Open Source - Lessons Learned .......................................................................................80
Optimising Open Source Information Sharing in Australia: Report and Policy
Prescription – (Part IV, V)................................................................................................86
Open Source Intelligence a ‘Force Multiplier’.................................................................95
Collection and Use of Open-Source Intelligence .............................................................98
Directory of Resources ...................................................................................................104
INTRODUCTION TO THE NATO OSINT READER
This publication supplements the NATO Open Source Intelligence Handbook, published in
November 2001, which provided preliminary information on the subject of Open Source
Intelligence (OSINT). The NATO OSINT Reader, a focused collection of articles and
reference materials by worldwide experts, is designed to give commanders and their staffs the
theoretical, historical, practical, and international background necessary to understand how
this discipline has evolved. The increasingly robust array of open sources available enables
commanders to attempt to satisfy some of their information requirements themselves rather
than resorting to directing Requests for Information (RFIs) elsewhere.
The NATO OSINT Reader provides comprehensive information and various perspectives on
Expositions as to what OSINT is and why it is so important to the
military forces of today and tomorrow;
The theoretical framework of collecting, analyzing, and reporting
The history of OSINT, particularly as practiced by the NATO nations;
The application of OSINT to real-world situations both current and
future as well as historical;
International views of OSINT, including but not limited to the views of
NATO members; and
References for further reading and study.
The NATO OSINT Reader has been prepared by the staff of the Supreme Allied Commander,
Atlantic, Intelligence Branch in collaboration with staff from the Supreme Allied Command,
Europe (SACEUR), and the original sponsor for most of these articles, Open Source
Solutions Inc. The Reader and the Handbook will be supplemented by a third companion
document, Intelligence Exploitation of the Internet. The information in this trilogy is relevant
to all NATO commands, task forces, member nations, civil-military committees and working
groups, and such other organizations that may be planning or engaged in combined joint
F. M. P. ’t HART
Rear Admiral, Netherlands Navy
Assistant Chief of Staff, Strategy
OPEN SOURCE INTELLIGENCE:
THE CHALLENGE FOR NATO
Commodore Patrick Tyrrell OBE MA LL.B Royal Navy
Commander, Defence Intelligence and Security School, UK
The dramatic changes in the strategic environment have had profound effects on the way in
which NATO conducts its business. Indeed, the changes have altered the very nature of the
business in which the Alliance is involved. The most obvious of these is the incorporation of
the first three new members of the Alliance for 16 years and the development of the
Partnership for Peace initiative. The shift away from the military focus of the Alliance in the
days of the Cold War towards a more politically astute and centred organisation was started
by Secretary Baker in 1989 when he called upon the Alliance to look towards helping set the
new agendas for Europe in the 1990s. At the same time, there have been a proliferation of
requirements for intelligence support that are inherently non-traditional; including the
readjustment of borders, the study of new migrations, concerns over environmental threats
and the need to collect and analyses at the social and economic levels.
Change is never an easy bedfellow and sixteen sovereign nations often have widely differing
national interests. The Palmerstonian Doctrine still holds sway in today’s strategic
environment1 and the concept of “realpolitik” will mean that such national interests will
continue to dictate how nations conduct themselves both in private and on the world stage.
International organisations like NATO and the UN have provided a forum for nations to be
able to develop common approaches to common problems but I still see the attitude of one
British Trades Union leader who, during a dispute, was heard to remark: “I shall negotiate,
but never compromise”. Despite this requirement to achieve consensus and the painfully
slow process at times, NATO has made major strides in restructuring and reorganising itself
in preparation for the welcoming of new members. There is, however, a clear need to
develop a common view of the joint or coalition operating environment if co-operative efforts
are to succeed.
One of the most sensitive areas of any military alliance is that of the collection, analysis and
dissemination of intelligence.
NATO’s intelligence structure relies primarily upon
intelligence inputs from member nations with only a limited capability, especially in peacetime, for the generation of its own raw data. As such, the NATO intelligence baseline and its
standard operating procedures are all centred on a highly classified basis and often exclude
unclassified, open sources of intelligence, including commercial imagery.
The concept of an “information revolution” has been well developed over the past decade. It
is a result of this revolution is that it has allowed us to gain access to unparalleled quantities
of data and to retrieve, manipulate, sort, filter, interrogate, digest, plagiarise, and generally
bend it to our bidding. Reality is somewhat removed from this in that much of the available
Palmerstone’s speech to the House of Commons, 1 March 1848: “We have no
eternal allies, and we have no perpetual enemies. Our interests are eternal, and those
interests it is our duty to follow”
information remains in a format that is not susceptible to digital manipulation, and the search
engines are often only as good as the operators who manage them. However, modern
technology clearly gives us a tremendously powerful tool with which to conduct information
analysis. The revolution has been spurred by the simultaneous collapse of the bi-polar world
and the freeing of much data, formerly held as classified. Within this vast “cyberstore” of
information there will be much that is inaccurate, irrelevant or, simply, out-of-date. It was
the veteran US journalist, John Lawton, who in 1995 said: “It is the irony of the Information
Age, that it has given new respectability to uninformed opinion”. It is very tempting to
believe that all that scrolls before you on your screen is a quality product!
The revolution, so far, is, essentially, a technical revolution with the development of cheap
yet fast computer systems capable of achieving the storage capacities and speeds necessary to
search through vast quantities of data. There is, however, a necessary corollary, and that is
the development of the human skills necessary to the effective use of the information tools.
This is more than the ability to “surf the net” and to access on-line databases. It requires an
understanding of the subject matter, the techniques relating to computer searches, the ability
to make use of an increasing array of sophisticated data-mining techniques, an understanding
of where information is likely to be and how to obtain it even if it is not digitally stored in an
appropriate database. Perhaps most importantly, the revolution requires dramatic changes in
culture, security, and procurement precepts such that the role of the intelligence analyst
changes. As the former Deputy Director of Central Intelligence Agency noted at a recent
international conference on open source intelligence, the analyst must now “know who
knows” and be able to identify, task and interact with subject matter experts outside the
intelligence community, most of whom do not hold traditional clearances.
The traditional view of intelligence communities is that they are already aware of the uses
(and abuses) of open source material. What has changed, however, is the quantity and quality
of available, unclassified material. Many of the skills required of the information mining
engineer are those already inculcated in the intelligence analyst. The ability to comprehend
the overall problem, whether at the tactical or strategic level, is an essential prerequisite for
designing an appropriate search policy. The analytical skills allow him to filter the irrelevant,
identify the valid and discard the inaccurate. It is important that analysis skills are not
considered to be synonymous with searcher or librarian skills, however; the information
miner must be able to understand where the unclassified information fits into the broad
picture. This will demand access to all source data, including where necessary to classified
sources. It is this breadth of vision which must be developed if the analyst is not to be
myopic in outlook.
Sources of intelligence:
Traditionally, intelligence services have concentrated on classified sources for their analysis.
It is true that they have always relied on identifying unclassified sources to provide
verisimilitude to the classified product, but the emphasis has remained on the provision of a
classified report, issued to those suitably cleared to receive it. In the past, information has
been classified either to protect its source or its subject matter. As we approach the
millennium, traditional intelligence principles are being turned upside down. As noted by
Hugh Smith and cited by Sir David Ramsbotham, “Intelligence (for coalition and UN
operations) will have to be based on information that is collected by overt means, that is, by
methods that do not threaten the target state or group and do not compromise the integrity or
impartiality of the UN (or NATO)”.
The development of modern information systems has also made much of the material,
formerly only available from classified sources, readily accessible to any who wish to seek
for it. Overhead imagery, for example, is now being supplied from commercial sources for a
number of non-military tasks including land use, planning, exploration, etc. The resolution of
these systems is already good enough for a number of military applications.
Open Source information:
As we have seen, not all the available open source information is conveniently available on
interconnected computer systems. Much remains in archives, libraries and other repositories;
some is available only on request from government sources and some is in private
collections. Availability of information, or at least the ability to access it, is not always
international and can only be obtained by someone located in the vicinity of the data.
According to US studies, some 80% of what a commander requires, is neither digital in
format, in English or, often, unpublished. It will be up to the subject matter expert to bring
these inchoate sources into a coherent product.
Open source data is increasingly important to support the intelligence function. The
increasing ability to successfully mine data from a large, incoherent series of sources, allows
analysts to build up detailed composite pictures of their area of interest. Open source analysis
is not a substitute for the traditional classified work, the analyst can use the open source view
to be able to ascertain what addition information might be required on a particular subject
and, having identified the gaps in his knowledge, task the increasingly scarce resources to
target those gaps with whatever tools may be appropriate. Essentially, open sources provide
for the foundation for classified collection management, while also providing the context and,
importantly from the intelligence perspective, sometimes providing cover for classified
sources and methods and often giving evidence as to where new classified studies might be
NATO and the Partners for Peace need to be able to build up a degree of mutual trust and
compatibility if the PfP process is to succeed, particularly in the case of Russia. There are
few areas as sensitive as the intelligence arena and co-operation in such areas would provide
a strong confidence building measure and enhance stability. The new high-level councils,
including the recently formed Permanent Joint Council (PJC), will require supporting by a
suitable formed intelligence group. Although, as in the past, national intelligence capability
can provide an input to individual delegations, the Alliance itself will require independent
advice. This can be provided by the existing NATO intelligence staff but would be
considerably enhanced if there were to be a NATO/PfP open source facility, working jointly
with the existing NATO staffs.
