Category: Blog

Geospatial intelligence (GEOINT) describes the human activities on earth obtained from imagery and geospatial data. Collectively, these depict and illustrate geographical references

GEOINT defined

In a more amplified context, GEOINT comprises all possible views of imagery and geospatial data. UV waves emanating from the electromagnetic spectrum, geo-referenced social media content, aspects of literal imagery—these are just some of the data that can be collected for GEOINT.

GEOINT is, therefore, an intelligence science that gathers, exploits and analyzes geospatial data to visually delineate, estimate and depict both natural and man-made physical features and geographical activities on Earth.

GEOINT sources include mapping data obtained from both commercial and government satellites. It also encompasses unmanned aerial vehicles (UAVs) and GPS waypoints. Geo-reference points now evolved to include political, demographic and anthropologic data of the human domain.

What makes GEOINT distinct from other branches of intelligence gathering? We can appreciate this science when we learn how it is applied in real life.

Here are 4 modern instances when GEOINT was used in the face of threat to mankind:

1. Ghouta Chemical Attack – Syria, 2013

Who knew that in the wee hours of August 21, 2013, a chemical attack would befall in Ghouta, in light of the Syrian Civil War?

This is a perfect example of how offensive strategies have become so sophisticated.

After the Iran-Iraq War, the Ghouta Chemical Attack is believed to be the deadliest of its kind. The estimated death toll was at 1,729.

If the attack prolonged, this number would have risen.

Fortunately, the intelligence community (IC) was quick to act. It utilized a number of sources to help address the crisis. A combination of human, open-source and GEOINT made a significant difference.

We imagine that the data from this crisis was overwhelming, but GEOINT sorted the inconsistencies. Amidst the blood and chaos, GEOINT made it possible to illustrate a coherent picture of the situation. Looking from different angles, GEOINT provided substantial insight into moving points on the map.

Several days after the chemical attack, the White House identified the Assad regime as the mastermind. The United Nations also released its own assessment and findings consistent with the results of the intelligence community.

The Syrian government was challenged by the US to dispose of their deadly weapons, which they accepted.

2. Ebola Epidemic – Liberia, 2014-2015

The West African Ebola virus created a worldwide scare. Ebola results in life-threatening hemorrhage and has a high death rate for anyone infected.

This is exactly what happened when the Ebola epidemic hit Liberia and nearby countries Sierra Leone and Guinea. According to the WHO, a total of 11,207 died due to Ebola complications in these countries.

The fear is real. While countries intensified their respective border security measures, international groups organized medical missions to control the epidemic.

How did GEOINT help this health crisis?

GEOINT enabled an open collaboration of a browser that was made publicly available on the web. This system didn’t require meticulous steps or usernames and passwords. The aim was to save time to save lives, and accurate information is key.

Through the information gathered in this web-based source, health care workers knew exactly what to do and acted promptly without necessary delay. This significantly shortened the time between diagnosis and management.

Most importantly. GEOINT established travel times and accurate points where the Ebola disease occurred. These references helped station treatment facilities and emergency care.

3. Gorkha Earthquake – Nepal, 2015

On April 25, 2015, a 7.8 magnitude earthquake struck the Gorkha district of Nepal, killing over 9,000 people and injuring 22,000. This is regarded as the worst natural disaster to occur in Nepal after the Nepal-Bihar earthquake in 1934.

The earthquake resulted in a catastrophic avalanche in Mt. Everest which left 21 people dead. It also caused another avalanche in the Langtang valley with over 250 people still missing. This became the deadliest day on a mountain ever recorded in history.

Similar to the Ebola epidemic, the intelligence community immediately opened a public web site, showing maps of major Nepalese cities. The National Geo-Spatial Intelligence Agency (NGA) collaborated with government offices and various intelligence groups to share relevant information.

GEOINT was an immense help. Analysts uploaded about 240 data layers on top of several maps with over thousands of visitors viewing the information.

These enabled military men, international organizations, health care workers, charities, and other groups to strategize relief-giving. Amid the devastation left by the earthquake, the reference points from GEOINT made it easier for these groups to conduct systematic and time-saving assistance.

