Special Technologies & Applications Office
New Ways to Analyze Digital Intel
Finding patterns among enormous amounts of related data exchanged among suspects is a huge
When our agents are on the trail of suspected terrorists, with appropriate legal approval they can gain access to suspects’ e-mail, telephone calls, text messages, and even computer hard drives.
But after we collect what can amount to millions of pieces of digital data, what happens next? How can all that raw intelligence be organized, analyzed, and shared to help stop a terrorist plot before it’s too late?
The answer to those questions can be found within our Special Technologies & Applications Office (STAO). In the high stakes arena of national security, STAO is one of our most technologically advanced players. Using custom-designed tools and applications that are so innovative they are sometimes beyond state of the art, STAO’s specialty is teasing out critical information—a hidden video file on a hard drive, a key connection among tens of thousands of e-mails—from almost any form of electronic media. Where digital evidence is concerned, STAO Section Chief Christopher “Todd” Doss explained, “We find the needle in the haystack.”
Created in the late 1990s and dramatically enhanced as a result of 9/11, the office consists of more than 200 people with expertise in various digital disciplines. And in addition to Bureau personnel, the team collaborates with some of the brightest computer scientists from private industry, academia, and other government agencies.
The primary goal of STAO is to provide investigators with tools to manage and analyze large volumes of digital intelligence and to “cross-correlate” that information so it’s available not only to FBI personnel all over the world but also to our partners in the law enforcement and intelligence communities. Is a piece of data from a cell phone in Southeast Asia linked to a terrorism case in Seattle? STAO applications can help connect the dots.
Some of STAO’s capabilities include:
- Visual Analysis. Finding patterns among enormous amounts of related data exchanged among suspects is a huge challenge. Instead of wading through vast lists of such data in a traditional text-based way, such as in a spreadsheet, STAO created a visual solution called FANTOM that allows agents and analysts to examine connections visually in three dimensions. Each data relationship of a suspect is represented on a large computer monitor by a single point, or “node.” Lines, or “edges,” between nodes indicate one or more communications made between suspects using a particular method. Using FANTOM, agents can easily find answers to important questions—“Which nodes were most active and most central to all the communications?” “What communications were made at a particular date and time?” Or, “If two suspects exchanged text messages before planting an IED, who else were they texting?” This cutting-edge visual application enables the kind of interactive computing that can provide vital intelligence to investigators.
- Malicious code analysis. STAO’s experts on malicious software—malware—work closely with our Cyber Division on matters including computer intrusions. These experts are often called upon to testify in child pornography cases when defendants claim that a computer virus was responsible for downloading child porn on their computers. “We can tell if that was indeed the case,” an agent explained.
- Data management. STAO maintains powerful, easy-to-use systems that can store seized digital files including text, audio, video, and photos. Approved users can search, filter, and share case information with others in the intelligence community—an invaluable tool in our fight against terrorism.
“The bottom line,” said one STAO official, “is that our office helps the Bureau and others do their jobs. And whenever we can help catch the bad guy on the criminal side, or provide intelligence on the counterterrorism side, that’s what we’re here for.
- More FBI technology stories