Open Source Programme:
Within the NATO/PfP Open Source Programme, there would be a separate and distinct
NATO/PfP Open Source Bureau of modest proportions, specifically tasked with the
acquisition and analysis of information in support of the NATO/PfP secretariats, made up of
personnel seconded from all participating nations. There are three potential options:
• establish a “virtual” bureau based on national intelligence staffs operating from
their respective national capitals. This is a “ Federated Bureau”.
• establish a single NATO/PfP bureau at one location fully staffed by a
representative group of all member nations. This is a “Central Bureau”.
• Composite bureau of nationally based staff with a co-ordination group centrally
located. This is a “NATO Web”.
The role of the programme, however formed, would be to provide, both on demand and as a
routine service, high quality and reliable access to unclassified material. Within the current
NATO nations, unclassified material has always been relatively easy to procure. A distinct
advantage to NATO will be to have access to those databases and archive which, hitherto,
have not been readily available from the PfP nations. The programme would make effective
use of existing commercial service providers as well as those of individual member nations.
Although the programme will demand highly trained personnel, there is no necessity for the
programme to come under the direct control of the intelligence staffs. The intelligence staffs
will, undoubtedly, be customers for the product but they will only be one of several potential
customers. The bureau will be equipped to handle a wide range of queries, many of which
will be easily answered with reference to on-line sources for NATO and PfP staff officers,
military headquarters and component commands. Access would be via telephone, fax, and email with clear performance targets to be met. The depth of expertise required will increase
depending upon the level of service being provided:
• Periodic awareness service - single page digests on demand
• Search and retrieval - including use of commercial databases
• Primary in-depth research with the identification of appropriate subject matter
expertise to meet the customer’s requirement
• Strategic forecasting, including that for scientific and technical trends.
The importance of commercial imagery as a foundation for a common operational
appreciation cannot be understated. For a relatively modest outlay, commercial imagery
could be acquired which would have considerable utility both within NATO and in member
nations. The imagery currently available can readily create the 1:50 combat charts which do
not exist for much of the region today, as well as providing for the provision of precision
munitions targeting information and for three-dimensional, interactive, flight mission
The function of the programme would be to provide what one commentator has described as
“just enough, just in time” intelligence, clearly focused upon the customer’s requirements. It
would be designed from the outset to add value to information available to Alliance and
national decision makers. In some cases, where the query is complex or the customer is a
high priority one, there may be a requirement to provide what would, in commercial terms be
an account manager whose task would be to act as an interlocutor between the customer and
the programme information staffs. His role would be to assist the customer in focusing his
requirements and in the management of the subsequent search and retrieval.
The cost of implementing such a programme is considered to be modest. Much of the
required interconnectivity is already in place between the respective capitals and the NATO
HQ. The three options would provide for a range of staff costs depending upon whether the
programme was set up as a single site entity or as an interconnected, federated system of
cells. The advantage of the former is that the members of the programme are clearly linked
as a team but the federated solution may allow for better insinuation of the individual open
source programme cells with their respective parenting organisation within each nation. This
could be augmented by the provision of a co-ordination staff at a convenient site and the use
of exchange personnel between the national cells.
There would be a requirement to train the programme staff to a common standard to ensure
that all participating nations could contribute fully to the activities of the organisation.
Training needs analysis would nee to be done to support not only the initial training
requirements but also the longer-term needs of the programme. The DISS at Chicksands in
the UK is one of several places where such training could be given.
The provision of such a bureau need not necessarily be a NATO/PfP owned facility: out
sourcing of the organisation would save start-up costs and transfer risk to the private sector.
The programme would then charge NATO and PfP nations for their services with clear
performance criteria laid down for the delivery of the product. This would have the
additional advantage of further distancing national intelligence staffs from the provision of
the service and, inter alia, allow them to concentrate on their primary functions. It would be
important that any selected company would be required to select staff from all participating
nations, especially those of the PfP, to ensure the continued national commitment to the
overall programme. As an interim alternative, a small contract could be let for the provision
of specific open source intelligence products to the NATO/PfP programme. The core value
of this programme, however, is the creation of a shared NATO/PfP open source intelligence
architecture with interoperable hardware and software. To achieve this ultimate goal,
however, will require this programme to be fully integrated into the C4 planning and resource
management aspects of NATO and be fully supported by all members of the Alliance.
The key posts in this organisation would be at the senior management level; the director of
the programme would have to be chosen for his vision, intellect and management capabilities
rather than for the “cut of his cloth”. It would be essential that these key personnel had the
full support of the NATO/PfP Board. Initially, no more than six full time civilian members
are envisioned, with additional staff provided from member nations’ military and civilian
personnel. Such an Open Source Programme will give a positive, relevant and productive
core capability, able to be developed further as the participating nations become more used to
sharing information. It will have important implications for future coalition operations
whether composed of NATO/PfP or of a wider range of nations. It represents a single,
positive step to engender trust, cooperation and confidence between Alliance and PfP
members and also gives important skills to their intelligence staffs as we approach the
• Open Source programme for NATO is viable option for NATO/PfP
• Open Source programme would provide a significant confidence building measure
for PfP nations
• An open source programme will allow PfP and candidate nations to participate at
an early stage in the intelligence process within the Alliance
• An open source facility is complementary to existing intelligence functions and
will allow the traditional NATO intelligence community to concentrate on other
• The ability to acquire and exploit commercial imagery and external subject matter
expertise will assist in the development of a clearer understanding of the joint
NATO/PfP operational environment
• Open source analysis uses traditional intelligence analytical skills, although some
additional talents are required to ensure effective and rapid retrieval of data
• There would need to be an assessment of the validity of the product
• Training of personnel for such a programme can be easily developed and
conducted at a number of places of excellence throughout the Alliance
• The programme would provide 24 hour access to NATO and national staffs with
specific “customer” targets established in relation to the delivery of the required
• The entire operation could be undertaken by a commercial provider but the
involvement of staff from all member nations would be an important consideration
THEORY AND HISTORY OF OSINT
UNDERSTANDING OPEN SOURCES
Eliot A. Jardines, Open Source Publishing Inc., http://www.osint.org/
Excerpt from “Open Source Exploitation: A Guide For Intelligence Analysts”,
produced by Open Source Publishing Inc. for the Joint Military
Intelligence Training Center (JMITC)
Open Sources Defined
The Intelligence Community has an official definition for open source information. It is
contained in a Director of Central Intelligence Directive (DCID) which established the
Community Open Source Program Office, effective 1 March 1994. The definition is:
Open source information for purposes of this directive is publicly available information (i.e.,
any member of the public could lawfully obtain the information by request or observation), as
well as other unclassified information that has limited public distribution or access. Open
source information also includes any information that may be used in an unclassified context
without compromising national security or intelligence sources and methods. If the
information is not publicly available, certain legal requirements relating to collection,
retention, and dissemination may apply.(1)
An important subset of open source information is called Grey Literature. The Interagency
Grey Literature Working Group (IGLWG) is defined as follows:
Grey literature, regardless of media, can include, but is not limited to, research reports,
technical reports, economic reports, trip reports, working papers, discussion papers, unofficial
government documents, proceedings, preprints, research reports, studies, dissertations and
theses; trade literature, market surveys, and newsletters. This material cuts across scientific,
political, socio-economic, and military disciplines.(2)
Organizations that typically generate the largest quantities of grey literature include: research
establishments (laboratories and institutes); national governments; private publishers
(pressure groups/political parties); corporations; trade associations/unions; think tanks; and
academia. Open source information, then, is acquired from newspapers, television and radio
broadcasts, books, reports, journals, and photographs and other images. Of course, these
sources have been used successfully in the intelligence production process for many years.
What is different now is that there has been an explosion in the quantity and variety of open
source material published electronically and readily searchable on-line. The ability to search
the World Wide Web or in essence, millions of pages of text within seconds, has proven to be
the major impetus for the rise in popularity of open source information as a viable and fruitful
component of the all-source process.
Open Sources Quantified
In 1992, during his tenure as Deputy Directory of Central Intelligence, Admiral William O.