Again, much like the Ebola epidemic, the goal was to save as many lives in the quickest time possible.

4. Typhoon Haiyan – Philippines, 2013

In the province of Tacloban, super typhoon Haiyan made landfall on November 7, 2013. This was regarded as one of strongest, tropical cyclones in history, and the deadliest typhoon to hit the Philippines.

Until now, missing people were never found.

The United Nations says that Haiyan affected over 11 million people. Many families were left homeless and went on without food and water. The damages brought about by Haiyan amounted to over $2.2 billion.

All communication lines and entry points are disastrously damaged by the typhoon, which made disaster management on both local and national scales very challenging.

In response to the crisis, the NGA collaborated with the Philippine government and international aid groups to provide an assessment and analysis of the damage.

NGA took hold of several GEOINT sources such as airborne platforms, commercial satellites, and open-source data. Through this, they were able to show at least 100 unclassified images through a public portal.

GEOINT enabled prompt action from groups who wished to provide aid to affected people. Several countries also rushed to the Philippines’ aid, transporting relief goods and landing at various air bases near ground zero.

It’s an awful crime to pose as someone else for purposes of personal gain.

The Federal Bureau of Investigation (FBI) says that CEO fraud is now valued to be a scam worth $12 billion. 2018 saw an increase of 136% in losses at a global scale.

In the US alone, CEO fraud has been documented in all states. In an international scale, the scam has been reported in 150 countries. This cements the fact that it is becoming a more sophisticated crime.

What is CEO fraud?

CEO fraud is a scam that involves impersonating an organization’s senior executive (most commonly the CEO), with the aim of diverting payments, executing unauthorized transactions, or divulging confidential information to a fraudulent destination such as a bank account or an email address.

Fraudsters usually target an organization’s finance department by phone or e-mail.

But how exactly do they carry out the fraud? Let’s take a good look at how it goes from start to finish:

Conception

This is the stage where most of the researching, stalking and extracting of information takes place. Fraudsters gather the relevant data to initiate the fraud.

This may well be the time when trash intelligence (TRASHINT) is practiced. Small and medium enterprises are the common targets, since confidential information may not be disposed of properly.

The CEO is always the perfect target. Fraudsters take advantage of a CEO’s natural position of authority to make sure their employees follow what they say without knowing their real identities.

Once fraudsters set their eyes on who to impersonate, they replicate the entire persona based on the data they gather: personal information, academic background, service record, family background, and even the traits and personality.

If one minor detail gives them away, it will be the end of their plan.

How to thwart this stage: Prevention is key. Undertake small yet sure measures to keep data secure. Shred all confidential documents that are of no use anymore. Regularly train employees on information security.

Attack

This is the stage where the attack methods are executed.

Phishing
Fraudsters send phishing emails to a large number of users at the same time, in the hopes of “fishing” out confidential information. These are often complete with logos, slogans, and other company-related branding.

Phishing emails, under the guise of the CEO as the sender, may be sent to employees of the company’s finance department asking for urgent details about the tax information of all the workers.

Spear phishing
This is a more focused kind of phishing. Fraudsters determine who to send phishing emails specifically to.

In typical spear phishing, fraudsters may send a spoofed email to an employee, indicating the complete name—to make it sound legitimate.

Executive whaling
The trolls target the company’s VIPs—top-level executives, administrators, directors—in an attempt to extract money from company accounts or get hold of sensitive financial data. This is a more sophisticated method of attack that requires more in-depth knowledge about the VIPs and the organization itself.

Social engineering
This employs psychological manipulation to trick unsuspecting people into giving access to their funds or disclosing sensitive information. Social engineering gathers information from social media sites and mines a lot of data from a user’s digital footprint.

Here are classic templates of CEO fraud:

Mary, this is urgent. I need you to transfer $200,000.00 to this account number xx-xxxx-xxx. I am on vacation so I am unable to do this myself.

Edith, please reply to this e-mail with an attachment of all our employees’ W-2 and their contact details. I need it ASAP for our company’s accreditation.

How to thwart this stage: Hire a professional cybersecurity specialist to train your own IT security team. Devise defensive strategies to make sure no breach will occur.

