Policeware and Intelware: Change Underway, Pushback Likely

April 29, 2020

Law enforcement and intelligence are tricky subjects. For decades, the work of government employees and the specialized firms supporting sensitive operations have worked to stay out of the headlines. The spotlight was for rock stars and movie icons, not for investigators, security, and intelligence professionals.

Most of the companies in what I call the policeware and intelware markets have to and prefer to work with people who have been in their foxhole. The result has been the equivalent of a stealth market sector. The clients — traditionally government agencies — like the low profile approach as well. Many of the activities of these professionals and the firms supporting their operations are in a position of considerable risk.

But that seems to be changing. Recent examples include:

Cellebrite’s Covid campaign. The idea is that specialized mobile phone analysis tools can assist with the pandemic. You can read about this in “Cellebrite Pitching iPhone Hacking Tools As a Way to Stop COVID-19.”

A lone wolf employee. You can learn that the NSO Group finds itself in the middle of another PR issue. You can read about this challenge in “NSO Employee Abused Phone Hacking Tech to Target a Love Interest.”

A little known past of a high profile innovator. The somewhat unusual company Banjo finds itself in the spotlight over the allegations made about the firm’s founder. You can read about this in “CEO of Surveillance Firm Banjo Once Helped KKK Leader Shoot Up a Synagogue.”

These examples — if accurate and verifiable — suggest that Silicon Valley attitudes have penetrated the developers of policeware and intelware.

The majority of the companies providing specialized services are probably operating in a reasonably responsible way. Today policeware and intelware have become a multi billion dollar a year market. Most people will never encounter outfits with names like Elbit, Gamma or iCarbon X, and hundreds of others.

The fact is that the behaviors of a small number of companies is causing the policeware and intelware vendors to become the stuff of the talking heads on televised news programs, the launch pad for tweets and blog posts, and a source of embarrassment for the government entities relying on these companies and their products.

What troubles DarkCyber is that an increasing number of vendors of specialized services have realized that many government functions cannot operate without their expertise, products, and engineering. Consequently, what I call “high school science club management” has pushed aside the traditional methods of generating revenue.

Now policeware and intelware vendors offer podcasts, assuming that investigators and intelligence professionals have the time and interest to listen to marketing information about the latest and greatest in graph generation, analytics, and visualization.

There are experts who want to build their own book and training businesses. In the last three days, I have received a half dozen email blandishments to attend this free webinar or download that list of OSINT tools.

What’s next?

Google online advertising to get me to license Blackdot, Qwarie, and Vesper technology?

Here’s the problem:

There are too many companies chasing available policeware and intelware dollars. Established vendors capture the significant projects; for example, Darpa awarded a hefty machine learning contract to BAE Systems, one of the go-to vendors of advanced technology to defense, law enforcement, and intelligence entities.

But every dominant vendor like BAE Systems, there are dozens, if not hundreds, of smaller firms vying to contract. These smaller firms usually work within the procedures which began taking shape in World War II, largely influenced by countries like Britain and several others.

The new companies appear to support the Facebook- and Google-type approach to business. From move fast and break things to digital misdirection, the approach to generating revenue from LE and intel related products and services is shifting. Forget the low profile, off the radar approach. Today it is big trade show booths, podcasts, videos, webinars, and increasingly Madison Avenue style marketing.

Not surprisingly, the three examples cited in this essay are quite different. Cellebrite is virtue signaling. NSO Group is struggling with a lone wolf action. Banjo is dealing with a founder’s youthful dalliance with distasteful activities.

It is indeed risky to generalize. Nevertheless, something is happening within the policeware and intelware market sector. I cannot recall a cluster of news events about LE and intel service providers which startle and surprise in a triple tap moment.

Is there a fix? I want to be positive. Other firms in this sector have an opportunity to assess what their staff are doing with products and services of a quite special nature. Like the nuclear industry, great management effort is needed on an ongoing basis to ensure that secrets remain secret.

The nuclear industry may not be perfect. But at this moment in time, policeware and intelware vendors may want to examine the hiring, management, and institutional approaches in use for decades.

Regulation may be useful, but policeware and intelware is a global activity. Self-control, ethical behavior, and tight management controls are necessary. Easy to say but tough to do because of the revenue pressure many of these vendors face. Plus, outsourcing means that government agencies often cannot do their work without third party support. There is a weird symbiosis visible today: Funding sources, technologists, enforcement officers, procurement professionals, and managers with an MBA.

Bad actors love these revelations. Each item of information that reveals capabilities, weaknesses, and methodologies helps those who would undertake criminal or deleterious activities.

Unless the vendors themselves button up, the unmentionables will be exposed and flap in the wind.

Stephen E Arnold, April 29, 2020


Comments are closed.

  • Archives

  • Recent Posts

  • Meta