|
The rate of technological change in information-gathering activities is accelerating, where innovations in data collection appear to be advancing faster than innovations in data security. In the ninth edition of his book, Open Source Intelligence Techniques, Michael Bazzell (2022) goes beyond descriptive analysis and delivers a methods-rich, technical manual for efficiently collecting open source intelligence (OSINT). Unlike many intelligence books, the author’s aim is not to address what type of intelligence is collected or why they are collected. Nor does he spend much time debating the ethics around the use of open source intelligence or the impact of their use on citizen rights. Instead, Bazzell stays laser focused on the technical aspects of collecting information from the mass of data openly available on the Internet today, using recently innovated but readily available software to retrieve mostly freely available data sources from the web.
Bazzell organizes the book into three sections. Section one introduces the basic aspects of OSINT operations, where OSINT is defined as information from publicly available sources that are analyzed in a timely manner, disseminated to an appropriate audience, and satisfy a specified intelligence requirement. Common OSINT data sources include news media content, transcripts of open hearings or public events, and data made available by public request (like census data). Open source intelligence are not limited to the product of popular search engines like Google because they can be contained in files that regular web browsers simply cannot discover, like information made available by subscription or purchase (such as industry journals). Importantly, according to Bazzell, the mere collection of data does not make the information valuable. Rather, the value lies in the careful collation and interpretation of such data and applying these insights to resolve the issues justifying the OSINT process. Section two presents the real value of this book by exploring OSINT sources and techniques in depth. Four key discussions emerge: 1) Investigators can obscure their identities by using secret accounts and e-mail addresses—commonly referred to as “sock puppets”—to protect their real identities and minimize the risk of exposing both the investigative process and the gathered information to competitors and adversaries alike. 2) Highly personalized information can be efficiently gathered and collated from freely available sources such as social media, government or business records, and search engines (such as email addresses, phone numbers and home addresses). Using OSINT techniques, seemingly innocuous information can be collated to develop highly convincing social engineering campaigns that fool users into compromising company networks and personal assets. 3) Information overload is a significant challenge for OSINT efforts, which is why security officials focus their efforts on very narrow and specific areas of interest. Some of these efforts include attacking and penetration testing and intensively searching for accidental data leaks, unsecured Internet connections, or unpatched software that can leak sensitive data or expose valuable assets. But readers should be aware of the double-edge sword presented by the symmetry of information available to both good and bad actors: Threat actors use these same processes to update phishing (email), vishing (voicemail or phone), and SMiShing (SMS) efforts. OSINT methods can employ either passive or active data collection techniques. Passive techniques combine a variety of threat feeds into a single, easily accessible platform. Advanced intelligence platforms use machine learning, scaled analytics, and natural language processing (NLP) tools to prioritize and dismiss alerts (like botnets that use traffic sniffing and keylogging techniques to collect vital information.) Active techniques search for specific insights or information, usually within two contexts: a) when a potential threat is highlighted in a passively collected alert, or b) when the focus of an intelligence collecting exercise is very specific, like penetration testing exercises. The final section of the book focuses on effective OSINT processes, which require efficient and repeatable workflows where careful and deliberate planning are more important than the technology that facilitates them. An example of a sound methodology begins with an accurate threat assessment, followed by a process of triage on the day-to-day OSINT efforts, including creating clear objectives for performing OSINT. This is followed by verifying all origins of information to procure true identities of the parties of interest. Additionally, after the collection and analyses are completed, the intelligence report should state the findings in the proper context. Bazzell’s book puts on a how-to clinic on effective OSINT operations using high-technology tools and methods. The author presents each element of a voluminous amount of technical information as an interlocking puzzle piece that creates a broader picture of a robust OSINT methodology. The result is a satisfying effort to provide technical know-howto those engaged in nearly every element of the OSINT collection process. This methods-heavy book compliments the existing body of intelligence literature but also stands uniquely in contrast to them. For example, while Lowenthal (2019), Fingar (2020), and Miller et al. (2022) all touch on the technological dimensions of intelligence gathering, Lowenthal (2019) primarily analyzes such efforts from the perspective of the consumers of intelligence information. Like Bazzell, Fingar (2020) also describes how technology can assist in the collection process. But he emphasizes how the collation and interpretation of data is influenced by the political context surrounding the impetus of the intelligence gathering effort, which can reflect a bias toward validating negative threats rather than exploiting positive opportunities. Also like Bazzell, Miller et al. (2022) explore in detail the powerful technologies that drive information gathering at scale. Unlike Bazzell, this effort focuses on the ethical issues impacting national security intelligence gathering, such as the tensions between preserving individual privacy on the one hand, and timely discovery of national security threats on the other. Fans of all three books would appreciate how Bazzell smartly keeps the focus on methods and techniques, achieving both differentiation and complementarity while filling an important gap in the intelligence literature. To this point, this book is “not a debate of the various opinions about online reconnaissance for personal information. It is not a historical look at OSINT or a discussion of [your] administrative policy.” Instead, it focuses on revealing the evolving capabilities of publicly available