Studeman reported on the contributions and capabilities of open sources. In an article for the
American Intelligence Journal, Admiral Studeman wrote:
We have identified some 8,000 commercial databases - and the vast majority has potential
intelligence value. The number of worldwide periodicals has grown form 70,000 in 1972 to
116,000 last year. The explosion of open source information is most apparent in the
Commonwealth of Independent States (ed. The former Soviet Union), where today, there are
some 1,700 newspapers that were not published three years ago. FBIS (Foreign Broadcasting
Information Service) monitors over 3,500 publications in 55 foreign languages. And each day
it collects a half a million words from its field offices around the world and another half a
million words from independent contractors in the U.S. - that’s equivalent to processing
several copies of War and Peace every day.(3)
Open source information is available from a wide variety of sources and presented in a
variety of formats. Surprisingly, most of the world’s information (some estimates are as high
as 80%) remains in printed form stored in libraries or other repositories. Despite the very
rapid growth in the quantity and variety of information in electronic formats, the ratio
between traditional hardcopy and electronic format information may not be changing
significantly because the volume of printed material has also increased in the information
Recently, the total quantity of data available on the Internet was estimated to be six terabytes
(one terabyte = 1,000 gigabytes).(4) While that may seem to be a tremendous amount of
data, a community library containing 300,000 volumes has about 4 terabytes of data. The
largest library in the world, the United States Library of Congress has more than 100 million
publications. So, while data on the Internet can be searched quickly, the total data available
represents only a small percentage of the available open source information. However, the
growth of data on the Internet is explosive. A large US telecommunications company has
estimated Internet traffic growth at a rate of 30% per month! At that rate, Internet traffic
volumes doubles roughly every ten weeks.
It is also important to understand the volatility of Internet data. In a 1997 article, Internet
guru Brewster Kahle indicated that the average life of an Internet document was 75 days.(5)
Whole Internet sites appear and disappear frequently and without notice. For the open source
analyst, this means that any attempts to catalog Internet sites will be difficult and require
continuous maintenance to stay current. In short, it may not be enough to simply bookmark
Web resources in a browser, effective open source exploitation may require actual archiving
of Internet sites.
Contribution Of Open Sources To The All-Source Product
Various attempts have been made to measure the contribution of open sources in the
production of finished intelligence. Depending on the topics and the speaker, estimates range
from negligible to 80%. Even the most enthusiastic supporters of open sources admit that
they are just one of the several sources which support the production of finished intelligence
products. One of the most widely quoted descriptions of the role of open sources states:
Open source intelligence provides the outer pieces of the jigsaw puzzle, without which one
can neither begin nor complete the puzzle. But they are not sufficient of themselves. The
precious inner pieces of the puzzle, often the most difficult and most expensive to obtain,
come from the traditional intelligence disciplines. Open source intelligence is the critical
foundation for the all-source intelligence product, but it cannot ever replace the totality of the
1. Director of Central Intelligence Directive (DCID) 2/12 effective 1 March 1994. This
directive established the Community Open Source Program Office (COSPO) that was
charged with development, coordination and oversight of open source efforts throughout the
US Intelligence Community. COSPO has recently been reorganized and renamed the
Community Open Source Program (COSP) an organization within the Foreign Broadcast
Information Service (FBIS).
2. Definition provided by Mr. Bruce Fiene, Executive Secretary, STIC Open Source
Subcommittee in a memo dated 15 October 1994.
3. Admiral William O. Studeman, “Teaching the Giant to Dance: Contradictions and
Opportunities in Open Source Information within the Intelligence Community” American
Intelligence Journal, Spring/Summer 1993, pp. 11-13.
4. Steve Lawrence and C. Lee Giles, "Accessibility of Information on the Web," Nature, July
8, 1999, 107. The authors, both NECI researchers, indicated that as of February 1999, the
publicly indexable World Wide Web contained 800 million pages, comprising six trillion
bytes of text and three trillion bytes of images.
5. Brewster Kahle, “Preserving the Internet,” Scientific American, March 1997, 82.
6. Dr. Joseph Nye, then Chairman, National Intelligence Council, speaking to members of
the Security Affairs Support Association at Fort George G. Meade, Maryland, on 24 April
THE ROLE OF OPEN SOURCES AS THE
FOUNDATION FOR SUCCESSFUL ALL-SOURCE
Mr. Charles Allen, Assistant Director of Central Intelligence
for Collection, keynote speaker on Requirements, Collection,
and Current Awareness: The Human Dimension
Thank you, Robert, for your kind introduction. I am pleased to be able to address a topic of
such importance to the Intelligence Community. The conference program (and Robert’s kind
introduction) bills me as a “KEYNOTE” speaker. In fact, we all know that, because of the
World Wide Web, I am also a “KEY WORD” speaker. My talk will be posted on the Web,
subject to key-word retrieval—electronic “pull”. Many keywords, by happenstance, will
cause this paper to be delivered to the desktops of people who are looking for something
entirely different. It serves, however, to point out a problem that the Intelligence Community
faces—which all of us face. There is such a volume of open source information that we must
rely on information technology to help sort it out, and that technology is quite crude.
For the intelligence analyst, the very richness of open source, and the imprecision of retrieval,
pose barriers to effective use of open sources. Compare this to the processes in place for
dealing with one of the other intelligence disciplines … or, “INT’s.” Each of the other INTs
has costly and elaborate organic processes that sort out the “signal” from the “noise”—
separating the accurate agent report from gossip and invention, separating the real airplane
from the plywood decoy.
Take the HUMINT machinery, for example: Analysts and policy makers anticipate their
need for information and make those needs known to the HUMINT community—that fabled
apparatus of spies and case officers—and by extension to military attaches and to foreign
service officers. Overtly and covertly, US Government personnel seek out individuals who
possess or have access to the information that will improve US policy making and warn us of
hostile intent. The sources, themselves, are often in a good position to sort out wheat from
chaff, and the information made available to us by these sources is further refined in the
process of drafting reports sent back to Washington. Here in Washington, additional scrutiny
is applied before a report is released to the analysts. Disingenuous reports are suspected,
vetted, and usually discounted. Repeated interactions with the field, often all the way back to
the source, often take place. The bottom line is that knowledgeable humans apply their
insights at every stage in the HUMINT process, from initial tasking through the satisfaction
of that tasking.
The SIGINT System, too, invests in a costly processing apparatus of human experts to refine
requirements and sort out and add value to intercepted information. This quality-assurance
overhead is above and beyond the technical machinery needed to make electronic blivots
sensible to people. Target by intelligence target, SIGINT analysts laboriously refine
mountains of ore to find nuggets of information. A sizeable fraction of the SIGINT System is
devoted to winnowing down the raw data so that only the more meaningful information flows
to the all-source analysts and policy makers.
Likewise, the Imagery system has elaborate, human-intensive tasking and analytic processes.
Imagery-savvy people help the all-source analysts better define their questions and translate
them into imagery tasking. And, it is still humans, today, who transform the uncountable,
esoteric pixels into meaningful, digestible, pieces of hard information. Still others augment
the reports with, annotated, easily understandable pictures ("happy snaps"), which illustrate
But, what about the US Government's open source enterprise? What similar investments do
we make? What similar processes do we operate? A knowledgeable audience, you know the
answers. Indeed, you probably anticipated the questions. Only for traditional foreign
media—newspapers, radio and TV—is there a semblance of a US Government “system” in
place. The Foreign Broadcast Information Service, FBIS, is miniscule in comparison to the
machinery of the other intelligence collection disciplines. Yet, it provides a service of
common concern for the U.S. Government by seeking out, translating, and reporting foreign
media information. Proud of its tradition, which prophetically antedated Pearl Harbor, the
Foreign Broadcast Information Service advertises its "smart front end"—dedicated human
beings with cultural ties to the countries of interest and continuity with the issues. This smart
front end has made FBIS a premiere reporter of international events.
However, the distribution media for open sources are changing, the bandwidth increasing and
the cost decreasing. By lowering the effective entry cost of publication, new open sources
spring up daily and the overall volume is increasing dramatically. It is not clear that the
strategy of a human-powered "smart front end" will see us into the future … not clear that it
"scales up." To its credit, FBIS is engaging the new technology on its own terms. Whether
we are keeping pace or simply falling behind less quickly is an open question. Investment
resources for new technology are scarce and the technology cannot yet deliver the precision
of selection which we attribute to the experienced human operators.
Having hewn to your conference theme of "the human dimension," and having described
what is, I should like to try out on you my ideas about what should be. Then, time
permitting, I will close on the advertised topic of "The Role of Open Sources as the
Foundation for Successful All-Source Collection Strategies."
The history of how I came to be the Assistant Director of Central Intelligence for Collection
is one of spirited negotiation … not so much about Charlie Allen the person …(although
modesty permits me to admit there was some of that.) More to the point, there was spirited
negotiation about the roles and mission of the ADCI/C, … about the value such a position
could add, … indeed, about the very need for such a position.
Many who vied to architect the "New, Improved, Post-Cold-War" Intelligence Community
believed we should institutionally reorganize around the "core business processes" of
Collection with attendant Processing; and,
Analysis and Production.