Response

This is the stage where the target receives the correspondence from the fraudster. The unsuspecting target will immediately act on the instruction from the fake CEO.

Often without further reflection or questioning the source of the correspondence, the target then proceeds to follow the orders of the boss.

This is the make-or-break of the scam. The target may follow what the instruction says should be done, then realize that it is all a fraud. Or, the target may exercise critical thinking and common sense amid the false sense of panic created by the fraudster—and goes on to investigate if the instruction is legitimate or not.

How to thwart this stage: Execute a standard operating procedure on wire transfers and information retrieval. Employ point persons and regularly train and orient employees on detecting fraud. Emphasize transparency at all times.

Damage

This is the stage where the actual breach takes into place. Money has been transferred or information has been divulged. Either way, a massive data breach occurs and places the entire organization at risk.

At this point, we can say that the attack is successful, as fraudsters have gained access to what they are really after.

How to deal with this stage: Unfortunately, there’s no point thwarting this stage when the damage has been done. The organization should perform damage control measures at this point and ensure that remaining funds and information should not be accessed.

Outcome

This is the stage where the damaging results of the CEO fraud are evident. The employees and the organization itself suffer from the scam.

In most cases of CEO fraud, only a mere 4% of the total money lost is recovered. In some instances, absolute recovery is next to impossible.

The rest of the damage occurs in a domino effect:

An investigation takes place, incurring additional resources
Following command responsibility, people get fired including the CEO, CFO, and their subordinates
Lawsuits are filed against those proven to be negligent
The company loses its positive image, sales immediately drop, the public loses trust

How to deal with this stage: Allow the legal department to conduct an internal investigation. Hire a third-party security team or intelligence specialist to gather more information. Coordinate with law enforcement agencies to pinpoint the attacker. Form a capable PR team to execute aggressive and effective damage control measures. Re-hire employees if needed.

Efforts are made to keep our information secure. Passwords, authentication methods, antivirus software—all these measures make sure that your information, identity, and files remain untouched.

It all looks simple from the user’s end, but it’s a lot more complicated than that. Those responsible for maintaining information security follow a complex risk management process that encompasses assets, threats, vulnerabilities, outcomes, and many other elements.

We look further into what information security is all about and answered the most common questions about this process:

1. What does information security really mean?

Simply put, information security protects your confidentiality, the integrity of your information, and the availability of data stored in your computer.

Information security is technically the fancy term for ensuring your information doesn’t fall on the wrong hands.

Can you imagine your email account without a password? A bank account without a PIN? Your work computer without an antivirus software?

That’s information security at its most common modern applications. Developing security measures doesn’t happen overnight. It takes years of research and actual incidents to come up with an effective approach.

2. What are the basic principles of information security?

Information security is a process based on principles.

Confidentiality, integrity, and availability—these are the 3 pillars of information security.

Confidentiality of information means non-disclosure to unauthorized persons, entities or processes. If someone else knows the password to your social media account, your password (information) has been compromised. There is a clear breach of confidentiality in this example.

Integrity of information means preserving the accuracy and completeness of the information. Data should never be changed in an unauthorized manner. An employee who quits from his employer should not be able to access any of his office accounts. The organization should make sure that non-employees should no longer have access to company information, which can be changed. Integrity, in this case, may be compromised.

Availability of information means data should be available for access when needed. Law enforcers gather information from other government agencies as well. There should be prompt collaboration and understanding between various offices to make sure that information is available to those authorized to access it.

Collectively, these comprise the triad of information security, but more principles are now also followed:

Authenticity of information means that users should verify their identity. This principle ensures that the trusted source receives a genuine code through a valid transmission in real-time. After entering your password, your e-mail provider sends a unique code to your mobile number, which confirms that you are the user. Since both the password and the code match, the information is indeed authentic.

Accountability of information means that there should be a proper trail for every change in information. In an organization, there is a specific department authorized to change information. Such change must be documented and signed by the head of the department. This makes sure that the right people are accountable.

3. Are information security and cybersecurity the same?

No, they are two different terms even when people often use them interchangeably. They may overlap in some instances, but they should not be confused with each other.