OSINT platforms, software tools, and techniques that can be employed to legally collect information and protect private and public organizations from the intrusive actions of malefactors. In an era of increasingly common information security intrusions, this is welcome information. While the book can benefit from a richer discussion about how mountains of data can be most effectively transformed into useful information (analysis and interpretation processes), it satisfies a need for those readers who need technical and skills-based training. In addition to helping professionals in the public sector, it can also help private sector technology managers who seek to optimize legal and inexpensive intelligence collection efforts to support their existing competitive strategies, or to test the vulnerability of their sensitive information to even the most skillful external threat actors. As well, academic researchers can use the recommended techniques to build new data sets with which to support their studies. As AI capabilities grow, data search scale and precision are constantly improving, benefiting both good and bad actors. Now in its ninth edition, Bazzell’s book provides timely updates to the latest in software applications and technology platforms to facilitate the most robust OSINT procedures available. The US government has taken the Chinese government to task for inadequately protecting US-owned intellectual property (IP). As a member of the WTO, China is required to enforce IP rights in the Trade-Related Aspects of Intellectual Property Rights (TRIPS) agreement. Yet, the US Trade Representative has found China to be consistently non-compliant with the TRIPS agreement, ultimately initiating formal investigations of China's trade practices and IP rights violations.
Why would China voluntarily enter into agreements that it persistently fails to satisfy? There is little consensus in the IP literature explaining this behavior, with some researchers citing the absence of the rule of law, and others calling out US hypocrisy, since it, too, stole others' IP a century earlier. Perhaps differences between China and the West regarding their political and cultural institutions can provide insight into this inconsistency between China’s public expression of intention and its actions. The actions of any government are influenced by both the formal institutions (statutory laws, individual rights) and informal institutions (community taboos, social customs) of the society it governs. Both sets of institutions are influenced by religious creeds, ethnic traditions or other common belief systems that have historically proven effective at attaining community benefits. IP analysts have primarily focused on critiquing China’s formal institutions that influence IP rights protection regimes, noting recent increases in both domestic patent filings and IP theft lawsuits. However, the influence of informal institutions may be driving the persistent ineffectiveness of these public actions. Disregarding the role of informal institutions and their interplay with formal institutions paints an incomplete picture of how China’s IP policies are developed and implemented over time. From the perspective of the US, the well-intended trade experiment with China has failed. China’s rise is closely tied to its forceful approach of acquiring IP, both legally and illegally, to achieve its economic—and thus—military might. Indeed, a significant source of tension across scholarly literature on US-China trade relations is whether China’s state-sponsored theft of US firms’ IP and its lack of IPR protections for MNEs with joint ventures in China warrant any true concern. Some scholars who promote open trade between the two nations believe that the threats to US economic and national security are minimal and are fading over time.
Others contend that the situation is serious and only getting worse. According to the IP Commission (2017), IP theft costs the US economy up to $600 billion annually, an estimate that captures only a small portion of the value of costs (rather than value of lost revenue) from counterfeit goods exchanged in the US, and does not capture the value of goods sold in overseas markets or pirated goods. The International Anti-Corruption Conference estimated that 69% of all confiscated counterfeit goods originate in China. Further, the European Union Taxation and Customs Union found that 54% of Eurozone confiscated items originated from China. Misappropriation of US IP reported under the Economic Espionage Act have caused direct and indirect economic losses of up to $600 million per firm—in 2001 dollar-terms (Carr & Gorman, 2001). Empirical analysis by Kamiya et al. (2020) using data from the Privacy Rights Clearinghouse found that after experiencing a cyberattack where personal information is lost, shareholder wealth drops on average by 1.8% or $1 billion per firm. When the same firm faces a subsequent attack within a year’s time, shareholder wealth decreases by nearly 5%. When the annual rate of firm revenue growth across the three years prior to an attack is compared with the rate of revenue growth for the three years after the attack, annual revenue growth fell, on average, from 8% to 4.6%. Beyond the sizeable commercial losses to IP theft, others in the IP literature believe that expropriation has evolved into a bonafide national security threat. The extensive use of cyber espionage supported by China’s Communist Party-State, when combined with the increasing globalization of high-tech arms production, will eventually allow Beijing to close the military-technological gap with Washington. Given the tensions in US-China affairs—a relationship that diplomacy scholars consider the most important in the 21st century, the question of whether the Chinese Party-State will improve its IPR regime is a worthy topic of analysis, exceeded in substance only by the question of whether China’s political economy is capable of doing so as it is presently arranged. It has often been said that when power is concentrated in the hands of too few for far too long, the system becomes corrupt. Power is the expected utility in both the study of national and firm governance. From the perspective of the US and much of the West, the question is, "How do we check mankind’s inherent quest for power without stifling mankind’s quest for progress?" The response to this question from US policymakers is an appeal to govern by the rule of law: How should economic and political power be dispersed among the governed so that it does not end up concentrated in the hands of too few? Similarly, the same appetite for checks and balances are apparent at the corporate level (although imperfectly applied), hence the alignment of executive interests to that of shareholders and stakeholders, and the presence of external boards to check executive performance.