Or, if wholesale institutional reorganization were more than the system could bear, then,
clamored the reinventionists, there should be positions created to embody the management of
these core businesses. In the event, Congress created two such positions: the Assistant
Director of Central Intelligence for Analysis and Production; and, the Assistant Director of
Central Intelligence for Collection. Not surprisingly, Congress as creator decided these
should be confirmatory positions; the Administration was less sure.
Mr. John Gannon serves as ADCI/AP and I serve as ADCI/C. Neither of us has stood for
confirmation, but our nominations were made with the advice and consent of the Congress.
This is largely a distinction without a difference. Both of us enjoy the strong support of
Director Tenet and of the Congress. (About the only difference I can make out, is that you
should not refer to me as "The Honorable Charles E. Allen".)
The logic of the proposed reorganization, and ultimately the logic of my position was and is
that the collection disciplines—SIGINT, HUMINT, IMAGERY, and to a lesser extent
MASINT and Open Source—were perceived as being inward looking. Referred to as
"stovepipes", the "INT's" were thought to be collectively less efficient even as they strove to
be individually more efficient. The whole was no greater (and perhaps less) than the sum of
The theorists would say that we were "optimizing locally" as opposed to "optimizing
globally" and the changed state of the world to which intelligence speaks is less tolerant of
local optimization. Said simply, we can no longer afford the luxury of collection stovepipes
given these changes. Principal among the changes, are four that I should like to mention
First is the thankful loss of the principal adversary, the Soviet Union, which had the
means, and perhaps the motive to devastate the United States.
Second, and less thankfully, the principal adversary has been replaced with a diversity
of asymmetric adversaries, who would challenge us with biological, chemical, and
perhaps cyber weaponry.
Third is the decline in resources allocated to intelligence.
Fourth is the loss of our collection monopoly in reconnaissance imagery …which,
since it is an open source issue, deserves a digression here.
The coming commercial availability of high quality space imagery—coupled with resource
constraints on the next generation of U.S. Government imagery satellites—means a potential
adversary could access imagery functionally equivalent to that of US forces. For those of us
in the U-2 generation, accustomed to an ever more commanding lead in imagery products,
this is a watershed event. We may be looking at the culmination of Eisenhower's "open
skies" policy … which takes some getting used to. More frightening, we may have reached
the point where even dramatic improvements in US Government-unique imagery assets could
not alter the equation. Even though we might know everything, the adversary might still
know too much. Imagine trying General Swartzkopf's "Hail Mary" left hook in the desert
against an imagery-informed adversary.
The Eminence Grise of Open Source, our host Robert Steele, is quoted as strongly
recommending "… that all managers and analysts take the time to understand what
commercial imagery and geospatial data can contribute to their production process. Very high
resolution commercial imagery, with processing, is available for only $10.00 to $40.00 a
square kilometer. No intelligence product should be regarded as complete until it has
considered the possible value-add of commercial imagery."
The US Government may wring its hands about the likelihood that potential adversaries
might make better and better use of better and better open sources. However, I suspect many
in the audience worry that the US Government, itself, will fail to take advantage of
commercial open source offerings. In some ways the Intelligence Community's flirtation
with commercial open sources mirrors the broader embrace of commercial, off-the-shelf
products by the Department of Defense—an embrace likened to that of two porcupines, who
do it very, very carefully.
As a shopper, the US Government is a prisoner of its procurement legacy—a history of
monopolizing the market, perceiving its needs to be unique, and reimbursing vendors for
costs incurred. This manifests itself in our nit-picking the content of commercial offerings,
and our persistent, prurient interest in production cost, rather than market price. If we are to
make better use of commercial, off-the-shelf, offerings our motto should be: adopt, adapt,
Our first recourse should be to simply adopt from the available offerings those which closely
approximate our needs. Or, we should adapt our processes, where possible, to make use of
available offerings. Failing that, we should advertise our needs and stimulate vendors to
fulfill those needs within their commercial practice.
Some have suggested that each of the Community's components have a "gold team" whose
job it would be to advocate, unabashedly, the use of commercial offerings. Another
suggestion is aggressive use of "Activity-Based Costing" (ABC), which would show how
much each in-house process really costs. This works in tandem with another suggestion, that
we take better advantage of Federal Acquisition Regulations (FAR's) which already permit
market-price procurement without demanding proprietary cost data.
The glue that holds these suggestions together is an independent estimate of the true worth of
a product. We should adopt commercial offerings gleefully if their market price is less than
their intrinsic worth to us, and less than the cost of doing it ourselves. (That is why I am
committed to develop better measures of effectiveness for all US intelligence collection
Now, having digressed to establish my bona fides as a friend of open source and a champion
of commerce, let me return to the job of the ADCI/C and the ostensible topic of my talk: "The
Role of Open Sources as the Foundation for Successful All-Source Collection Strategies."
Permit me to describe my Strategic Intent for Intelligence Collection. The lineage of my
vision traces back, directly, to the Director's Strategic Intent, which, in turn, flows from the
President's National Security Strategy for a New Century. Countering the threats to U.S.
interests—regional or state-centered threats; transnational threats; spread of dangerous
technologies; foreign intelligence inroads in the US; and failed states—the President's
Strategy stresses, foremost, the need for integrated approaches. In similar vein, Director
Tenet's first objective is to "unify the Community through Collaborative Processes."
For my part, the outcomes to which I propose to commit the collection community are to:
Institutionalize and make routine collaborative cross-INT activities so as to optimize
collection resources across disciplines and controlling authorities.
Enable consumers to express their needs easily and to track the satisfaction of those
needs through collection, processing, exploitation, and dissemination.
Structure an integrated collection system that is sufficiently agile to respond to
Maintain balance in attending to short-term and long-term needs and ensure the
development of collective capabilities that address long-term needs.
Rationalize collection resources with bottlenecks in processing, exploitation and
As you can see, these preferred outcomes all share the flavor of collaborating, integrating,
and optimizing across what have traditionally been collection stovepipes. Open source has
always been the backdrop against which the individual INT's play. The first step in
formulating a HUMINT strategy against an issue has traditionally been to perform an open
source study and assign to open sources as many primary and secondary collection
responsibilities for that issue as possible. The SIGINT system, likewise, consumes a
prodigious amount of open source as it beavers away, and likewise IMINT uses open sources
to set in context its own divinations.
As we look to the future of more tightly coupled collection disciplines, there is every reason
to suppose that open sources will provide the matrix about which the other INT's will
coalesce. As I have extrapolated from present to future, I am yet humbled by Yogi Berra's
commentary about the hazards of prediction, especially about the future. Allow me to
reminisce about previous predictions in the open source business.
Five years ago, from a podium like this, at a conference like this, Dr. Markowitz, erstwhile
Director of the Community 0pen Source Program 0ffice prophesied that CIA analysts would
soon have easy access to the Internet which would make information "… affordable and
accessible, but [he worried that] electronic filtering hasn't progressed as far as we'd like." At
that same conference, our host Mr. Steele estimated it would take US intelligence agencies
five to 10 years to figure out the Internet. More colorfully, he stated that "The CIA is a
dinosaur in decline, while the Internet is the future of civilisation." As it turns out, both gave
timeless prognostications: CIA analysts are still just about to gain universal access to the
Internet at large, and electronic filtering still hasn't progressed as far as we'd like. The
Internet appears increasingly central to the future of civilization, and …I leave you to decide
whether CIA has proven to be a dinosaur in decline.
To close on a grander note, the ultimate test of the President's National Security Strategy is
"our success in meeting the fundamental purposes set out in the preamble to the Constitution:
…provide for the common defence, promote the general Welfare, and secure the
Blessings of Liberty to ourselves and our Posterity…"
And this, in turn, will be the final proof of Director Tenet's Strategic Direction, my
supporting collection strategy, and of the open source contribution to that strategy.
REVIEW ESSAY - OPEN SOURCE INTELLIGENCE
Richard S. Friedman
From PARAMETERS, http://carlisle-www.army.mil/usawc/parameters
Ninety percent of intelligence comes from open sources. The other ten percent, the clandestine
work, is just the more dramatic. The real intelligence hero is Sherlock Holmes, not James
Bond. -- Lieutenant General Sam Wilson, USA Ret. former Director, Defense Intelligence
Former Ambassador to Algeria L. Craig Johnstone (presently State Department Director of
Resources, Plans and Policy) recently told a Washington conference that during his
assignment in Algeria, he bought and installed a satellite dish enabling him to watch CNN so
he could have access to global news. He recalled:
The first week I had it running was the week of the Arab League summit in Algiers and, for
whatever reason, the Department was interested in finding out whether Yasser Arafat would
attend the summit. No one knew, and the day of the summit Washington was getting more
frantic. We in the Embassy were banned from the summit site so there was no way we could
find out whether or not Yasser Arafat would show. Finally, at about noon I was home for
lunch and watching CNN when the office of the Secretary of State called. The staffer on the
other end asked if there was anything at all he could tell the Secretary about Arafat's
participation. And just then, on CNN I saw a live picture of Yasser Arafat arriving at the
conference. "He is definitely at the conference," I reported. The staffer was ecstatic and went
off to tell the Secretary. The next day I received a congratulatory phone call from the NEA
bureau for pulling the rabbit out of the hat. How did you find out, they asked? The secret was
mine. But I knew then and there that the business of diplomacy had changed, and that the role
of embassies, how we do business in the world, also had to change.
