Professional Documents
Culture Documents
The Problem
SIGINT is very good at 2 things:
1. Establishing lists of potential leads (50-10k+) 2. Manual analysis to vet individual targets
Tradecraft
A common model for identifier lead lists, today:
Phase 2 Phase 3
Phase 4
Input
????
Bulk enrichment of SIGINT business knowledge
TOP SECRET//COMINT//REL TO USA, CAN, AUS, GBR, NZL
Manual analysis
3
Triage Today
After initial enrichment checks, the analyst is often left with too many identifiers of possible interest
Definite Interest (Pri. 1) 5% High Interest (Pri 2) 15% Medium Interest (Pri 3) 35%
Go view content
10
Targeting
OCTAVE
Targeted identifiers
Future analytics
multiple organizations/ frameworks
User DN, justification, leads & which QFDs (domains) Log queries
GHOSTMACHINE
GM Analytic Engine
QFD QFD QFD QFD QFD QFD
Selector List
Seeds
T12 CDP
WAVELEGAL
FGS
CASport
?
11
Targeting
OCTAVE
Job Tracker
GCHQ
(GCHQ architecture details omitted)
NSA
Lineup query details Targeted identifiers
GHOSTMACHINE
GM Analytic Engine
QFD QFD QFD QFD QFD QFD
Selector List
Seeds
T12 CDP
User DN, justification, leads & which QFDs (domains) Log queries
WAVELEGAL
FGS
CASport
12
13
Contact/Information
- Briefers: - XXXXXXXXXXXXXXXXXXXXXXXXXXXX - XXXXXXXXXXXXXXXXXXXXXXXXXXXX - ECHOBASE Alias: - XXXXXXXXXXXXXXXXXXXXX - NSA WikiInfo page: - XXXXXXXXXXXXXXXXXXXXXXX
TOP SECRET//COMINT//REL TO USA, CAN, AUS, GBR, NZL
14