Information security deals with protecting information itself, regardless if it’s electronically stored or otherwise.

In the 1900s, for instance, when people heavily relied on filing cabinets to store important files, they relied on padlocks or combination locks to prevent unauthorized access to these documents.

Cybersecurity deals with technologies and methods to protect networks, programs, data, computers—basically those within the cyber realm—from malicious attacks. Obviously, cybersecurity is not applicable to padlocks and filing cabinets that store confidential files.

In the modern sense, information security and cybersecurity may overlap. More users and companies now utilize a digital approach to store and protect their data and information.

4. Are there threats to information security?

Absolutely.

Let us not forget why information security is practiced in the first place. As you strengthen your security measures, attackers innovate their techniques to stay ahead.

A threat is anything that takes advantage of a system’s vulnerability. The goal is to gain access to information and alter, delete or harm a subject of interest.

A software attack is executed by viruses, worms, and other similar malicious programs. When these gain access to your system, you risk the integrity and availability of your information.

Malware is any malicious software that intrudes into your operating system. Once infected, it can replicate and pose a serious risk to the security of your information.

Phishing is a relatively new modus. Disguised as a legit website, it asks for your username and password, ultimately compromising the confidentiality of your information.

5. What’s the worst that could happen once a breach has happened?

Any data breach is a serious incident in all scales.

Perhaps the worst that could happen is losing all of your hard-earned money, in case of a breach of your financial account. If someone gets hold of your ATM details, it only takes minutes to withdraw all of your cash.

Individuals who gain unauthorized access to your personal information may use all of these for their own personal gain. Any con artist can open a bank account, apply for a passport, buy a car, sign documents—under your name.

Information is also a powerful tool for sabotage. Once an enemy gets hold of classified information, this can be used against the company. In effect, the damage to reputation, sales, and overall performance is severe.

Lorraine is a widow who enjoys chatting with Tom, a bank manager who hails from the UK.

Even though they have never met, a relationship swiftly blossoms. Tom informs Lorraine of a surprise parcel he’s sent to her address, but local customs officers held it until customs taxes are paid.

Tom tells Lorraine she needs to pay $5,000 via wire transfer so the parcel can be cleared and released for delivery.

Clearly smitten and pleased with the surprise, Lorraine transfers all her remaining savings as instructed, and patiently waits until she receives the parcel.

Tom’s online accounts seem to have vanished into thin air. Confused, Lorraine phones the customs department and learns that no such parcel is addressed to her.

The Nigeria Scam

Lorraine, in the example, represents the thousands of victims who have fallen prey to the elusive Nigeria Scam.

This is a type of advance-fee scam, a type of confidence trick and another form of fraud.

The scam involves earning the victim’s trust, promising a share of money, property or anything with high value, in exchange for an upfront payment.

Once the victim pays the amount required, the fraudster either fabricates stories about needing more money or, like Tom in the example, disappears like he never existed in the first place.

Before, fraudsters utilized fax and snail mail for corresponding with their victims. Since e-mail and social media offer a more convenient means to communicate, fraudsters now use these platforms to trick unsuspecting victims.

Not only in Nigeria

In 2006, over 61% of fraudsters were in the US, 16% were in the UK, and 6% were from Nigeria. The scam has also been documented in South Africa, Ivory Coast, Jamaica, Spain, and the Netherlands.

But why is Nigeria singled out?

The scam appears to have originated in Nigeria. It is also referred to as Nigerian 419, because the early versions of the crime came from Nigeria. The 419 is taken from the section of the Nigerian Criminal Code, but the scam is now rampant across the globe.

The name also seems to have been inspired by an absurd story of a Nigerian prince promising lavish riches from West Africa—a story that only the most gullible will believe.

Unfortunately, it is still a rather lucrative business or side income for scammers, who are usually young students or ordinary employees with low-paying jobs. They discover that they can make money out of fooling people, often earning as much as $60,000 in a year.

Who falls into the trap?

Much like the widowed Lorraine in the example, fraudsters prey on human vulnerabilities.