Ambassador Johnstone's story provides an example of the value of information from open
sources. Allen W. Dulles, when he was Director of Central Intelligence, acknowledged to a
congressional committee, "more than 80 percent of intelligence is obtained from open
sources." Whether the amount of intelligence coming from open sources is 90 percent, 80
percent, or some other figure, experienced intelligence professionals agree that most
information processed into finished intelligence may be available from open sources. This
essay explores the significance of a trend toward increased recognition of the role of open
source information and discusses what this may mean for intelligence consumers at every
The use of information from open sources (OSINT) for intelligence production is not a new
phenomenon. Intelligence services in most nations have always made use of OSINT obtained
by working with scholars in academia, debriefing business travelers and tourists, and
examining foreign press and broadcast media. Intelligence prepared from sources available to
the general public draws from books, periodicals, and other print publications such as
catalogues, brochures, pamphlets, and advertisements. Also included are radio and television
broadcasts and a more recent technological innovation, the Internet. Collectively, these are
frequently referred to as open media resources.
Intelligence--information and analysis that is not available to the public--is prepared for use
by policymakers and military leaders inside the government. Intelligence is categorized
customarily according to the source from which it is obtained. Today, five sources are
Reports from human sources (HUMINT)
Photo imagery, including satellite
Measurements and signature intelligence: physical attributes of intelligence targets
Open source intelligence
Interception of communications and other signals
While most discussions of open source intelligence seem to concentrate on intelligence
collection, it is important to view intelligence trends in conjunction with developments in its
traditional components. These components are:
Costs. With decreasing national security budgets, government leaders are having to
examine their infrastructure. As military forces become more dependent on off-the-shelf
commercial technology, intelligence organizations appear headed toward greater reliance on
open source intelligence.
Sources. Cost-driven decisions dictate that a significant quantity of intelligence
requirements can be filled by a properly designed comprehensive monitoring of open sources,
either by the intelligence establishment itself or by private organizations. A particular
advantage of open source intelligence is that the product can be maintained at a low level of
classification required for these sources and methods. This outcome allows relatively wide
dissemination and distribution when compared with material from other sources. This
characteristic of open source intelligence is particularly important in coalition operations.
• Methods. It has been demonstrated many times that good intelligence production relies on
all-source assessment. Traditional intelligence structures and methods have been optimized
for designated core or central missions, and today many of these remain structured to meet
Cold War requirements and scenarios. Current and likely future contingencies seem less
likely to involve major hard military net assessments and diplomatic intelligence than was the
case between 1945 and 1991. Current and future contingencies probably will continue a trend
toward soft analyses of complex socioeconomic, technological, and political problems, and of
issues that will include such items as international organized crime, information warfare,
peacekeeping operations, and activities associated with special operations and low-intensity
Targets. Intelligence targets of greatest concern to US leaders have changed since the
collapse of the Soviet Union, the accompanying geopolitical upheavals (such as political
deterioration in the Balkans), and changes in Western perceptions of global security interests
(e.g., the significance of the Middle East). Intelligence agencies must now focus their
activities on a far broader range of targets and potential targets than was common in the Cold
War era. Today, intelligence professionals have to be concerned with terrorism, major
international crime, and arms proliferation, including programs in some areas to produce
weapons of mass destruction. They have to be prepared for possible military intervention on
short notice in overseas conflicts or for humanitarian relief. Some of these targets require
constant scrutiny in substantial depth; for others, broad general surveillance will suffice-provided a reserve or surge capability is maintained.
Although many aspects of intelligence work are changing, for the near term the
preponderance of them will probably remain familiar. Today's emerging main problem is
how to deal with new and indistinct boundaries among and between intelligence
organizations and functions, and increasing ambiguity in roles and missions. Any intelligence
officer who has ever worked at a senior level knows that senior policymakers and
government officials abhor ambiguity; they want timely, accurate intelligence. As Peter
Schwartz, a recognized futurist, founding member of the Global Business Network, and
author of The Art of the Long View, told his audience at the Colloquium on the 21st Century,
"We will see not only changing rules of the game, but new games. There is an emerging
competitive information marketplace in which non-state intelligence will be `cheap, fast, and
out of control.'"
Enthusiastic proponents of open source intelligence argue that the information revolution is
transforming the bulk of any nation's intelligence requirements and reducing the need to rely
upon traditional human and technical means and methods. But Robin W. Winks,
distinguished Yale University historian who served in the Office of Strategic Services during
World War II and in its successor, the Central Intelligence Agency, concluded, "Research and
analysis are at the core of intelligence . . . . [Most] `facts' are without meaning; someone must
analyze even the most easily obtained data."
The emerging debate between investing in technology and developing competent analysts
concerns itself basically with the value and role of open source intelligence. To understand
some of the forces that are shaping the debate, we need to weigh the relative benefits of
primary and secondary sources, two discrete subsidiary classes of open source material.
Primary sources, generally taken to include print and electronic media, have always provided
information of value to the intelligence community in current intelligence, indications, and
warning as well as background information used by analysts in their work. What the so-called
information revolution has done is to increase the ability of users to gain access and to
manipulate the information, and although most intelligence managers do not believe that the
number of primary sources has expanded greatly, the number of secondary sources has
increased exponentially. To compound the analyst's problem, the objectivity and reliability of
many secondary sources are often questionable. We will need more experience before we can
accept expansion of secondary sources as a benefit to the management of national security.
The largest general open source collection in the world is the Library of Congress. To replace
the original library, which was destroyed during the War of 1812, Congress in 1815
purchased the private library of former President Thomas Jefferson, greatly increasing the
collection's size and scope. The Library of Congress now includes works in more than 450
languages and comprises more than 28 million books, periodicals, and pamphlets as well as
manuscripts, maps, newspapers, music scores, microfilms, motion pictures, photographs,
recordings, prints, and drawings. The library's services also include research and reference
facilities, which coordinate with or amplify local and regional library resources.
There are also several thousand databases available from commercial organizations;
LEXIS/NEXIS, Dialog, Reuters, and The New York Times come to mind. Any discussion of
contemporary open sources must now include the Internet and the World Wide Web
(WWW). The World Wide Web (developed in 1989) is a collection of files, called Web sites
or Web pages, identified by uniform resource locators (URLs). Computer programs called
browsers retrieve these files.
The term "Internet" describes the interconnection of computer networks, particularly the
global interconnection of government, education, and business computer networks, available
to the public. In early 1996, the Internet connected more than 25 million computers in more
than 180 countries. The Internet provides an immense quantity and variety of open source
information and must be increasingly looked upon as a source for intelligence purposes.
The Internet and the World Wide Web exemplify technology that is not yet mature. One
hallmark of immature technology is an underlying anarchy and a potential for disinformation.
In October 1938, when radio broadcasting was emerging as a reliable source of information,
producer-director Orson Welles, in his weekly radio show Mercury Theater, presented a
dramatization of an 1898 H. G. Wells story, War of the Worlds. The broadcast, which
purported to be an account of an invasion of earth from outer space, created a panic in which
thousands of individuals took to the streets, convinced that Martians had really invaded Earth.
Orson Welles later admitted that he had never expected the radio audience to take the story so
literally, and that he had learned a lesson in the effectiveness and reach of the new medium in
which content was struggling to catch up to technology.
Recent examples with the Internet and its spin-offs suggest that e-mail abuses, careless gossip
reported as fact, and the repeated information anarchy of cyberspace have become
progressively chaotic. This does not mean that the Internet and the Web cannot be considered
seriously for intelligence work, but it does mean that intelligence officers must exercise a
vigilant and disciplined approach to any data or information they acquire from on-line
In December 1997, senior officials from Germany, Canada, France, Italy, Japan, Britain,
Russia, and the United States (the Group of Eight industrialized nations) gathered in
Washington to explore the transnational nature of computerized crime, with specific attention
to opportunities for criminals to exploit the Internet's legal vacuum. Among the facts
presented to the officials were these:
Almost 82 million computers worldwide are now connected, according to a Dataquest
Market Research Report.
By 2001 the number of linked computers is expected to reach 268 million.
The FBI estimated that by 1997, the value of computer crime in the United States had
reached $10 billion per year.
Government agencies are fertile ground for hackers; in 1995 the Pentagon was
attacked by hackers 250,000 times, with a 64 percent success rate. The Department of
Justice and the Central Intelligence Agency have also been hacked. And the tension
over access to Iraqi weapon sites in late 1997 and early 1998 produced a surge of
attempts to penetrate US Department of Defense databases.
The San Francisco-based Computer Security Institute surveyed 536 companies or
government agencies, 75 percent of which reported substantial financial losses at the
hands of computer criminals.