From the perspective of China and other authoritarian states, the object has been to govern by the rule of force: How do we preserve our power over the governed to maintain and protect our regime’s interests? Whereas the US, like most developed economies, relies on the rule of law, China rules through law. That is, the Party-State uses the legal system as an administrative tool to achieve its political ends. Thus, the Party-State is above the law. Scholars who fail to make the correct assumptions in postulating their theories do so at the people's peril. The failure to recognize this fundamental difference between the two political economies seems to have discouraged the creation of a synthesis perspective on international trade across the many competing paradigms, and has clouded the implications for promoting an optimal IP regulatory regime for interacting with developing economies. For example, neoliberal economic theory has guided US trade policy for several decades, yet this framework has failed to predict the persistent patterns of outcomes that have emerged in trade between the US and an authoritarian regime, because economists have long predicted that a developing country that trades more will become more free. I reject such broad conclusions. Scholars did not account for the influence potentially working in the other direction. And it appears that scholars across many disciplines, especially in the fields of Economics and Business, are poised to make this mistake again. Classical trade models accurately assess the economic inefficiencies that monopoly producers impart on the market: competitive pressures are stifled, production efficiency is lost, and product innovations are depressed over time. However, what the open trade premise overlooks is that economic interdependency across trading partners creates a national security interdependency when some of these traded goods are vital to national security goals. For example, the Ricardian model of open trade fails to recognize the unique role of strategic goods in a way that sacrifices national security for economic efficiency. This model assumes that all goods hold the same strategic value. Yet, when one nation or bloc controls the market for any strategic good (like OPEC in the 1970s), this endangers global economic stability.
For instance, rare earth minerals, nanotechnology and telecommunications are all components of military applications vital for protecting U.S. national security interests. Medical devices, pharmaceuticals, testing kits and supplies are vital for protecting the health of citizens during a pandemic. High-tech communications and computer components are vital for protecting the financial and industrial infrastructure of a developed economy. Chinese state-owned enterprises (SOEs) and private producers have pursued and attained a near global monopoly in all of these strategic sectors. This stranglehold not only decreases international competition that ensures efficient global trade, it also severely reduces the substitute sources available to resilient economies. Classical trade frameworks, while useful in guiding international exchange among open-market economies—as evidenced by the economic and financial development of the U.S. and the West—is deficient in explaining trade outcomes with authoritarian states. It now falls on international business practitioner-scholars to develop a new framework that can guide international trade between open and protectionist economies. China has been making significant investments in technology and manufacturing infrastructures, advancing human capital and increasing the high-tech manufacturing capabilities of its workforce, all with the goal of becoming more effective at technology and IP absorption. US trade policy should reflect the reality that continued US economic prosperity in a global economy is predicated on China’s protection of American IP. Merely assuming that historical-determinism or trade expansion will overcome China’s resistance to protecting foreign IP rights (IPRs) is an exercise in futility. Further, the rapid growth and technological advancement of China’s economy is positioning China’s IP theft as a national security challenge.
The changing nature of how technological development is being absorbed by any economy makes this emphasis even more poignant. Decades ago, US military technologies led to follow-on innovations in the private sector. For example, research on the atomic bomb prior to the 1960s led to the development of nuclear power generation for major cities. German rocketry research from the 1940s led to NASA landing a man on the moon. British radar development during WWII led to microwave ovens and police traffic speed detectors. However, this trend reversed when commercial innovations began leading military innovations, and high-tech products were often developed with dual-use applications in mind (defense and commercial), rather than single-use (defense or commercial). To wit, the development of semiconductors and microelectronics created more than just calculators and mobile phones. These innovations led to the development of smart bombs and military drones. Today, most global positioning satellites (GPS) provide both ground traffic guidance and missile trajectory guidance. Artificial intelligence (AI) has been applied to the logistics of disease propagation as well as decoding terrorist messages. China’s extensive use of cyber, economic, and industrial espionage, combined with the increasing globalization of technology applications in arms production and deployment, will eventually allow China to close the existing military-technological gap with the US. This is dangerous to the extent that China has not historically demonstrated restraint in the face of rising power. |