The most unsuspecting demographic comprise of widowers aged 45-75 who are lonely, bored but have plenty of money. Fraudsters use social engineering to cultivate a trusting relationship—feeding on the victims’ weaknesses until they convince the victims to send money or divulge sensitive information.

A type of confidence trick, one element of the Nigeria scam is earning the trust and confidence of the victim to successfully execute the crime.

How it works

Scammers can contact you through snail mail, email, text message or social media channels. They do this to practically any address or username they can send to, in the hopes that one victim will reply.

Then they exploit your human vulnerabilities, like what Lorraine experienced in the example. They tell you elaborate stories, tell you what you like to hear, then gain your trust.

They will absolutely refuse personal contact, giving excuses such as being busy with work or having a disability that disallows them to travel. They might also refuse video calls but will give you very convincing photos of themselves that do not, of course, belong to them.

Then they inform you that they have sent you something very important or luxurious, but a certain amount must be paid upfront for you to receive it. Or they can simply ask for your bank details and PIN so that they can transfer funds to you, only to gain access to your own funds and steal your hard-earned money.

Later on, you will realize that you have been scammed. As if it’s not the worst—the chances of getting your money back are next to impossible.

Know the red flags

Some of the warning signs that you’re dealing with a scammer include:

● Receiving an unexpected or unrecognized correspondence, like a cry for help or a random message from someone claiming to be a long-lost friend

● Refusing face-to-face contact with you, insisting that you communicate through email, traditional mail, chat, or phone call instead

● Hearing a very sad yet incredulous story about funds being frozen or trapped

● Promising you a very large amount of money, property, or inheritance in exchange for helping them once you have transferred your own money

● Name-dropping lawyers, banks, government agencies and organizations that are allegedly assisting them

The bottom line? Trust your instincts. Anything that seems unusual or too good to be true is telling of a fraudster in the works.

Don’t fall into the trap

Since these fraudsters prey on your weaknesses, toy with your feelings, and exploit your emotions, the key is to keep your guard up.

● Never provide financial information such as credit card details, billing address, or tax information to anyone you don’t trust.

● Never send money to anyone you don’t trust.

● Never give copies of documents containing sensitive information, such as your passport, employment certificates, tax records, land titles, and birth certificate.

● Refuse upfront payments via wire transfer, money order or cryptocurrency such as Bitcoin.

● Avoid transferring money on behalf of someone else you don’t trust. Money laundering is a serious crime.

● Verify the identity of the people you’re corresponding with by directly contacting the organization they claim to be working for. Search on your own, and don’t rely on the details they provided.

● Do a thorough internet research by keying in the exact wording of their correspondence. Many scams are detected this way.

● Don’t hesitate to ask for advice from a trusted person or seek help from a law enforcement agency.

Have you been scammed?

If you suspect you have been scammed, see your lawyer immediately to seek legal action.

Save all your correspondence with the scammer including the photos they sent to you, and go to the nearest police office to document the incident.

Call your bank and have all your credit cards canceled or cut off. Check your funds if no fraudulent transactions have been made.

Inform the issuing authority of your passport or driver’s license, if you also provided copies of these to the suspected scammer.

Change all your passwords and strengthen the security of all your online accounts. Edit your public profiles and make sure no sensitive data is publicly shown, like phone number, address, and date of birth. Limit the photos you share online.

There is no guarantee that the transferred money can be recovered, but you can also consult a security specialist or an intelligence expert to trace the scammer.

Intelligence is the gathering and collection of information. It’s a common practice that uses knowledge as the main weapon.

Intelligence follows a process and includes different disciplines. There’s HUMINT (human intelligence), SIGINT (signals intelligence), and GEOINT (geospatial intelligence), to name a few.

The average person’s impression on intelligence is its primary use in government and law enforcement. While this is true, ordinary people outside these practices also use intelligence on a regular basis—but without realizing it.

There’s one particular intelligence discipline—albeit unofficial—that doesn’t get much attention, but it does the job of obtaining useful information.

Let’s turn the spotlight on TRASHINT and learn interesting facts about this less-talked-about practice:

1. TRASHINT is all about gathering information from disposed of items.

Trash intelligence (TRASHINT), as the name implies, is simply obtaining intelligence from trash. Most people prefer to hear it this way, although TRASHINT is also loosely called “information diving”.