The principal significance of these facts for the intelligence officer is that Internet sources are
subject to manipulation and deception. Consequently, counterintelligence and security
processing will henceforth have to include cyberspace during analysis.
Perhaps the greatest value to military organizations in this array of adjustments following the
end of the Cold War and the proliferation of technologies is freedom from confinement to a
fixed geographic site for ready access to basic unclassified references. Modern
communications will free deployed military from the need to transport large quantities of
reference material (classified and unclassified) during operations. Military forces in the field
can now tap into an immense quantity of information resources in near real-time. Four
relevant types are:
Basic intelligence, such as infrastructure, geography, and order of battle
Cultural intelligence concerning the society in which the force may be required to
Information of a contextual nature which relates to operational or intelligence
Current intelligence reporting concerning the situation in the operational area
Since the quantities of information available are great and much of the information is often
irrelevant, staffs of deployed units may find it difficult to use the information productively.
Deployed organizations may well have to establish forward and rear intelligence activities.
The threat of information warfare will have to be taken into account in planning and
executing split-echelon operations.
Providing unclassified information to the general public as well as to officials is the objective
of democratic governments in their declarations of open and immediate reporting. Even the
tabloid press has never advocated a freedom that would deliberately compromise national
security or put the lives of service members at risk, yet there can be unintended consequences
from such expanded openness. The British government learned this during the 1982
Falklands campaign when a BBC reporter inadvertently revealed operational plans for what
proved to be a costly assault at Goose Green by the Parachute Regiment: the enemy was
listening. During Operation Desert Storm, the US government and its coalition partners
would encounter other problems. While CNN was reporting directly from the theater of
operations, government control of mass communications was in effect in Israel, Jordan, and
Saudi Arabia, as it was in Iraq. The sites of SCUD attacks on Israel were quickly cordoned
off by the authorities; media representatives were granted access only after a response had
been determined by the Israeli government. The state-owned Iraqi media not only repeatedly
told its citizens they were winning the struggle, but it manipulated reporting of the use of the
Patriot missile against the SCUD, ensuring that CNN and others reported only what the Iraqi
government wished. Coalition anti-SCUD measures soon were placed under direct control of
Intelligence consumers, government officials, and policymakers have not been complaining
about a shortage of information; they are suffering from a saturation. The flood of massproduced data now available and the ensuing overload means that collection is no longer the
principal problem. The greater challenge facing intelligence organizations is analysis,
consolidation, and timely dispatch of data and results to the individuals who need it.
Effectiveness in this process will depend upon allocation of human resources among those
responsible for analysis and others responsible for its transmission. An information
management executive will consider any increase in volume as proof that information is
being managed better, even more efficiently. But the information manager is not in the
business of analysis, so he or she is not interested in how well or poorly the information is
interpreted, or even if it contains disinformation or inaccuracy. One cannot equate increased
throughput to improved situation awareness within a theater of operations.
Nevertheless, the quantitative arguments of information managers recently have become
more effective than those of the intelligence community with respect to open source policy.
The last time a similar contention occurred, the proponents of technical intelligence argued
that they had the key to ultimate wisdom. As the late Ray Cline, one-time Deputy Director of
Intelligence at CIA and later Director of the Department of State's Intelligence and Research
The technical miracle has greatly reduced the burden on the secret agent. Lives need not now
be risked in gathering facts that can easily be seen by the eye of the camera. . . . Instead the
agent concentrates on gathering ideas, plans, and intentions, all carried in the minds of men
and to be discovered only from their talk or their written records. Nobody has yet taken a
photograph of what goes on inside people's heads. Espionage is now the guided search for the
missing links of information that other sources do not reveal. It is still an indispensable
element in an increasingly complicated business.
Claims of open source enthusiasts need to be examined in context. Those making extravagant
claims sometimes have little vested interest in the role and value of open source materials, or
even the knowledge or experience to make reliable judgments about the broader issue of
multidisciplined all-source analysis by skilled intelligence analysts.
The communications revolution is presenting intelligence organizations with a new challenge
far beyond that of mass production. Like other enterprises, intelligence now faces
competition from directions believed to have been impossible only a few years ago. As has
been true with commerce and industry, intelligence will have to remodel its organization,
form new associations, tailor or customize its products, and question its fundamental
missions. So long as there are nations led by aggressive totalitarian rulers inclined toward
terrorism, or there are fanatics equipped with lethal weapons, democracies will continue to
need effective secret services.
1. Reported by David Reed, "Aspiring to Spying," The Washington Times, 14 November
1997, Regional News, p. 1.
2. Remarks at opening session of the Conference Series on International Affairs in the 21st
Century, US State Department, Washington, D.C., 18 November 1997.
3. US military operations in Somalia, Haiti, and Bosnia are examples of requirements of a
4. It is important to keep in mind an old intelligence maxim: "You can't surge HUMINT!"
5. Address, Washington, D.C., 21 October 1997.
6. Robin W. Winks, Cloak & Gown: Scholars in the Secret War, 1939-1961 (2d ed.; New
Haven, Conn.: Yale Univ. Press, 1996), p. 62.
7. One source estimates the current total to be more than 8000 such databases.
8. The Internet was initially developed in 1973 and linked computer networks at universities
and laboratories in the United States. This was done for the US Defense Department's
Advanced Research Projects Agency (DARPA). The project was designed to allow various
researchers to communicate directly in connection with their work. It was also developed
with the idea in mind that it could provide a nuclear survivable communications system.
9. Current estimates suggest that around 30 million individuals and more than 40,000
networks are connected, numbers which appear to be increasing rapidly. The quantity of data
on the Internet is huge. One estimate is total content between two and three terabytes. (A
terabyte is a million megabytes.) A typical public library of some 300,000 books has about
three terabytes of data. Rajiv Chandrasekaran, "In California, Creating a Web of the Past,"
The Washington Post, 22 September 1996, p. H1. An essay by James Kievit and Steven Metz,
"The Internet Strategist: An Assessment of On-line Resources," Parameters, 26 (Summer
1996), 130-45, available on the Internet, is an excellent introduction and guide.
10. Ray Cline, "Introduction," in The Intelligence War (London: Salamander Press, 1984), p.
8. Emphasis added.
The Reviewer: Colonel Richard S. Friedman (USA Ret.) served in the European, African,
and Middle Eastern theaters in World War II as an intelligence NCO in the Office of
Strategic Services. After the war, he was commissioned from Army ROTC at the University
of Virginia, where he received a law degree. He subsequently served in a variety of
intelligence and special forces positions, including an assignment as the senior US
intelligence officer at NATO Headquarters in Brussels. Since retiring from the Army, he has
worked for the Central Intelligence Agency as a senior analyst, assistant national intelligence
officer, and staff operations officer. Colonel Friedman was the lead author of Advanced
Technology Warfare (1986) and contributed chapters to The Intelligence War (1984) and U.S.
War Machine (1987). As with all Parameters articles and reviews, the views expressed
herein are those of the author; they do not represent Department of Army policy or that of the
Central Intelligence Agency or any other agency of the US government.
Technical Briefing by Mason H. Soule and R. Paul Ryan
From Defense Technical Information Center, http://www.dtic.mil/
The Intelligence Community has long taken advantage of the domain of literature offered by
the large, worldwide publishing system -- that is, "normal" bookselling channels -- to identify
and acquire journals, serials, newspapers, books, databases, and other types of materials that
have intelligence value. Analysts combine these so-called open sources with classified
materials to provide timely, dependable, and actionable intelligence information to U.S.
policy makers and warfighters. Recent changes in political, economic, and even military
stances around the world, as well as advances in information technology, have opened up
new sources of information that are outside or not yet part of the normal publishing system.
One of the Intelligence Community's major challenges today is to acquire and utilize this
growing body of "grey information."
The terms "grey literature" and "grey information" are used interchangeably in this technical
brief. Traditionally, grey literature denotes hardcopy books and journals, and grey
information extends to other types of media. The principal distinguishing feature of grey
literature or grey information is that it is outside the normal bookselling channels, which
makes it relatively more difficult to identify and acquire than other open source literature.
Consequently, the Intelligence Community must devise ways to simulate the awareness and
document supply functions that the broader bookselling system already provides, in order to
improve its coverage of this type of information. At the same time, it is important to
recognize that the resources do not exist to create a duplicate system for grey information.
Scope of Grey Literature
The library science community broadly distinguishes among three kinds of literature:
"white" or published literature (books and journals, mainly having ISBN or ISSN
"ephemeral" literature (items of very short-lived interest such as printed airline
"grey" literature, which falls somewhere in between the other two types.
The Intelligence Community developed a definition of grey literature to suit its particular
needs, as part of its program to improve its exploitation of open source material. This
definition was generated and adopted by the U.S. Government's Interagency Grey Literature
Working Group (IGLWG) to support the group's charter of preparing a Grey Information
Functional Plan for member agencies inside and outside the Intelligence Community.
