When It Comes to Tech and Terrorism, the Government Is Asking for the Wrong Kind of Help

A man holds up his phone during a rally in support of data privacy outside the Apple store Tuesday, Feb. 23, 2016, in San Francisco.

Eric Risberg/AP

AA Font size + Print

A man holds up his phone during a rally in support of data privacy outside the Apple store Tuesday, Feb. 23, 2016, in San Francisco.

There are many ways the tech industry can help turn up the heat on terrorists without compromising the rest of us.

US government officials and political candidates are increasingly criticizing Silicon Valley for not doing enough to prevent terrorists from capitalizing on technology. The critiques have put Silicon Valley executives on the defensive, pushing back on insinuations that the providers of encrypted iPhones and Twitter accounts are responsible for terrorists getting away with murder. The gulf between Silicon Valley and Washington appears to be widening.

Still, something is missing in this discussion about tech and terrorism, and it is a concept Silicon Valley already understands well: market opportunity.

As a former CIA counterterrorism analyst, I have seen private-sector technology assist intelligence analysis and law enforcement–as well as tech firms’ bottom lines. One salient example is Palantir, founded in 2004 to provide big data analysis for the intelligence community and which now earns $1.5 billion in revenue. The firm’s software helps clients connect the dots within large data sets, using technology inspired by PayPal, where some of Palantir’s leadership used to work. Forbes ranked Palantir fourth on its list of unicorns for 2016.

Read more: Flexible Electronics Are the Goal of Pentagon’s First Silicon Valley Partnership

Data analysis innovation is an area currently in high demand for companies seeking inroads into the national security sector. Three market opportunities stand out which could bring Silicon Valley and the U.S. government to more common ground:

Digital forensics

The common perception of counterterrorism involves a team of investigators scouring a terrorist safe-house, looking for physical evidence of planning, training materials, and address books listing names of accomplices. Now consider how broadly this effort spreads when looking for evidence on a confiscated laptop or smartphone, or clues scattered across one’s digital footprint.

Last December, the CIA-funded non-profit In-Q-Tel invested in the Canadian company Magnet Forensics. The firm’s key technology is called the Internet Evidence Finder, an application which helps investigators comb through digital files to find evidence in criminal cases – for example, the FBI used the software to probe 30 recovered electronic devices owned by the Boston Marathon bombers. Since its launch in 2011, Magnetic Forensics’ revenues have grown 11-fold.

Advanced data analysis

Most counterterrorism analysts start their day by combing through results of search queries they have constructed for open-source and classified databases. To get results, they first have to tell the search engines what they’re looking for, like a bloodhound sniffing the scent of a suspect. But a kind of advanced machine learning called topological data analysis involves computers identifying patterns that can’t be discerned through traditional algorithms. Imagine a situation where an analyst opens up his or her inbox to find results from topological analysis, where their computer is more like Sherlock Holmes than a bloodhound dog. Instead of relying on the analyst feeding the search engine clues, the software learns from the data to discover hidden relationships which may prompt investigators to connect new dots.

Ayasdi is one Silicon Valley company offering such technology, translating data into three-dimensional shapes and colors to help analysts visualize nonlinear patterns. It received early funding in 2008 from the Department of Defense’s Defense Advanced Research Projects Agency (DARPA), and has to date received $100 million in total, including from venture-capital firms FLOODGATE and Khosla Ventures. The firm also services a number of industries including healthcare and finance, but is particularly suited toward helping the national security sector predict and prevent terror threats.

Blockchain for business registries

When law enforcement investigates suspected front companies involved in terror finance, one of the first places it looks is corporate registries. Every US state manages its own registry, as does every foreign country, and there is no reliable way to search across registry databases. The job gets more difficult when trying to crack the opaque offshore jurisdictions that illicit financiers favor.

Enterprising startups are now experimenting with the blockchain technology that underpins virtual currencies like Bitcoin. Blockchain is an authenticated ledger that records digital transactions, but is increasingly used for validating all types of records. If a blockchain system were set up to hold corporate registry information internationally, it would help governments manage business data and identify firms and individuals engaged in illicit activity.

For example, the Austin-based firm Factom, valued at $11 million, is negotiating a deal with the government of Honduras to provide a blockchain land-title system to prevent corruption in property transactions, and the UK firm Pythia has partnered with the Isle of Man government to pilot a blockchain registry of all cryptocurrency companies on the island.

Critics of Silicon Valley from the national-security community charge that technology is enabling terrorists to operate undetected. This same technological knowhow, however, could help the intelligence community thwart those plotting against us and our allies. Silicon Valley has become renowned for innovation, but it could one day become a byword for something even more important: keeping America and the world safe.

Per the author’s contractual obligation to his former employer, this article has been reviewed by the CIA’s Publication Review Board to ensure no classified information has been inadvertently disclosed. 

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • GBC Issue Brief: Supply Chain Insecurity

    Federal organizations rely on state-of-the-art IT tools and systems to deliver services efficiently and effectively, and it takes a vast ecosystem of organizations, individuals, information, and resources to successfully deliver these products. This issue brief discusses the current threats to the vulnerable supply chain - and how agencies can prevent these threats to produce a more secure IT supply chain process.

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.