TRASHINT recovers data from disposed of material. While the initial reaction is thinking about someone digging into a trash bin for confidential documents, TRASHINT also involves information-gathering from discarded computers for important files.

Officers of the law and private investigators use TRASHINT, along with other methods, to collect intelligence.

However, it is also used by criminals like identity thieves, fraudsters and con artists.

2. TRASHINT is colloquially referred to as a poor man’s intelligence.

Compared to other intelligence disciplines that require meticulous processes and tools, TRASHINT is undeniably low-tech and a walk in the park.

TRASHINT is also referred to as “dumpster diving”. Seeing a discarded computer, repairing it to its functional state, and ultimately gaining access to undeleted files—this is the perfect example of the old saying that one man’s trash is another man’s treasure.

3. Identity thieves use TRASHINT a lot.

They love trash—sifting through piles and piles of seemingly useless information until they hit their jackpot.

Though private investigators do use TRASHINT, identity thieves are the common users. It’s cheap, easy and does the job—what more can they ask for?

Bank letters, expired contracts, copies of visa application, plane tickets—most people are too complacent about properly discarding their trash.

Identity thieves tirelessly dig through garbage, and it only takes several moments for them to use your identity—by using the information you’ve discarded.

The same is true for electronic files stored in computers, mobile phones, hard drives, and compact discs.

4. Children and senior citizens are common targets of TRASHINT.

Because of their vulnerability, the younger and older population are favorite targets by criminals who utilize TRASHINT.

Getting hold of a child’s personal information is a step closer to obtaining information about the whole family, especially the parents. This may be used for fake kidnapping scams and extortion.

A senior citizen’s savings is like a pot of gold for thieves, too. Seniors may carelessly throw away letters, receipts and other documents that contain tax information, social security details, and bank account numbers. All these may be used to steal their identities.

5. Trash is typically not private property.

Did you know that in most countries, garbage is not considered private property?

The notion is that once you discard an item by throwing it in your garbage bin or at any place for that matter—you leave it on public territory.

In the US, the legal basis is the 1988 Supreme Court Ruling in the California vs. Greenwood case, which indicated that the seizure of trash left for collection outside anybody’s home is not prohibited.

This is what makes TRASHINT easy for identity thieves and criminals. It’s hard to pinpoint them of the means they used to steal your identity, because it’s basically just trash they dug up.

6. Paper-based TRASHINT data is not just found in a garbage bin.

When a breach is detected, security experts don’t just look into trash receptacles. They also search at other areas where sensitive information could be kept or left lying around.

Desktop tables, meeting rooms, and inventory rooms are just some of the places where a lot of documents are left, either deliberately or accidentally. Paper shredders left out in the open and common workspaces are also the usual areas where trash with sensitive information can be found.

7. Countering TRASHINT is as easy as throwing garbage.

This is due diligence at its finest.

When you’re fully aware of the risks of inadvertently throwing away a crumpled copy of your passport page, credit card statements, and even your children’s old school projects—you decide that no one should gain access to your information.

Remember that identity thieves, through your trash, can profile you and your family. Never underestimate how they paint a picture of your personal background, academic history, and employment records.

There’s also a good reason why government agencies and banks ask for an affidavit when you lose a national ID, passport or credit card. These documents hold extremely sensitive information. By explaining under oath, such loss is properly documented. When the need arises, this may be used in court for your defense.

So how exactly do you counter TRASHINT measures by criminals? It’s a low-tech modus, so you only need simple but fool-proof preventive habits to keep your information safe.

It should be a practice for the average individual to properly dispose of their documents, whether paper-based or electronic.

Invest in a good-quality paper shredder that shreds your documents into very thin strips. Don’t forget to mix them up before discarding.

Before disposing gadgets that are deemed useless or defective beyond repair, make sure that you leave no trace of such files. Wipe out the entire gadget’s memory if possible.

Identity thieves also feast on digital footprint. Always erase cookies in your online browser, empty your e-mail trash bin, and permanently delete unused files in your computer.