Building on a Library of Congress definition, the IGLWG distinguished grey literature from
other open sources as follows:
Grey literature is foreign or domestic open source material that usually is available through
specialized channels and may not enter normal channels or systems of publication,
distribution, bibliographic control, or acquisition by booksellers or subscription agents
(Interagency Grey Literature Working Group, "Grey Information Functional Plan," 18 January
There are many other interpretations of what constitutes grey literature. It remains difficult to
define because the boundaries between it and other open source information types vary by
user group, and are fuzzy and variable in time and space. But, it is important to those tasked
with acquiring this information to have as little ambiguity as possible. Accordingly, the
IGLWG included a discussion of the types of information conventionally considered grey.
These include, but are not limited to:
· academic papers
· committee reports
· conference papers
· research reports
· corporate documents · standards
· discussion papers
· technical reports
· government reports · trade literature
· house journals
· market surveys
· trip reports
· working papers.
Also as an aid to collectors the IGLWG noted the major kinds of organizations that produce
"Organizations that typically generate the largest quantities of grey literature include:
research establishments (laboratories and institutes); national governments; private
publishers (pressure groups/political parties); corporations; trade associations/unions; think
tanks; and academia."
These clarifications are important because they provide guidance to collectors who need to
know what kind of information their customers want to obtain. In summary, the key point to
make regarding scope is the following. Since grey literature is not well-covered by
conventional book trade channels, it is relatively more difficult to identify, acquire, process,
and access than conventional open source literature. Hence, if we desire to use grey literature
as a source of information, we must be prepared to accept a greater expenditure of resources
to collect and process this information in comparison to other open source material.
Problems with Grey Literature
Numerous difficulties arise when analysts attempt to use grey information. Here we mention
only a few major ones. First and foremost, grey literature is difficult to search for, identify,
and acquire. This puts significantly more burden on the traditional "collection" stage of the
intelligence cycle. For example, the only way to learn about or to acquire some trade
literature and unpublished conference papers is to attend the functions at which they are made
available. Collection networks must identify the event before it takes place, and coordinate
attendance and literature acquisition during the event.
Second, open source information already suffers from the problem of a low signal-to-noise
ratio, i.e., there are very few nuggets to be sifted from a large body of information. This
problem is exacerbated in the grey literature domain because thousands of organizations
generate literature, while only a fraction of these producers and their products are of interest
to the Intelligence Community. The situation worsens daily as the availability of information
from myriad Internet sites increases.
Third, grey literature is more difficult to process than other open source types because of its
predominantly nonstandard formats. Product brochures, for example, rarely provide adequate
information to allow them to be catalogued or retrieved easily. Important information, such as
author, title, place and date of publication, and publisher, often is lacking from other grey
literature types, as well. In addition, much grey information remains available only in hard
copy. Although this is changing as Internet distribution expands, the absence of standards and
keyword indexing will make it difficult to find information on this electronic forum with
other than direct character matches.
Fourth, grey literature varies radically in quality since it often is unrefereed. Integrity is an
issue with Internet data, as well, since electronic data are easy to alter.
Finally, foreign grey materials, which are the main interest of the Intelligence Community,
are often not in English. This places additional burden on the processing system which needs
human or machine translators to translate the material for the user.
Importance of Grey Literature
Key reasons for distinguishing grey literature from other open source materials lie not in the
problems it generates but in the value it provides. The Intelligence Community's interest in
open source literature stems from its potential to contain information of intelligence value
and which may be obtained cheaper, faster, and at a lower level of classification than
information acquired through other intelligence collection channels. As a subset of open
source, grey information has certain other attributes, as well.
1. It can provide information that often is unavailable in published open sources. Many
brochures and the information they contain never will appear in a published version.
2. It often is available on a more timely basis than conventional literature. Conference
papers, for example, are available long before any follow-on, published article will
appear, yet the information content of the two versions may not differ significantly.
3. It can corroborate important assertions found in other sources, which is always
paramount in intelligence analysis.
4. It may have a concise, focused, and detailed content. This is particularly true of
technical reports and unofficial government documents, whose information content
will be greatly reduced in the published form.
5. It is becoming a common means of information exchange, particularly as personal
publishing software improves and Internet access expands.
For all these reasons, grey literature must be part of an overall awareness strategy that
requires a thorough search be made of all available open sources in the quest to provide
answers to intelligence questions.
Federal Government Initiatives to Address Grey Literature
The successful exploitation of grey literature requires coordination and sharing of knowledge
by all involved parties to reduce average unit costs of grey literature. Recognizing this, in
February 1993, the Director of the Foreign Broadcast Information Service (D/FBIS) asked for
IC and non-IC participation to develop a functional plan for acquiring, processing, and
disseminating grey information throughout the IC. In response to that call, representatives
from the Armed Forces Medical Intelligence Center (AFMIC), Army Materiel Command
(AMC), Community Open Source Program Office (COSPO), Defense Intelligence Agency
(DIA), Defense Technical Information Center (DTIC), Department of the Army (DA),
Department of Energy (DOE), Library of Congress, National Air Intelligence Center (NAIC),
National Ground Intelligence Center (NGIC), National Security Agency (NSA), National
Aeronautics and Space Administration (NASA), and National Technical Information Center
(NTIS), met with FBIS and other CIA Headquarters components to form the Interagency
Grey Literature Working Group (IGLWG).
The Grey Information Functional Plan created by this group was approved by D/FBIS and
D/COSPO and released in January, 1995. It addresses issues of acquisition, processing, and
dissemination. The plan lists ten key findings that represent the basic precepts for action to
make grey information available to help fulfill intelligence needs in the 1990s:
Develop an awareness of the availability of grey information within or to
organizations as a means of minimizing acquisition and processing costs to other
Improve IC cooperation and coordination with key non-IC members that currently
collect the majority of grey information materials to maximize its availability and to
reduce duplicate acquisition.
Implement needs driven acquisition of grey information to better manage acquisition
Identify and assign areas of responsibility among Government agencies to cover
myriad subject areas on a worldwide basis with a dwindling resource base.
Provide timely notification of the availability of relevant grey information.
Utilize a tiered processing approach -- driven by user requests -- to minimize total
Institute long-term storage and retrieval systems.
Leverage existing U.S. Government capabilities for deposit and distribution to reduce
Incorporate advancements in enabling exploitation technologies (principally optical
character recognition, machine translation, and machine-aided indexing) to improve
Employ credible management metrics to ensure the continuing effectiveness and
efficiency of systems and processes.
The IGLWG believes that grey information can be better harnessed to satisfy intelligence
needs if we can carefully implement these basic ideas among acquisition agencies and wisely
use existing Government processing and distribution functions.
Members of the IGLWG have been involved in other ways to improve access to grey
literature, both as individual organizations and as part of multiagency ventures. Over the past
five years, first NASA and later FBIS, NAIC, DTIC, and COSPO have co-sponsored the
annual International Acquisitions Workshop to share knowledge of grey and other open
source collections and acquisition methodologies among Government information specialists.
Under a COSPO-funded project, NAIC developed a Grey Literature On-Line Catalog
(GLOC), a database residing on the CIRC system which describes the grey literature holdings
of many Government and non-Government information centers. FBIS has developed a Grey
Literature Tracking Database, which describes important FBIS grey literature acquisitions as
they are made available. NTIS has actively collected and made available many foreign
technical reports, including a large collection of South Korean studies. The Library of
Congress is working to make more Japanese grey literature available to its users. And DTIC
has been working with the British Library Document Supply Centre (BLDSC) to provide
access to the latter's excellent collection of conference papers and proceedings. All of these
activities could benefit from the broader participation of other Government agencies on the
Role for Information Technologies in Processing Grey Literature
The initial summit conference and this e-journal version of the proceedings are excellent
forums for the present paper because many dimensions of grey literature exploitation could
benefit greatly from the infusion of Information Technologies (IT). We discuss a few ways
that grey literature exploitation can be improved in the areas of acquisition, processing,
dissemination, and analysis.
The low signal-to-noise ratio of grey literature necessitates that identification and acquisition
be considered as separate steps in the collection phase, because a vacuum cleaner approach is
not possible with grey literature. Acquisition instead must be demand-driven. Help is needed
from the IT to relate grey literature availability to user requirements, as well as to share
awareness of interagency holdings to reduce duplicate acquisitions.
Much ongoing work in the Government is aimed at improving scanning, machine-aided
indexing, optical character recognition, and machine translation, which will benefit all open
source exploitation. In grey literature, a tiered processing system needs to be designed so that
resources commensurate with the demand for a grey literature product are expended on its
This is not generally an issue with grey literature since its real difficulties stem from its
acquisition and processing. Still, issues of copyright and electronic document dissemination
are important. The size of some technical reports make them harder to transmit or store
electronically, while copyright becomes a nightmare as thousands of producers must be
tracked down for royalty purposes.
As with processing, much work is ongoing to provide the analyst with tools to analyze digital
information. Metrics are needed to evaluate the cost effectiveness of grey literature as a
marginal source of intelligence. If it is not providing significant value, then acquisition and
processing methodologies must be rethought.
To improve analyst and information provider efforts to find grey information, we must
understand what role grey information can play in solving open source intelligence issues. It
is somewhat -- but not entirely -- artificial to think of grey information separately from open
source since grey information is a subset of the latter. It is important, however, to know how
to use grey information within this broader open source context. One must first exploit what
is possible from easier-to-obtain open sources before using possibly marginal sources from
the harder-to-obtain grey information domain. However, this cost reduction must be balanced
against the benefit of the more timely availability of some grey literature products. Analysts
must think about how grey information contributes to meeting their information needs and in
what subject areas it is most advantageous or productive. Analysts then must provide
feedback to the information providers who serve them.
A brief biographical notation
About Mason H. Soule: Mason Soule is a Research Scientist in the Systems Analysis and
Engineering Department of the National Security Division at Battelle Memorial Institute in
Columbus, Ohio. His Internet address is mailto:email@example.com.
About R. Paul Ryan: Mr. R. Paul Ryan became the Deputy Administrator of the Defense
Technical Information Center (DTIC) in July 1989. DTIC is the central source within the
Department of Defense (DoD) for acquiring, storing, retrieving and disseminating scientific
and technical information (STI) to support the management and conduct of DoD research,
development, engineering and studies programs.
In previous positions at DTIC, Mr. Ryan was Director, Office of User Services and
Marketing. He was responsible for developing and implementing a marketing program,
product management program and improved user services for DTIC. The Office acts as the
liaison between DTIC and its user community; manages several regional offices
(Albuquerque, Boston, Dayton, Los Angeles); provides training and support to the Defense
RDT&E; Online System (DROLS), and the Department of Defense Gateway Information
System (DGIS); manages such special programs as the Small Business Innovation Research
(SBIR) program; the Historically Black Colleges and Universities (HBCU) program and the
University Research Support (URS) program; and is responsible for the annual users
conference and regional meetings held each year.
APPLICATION OF OSINT
OPEN SOURCE INFORMATION
John W. Davis
Originally published in ARMY Magazine, July 1997
Imagine the horror of death by friendly fire. See the faces of a mother and father at the
moment they are told their son or daughter was killed by American fire. Today, far more than
bullets can cause this horrific scene. This is a new age, and there are new threats.
Information warfare is the latest theme to capture the imagination of the US Army. Force
XXI, the technological army with the narrow soldier base, depends on the rapid and accurate
flow of information to fuel its highly technical killing power. To protect its classified
information, this army can depend on traditional security elements. This new army, however,
also generates a massive amount of unclassified material that is overlooked by traditional
security measures. Could this material reveal the secrets the Army hopes to protect? In the
information revolution, "open source" information is the wild card of the modern battlefield.
It is a form of friendly fire. The Army must protect this vulnerability through operations
Information - its access, use, analysis and control - is clearly a military matter. Classified
information is protected by an array of security measures that are well known and practiced.
But what about the literally millions of bits of unclassified personnel, logistical, operational
and supply documents that Force XXI is generating? What can this information reveal and
who will watch over it? What will protect this information from the silent, listening collector
who is picking up the information that spews out over unsecured faxes, mail messages and
The Army must ask itself if this is a problem. Can the flow of information necessary to
conduct operations hurt the Service? What if the unclassified material is so voluminous, so
comprehensive, that it reveals the essential secrets the Army is otherwise so careful to
At the beginning of World War II, some 300 British engineers died because they could not
defuse the new electrical bombs dropped by the Germans over England. It took trial and error
and the chance discovery of intact electrical bombs on a downed German aircraft before the
technology was defeated.
Eight years earlier, in 1932, the technology for such bombs had been entered into the public
records of the British patent office, yet none of the engineers knew about this open source
Three hundred men died while the answer they sought gathered dust in an unlikely place.
Those who built the bombs that killed these men had found the information first and laid
claim to it legally and openly. Had they known this, it would have been easy to convince the
British people of the value of open source awareness.
An earlier example involves the Maxim gun. When asked in 1884 why Western nations had
colonized almost the entire known world, the English writer Hilaire Belloc said that it was
not because of their advanced civilization, greater universities or cultural advances.
No, he quipped, "Whatever happens, we have the Maxim gun, and they have not." Of course,
the technology for this early machine gun and other technological information was routinely
shared and sold in open contracts between "civilized" countries. In World War I this
exchange of information resulted in the slaughter of an entire generation; by then all nations
had access to the Maxim gun.
These stories show how open source information works. What is routinely, even
inadvertently given away today could kill someone tomorrow. Information that is not tracked
could later surprise the Army on the battlefield. These stories about open source information
end in bloodshed. Is it inappropriate to say that the victims died from friendly fire?
Information is the lifeblood of the high-technology Force XXI. An array of information will
deploy with Force XXI wherever it goes, whoever the adversary is. Unlike most of the
adversaries of the United States, whose technological developments are not shared openly,
much of the information about Force XXI’s development is available to the entire world. For
example, the Associated Press reported on a Pentagon armaments display showing soldiers
with heat-sensitive night-vision sights, lightweight body armor and computer backpacks.
They reported concepts about laser warplanes, seagoing missiles and more. Today there are
many armaments magazines, defense sites on the Internet and newspapers reporting the
business of warfare. These open sources of information are cheap, readily accessible and
Through the eyes of a western analyst, the publications are what they seem: military trade
journals that cover market share, sales opportunities, competitive and joint ventures, and
national acquisition goals. They are straightforward.
Graphs and computer-generated art enhance the stories and illustrate the concepts. In the
photographs used, sleek missiles fly, spotless armored vehicles roll and wholesome, clean
soldiers pose with the latest weaponry in pleasant pastures. There is no blood.
Consider now the reader of this same information from poorer, less industrialized, embargoed
or other-wise ostracized nations. Consider also the people of para-nations, the ethnic clans,
narcotics traffickers and terrorists. They see the same information in terms of life or death
choices. They cannot afford technical research or development, and they cannot "comparison
shop." They know they must choose wisely the first time because there may not be a second
choice. For them, the only collection method may be what they can learn from open
publications. The more sophisticated groups can build on information from open sources and
confirm their conclusions with traditional collection methods. Their interest is far from
Several truisms must be accepted in this new world of half-wars against nontraditional
adversaries. Poorer nations want to survive. In order to do so they are offered the Hobson’s
choice of spending what wealth they have on arms or relying on a guardian nation to arm
their people. They are not interested in future sales, in market share or in the bottom line. If
they do not choose correctly from the arms necessary to protect themselves, they will cease to
exist, or worse, be enslaved. Obviously, they see the world from a dramatically different
The West views military technology as a chess game. One player creates this, the opponent
creates that to counter it, and so on. In this rational game of give and take, no one dies and the
game goes on. Some call this the arms race, but nobody dies in a race. Such a sterile view of
the industry misses the point.
Analysts of arms markets from non-Western countries or para-nations see the armaments
industry differently, and arguably more clearly than Western nations do. They, like the
United States, will determine their needs and do all within their power and budget to acquire
those necessities. Unlike the United States, they see their existence as often nasty, brutish and
short. They often feel they must confront the killer at the door, rather than the economic
competitor in the pin-striped suit. It is not surprising that poorer countries decided to buy
machine guns as soon as they could afford them, once they saw what happened to those who
They are doing the same thing today, and have a vested interest in what is available on the
arms market and in how their potential adversary will fight. What if their potential adversary
is the United States?
These poorer countries want to know, simply put, how to beat the United States in battle. To
be able to surprise the US military, they will try to learn more about it than the military
knows about itself. They do not have the wherewithal to conduct massive technical research,
so they will take any shortcut. All open sources will be exploited. Why spend the money on
research and development if the final product is going to be for sale or is explained on the
Internet? Why test weapons if the answers nations seek are printed in publications that cost
only a few dollars each? Comparison tests will be done by those governments that see
weaponry more as a commodity to be marketed than as a means of killing people.
Western powers think of long-term strategies while poorer nations wonder how to stop the
immediate threat. They know they are dead if they make the wrong choices, so they research
information thoroughly. If they can piece together information about the true intentions of an
adversary from what they can collect on the open source market, they will do so. It may be
the only source they have. These are the types of adversaries the US military will confront
These differing perceptions of the world - one of the rich nations, the other by poor - must be
better understood. A poor man does not care about higher technology tomorrow if his weapon
will surprise his enemy today. To achieve this, he may act in a way contrary to what the West
considers to be in his best, rational interest. Westerners must see the world with new eyes their potential adversary’s eyes. History offers many examples.
In the 1920s, for instance, a beaten Germany, penned in by the Treaty of Versailles, entered
joint ventures with Bofors Corp. of neutral Sweden. The Germans had studied the published
armament policies of other European nations and had observed the soldiers occupying their
country. They had studied what would win on a future battlefield, then set out to get it in any
way they could.