In today’s digital world, the ability to handle massive amounts of data quickly and accurately is crucial. Intelligence analysis, a key part of law enforcement, national security, and private sector security measures, is evolving. Traditional methods relying on relational databases no longer suffice. This shift necessitates fusion analysis, which revolutionises how we gather, analyse, and use intelligence.
In this post, we’ll explore insights shared by Iulian Timischi from Graphware during an educational webinar hosted by Interpol for 195 member countries reps, introducing this transformative approach enabling fusion analysis at scale.
From Tables to Graphs: The Evolution of Intelligence Analysis
Traditional table-based databases are increasingly seen as outdated and cumbersome. They struggle to represent the complex and interconnected nature of the real world. Graphs, with their nodes and edges, offer a more intuitive way to represent relationships. This shift from tables to graphs is pivotal for intelligence use cases, which often focus on the connections and relationships between people, places, or events.
Fusion Analysis At Scale
Classical intelligence analysis relies heavily on human expertise and manual labour, but this is changing. As the volume of data explaining our connected world grows exponentially, the classical approach has become so demanding that it disables the capability to act fast, and is error-prone. On the side of experienced analysts, there is an urgent need for data engineers and analysts with advanced technical skills. There are too few of them for the needs of the intelligence industry.
The concept of fusion analysis is necessarily evolving by leveraging graph technology: automating data ingestion into a single and searchable source of truth from multiple sources, integrating cross-domain data in real-time, and supporting machine learning and AI applications. These are all revolutionising fusion analysis – unlocking the scaling capabilities to catch up with our connected world.
Fusion Analysis In Action: Investigating a Series of Cyber Attacks on Critical Infrastructure
Iulian presented a compelling cyber use case focused on the healthcare industry, a prime target for cybercriminals in recent years. The scenario involved a series of cyberattacks on hospitals, showcasing the challenges and solutions provided by fusion analysis.
In a hypothetical 2025 scenario, hospitals A, B, and C suffered cyberattacks. Using GraphAware Hume, analysts mapped attack details into a single unified canvas. This made it easy to analyse and connect the dots. The process involved automated ingestion of incident reports, blockchain analysis to trace ransom payments, and large language models to extract insights from dark web forums.
Investigative Process
- Cross-Referencing Data: Call detail data was ingested and cross-referenced with known phone numbers, pinpointing suspects’ locations and activities.
- Mapping Identity: Analysts used Hume to map identities, including living entities and digital data like emails and usernames. This comprehensive mapping clarified relationships between entities involved in the attacks.
- Analysing Transactions: Focusing on bitcoin wallets used by the cybercriminals, analysts traced fund flows, identified laundering patterns, and connected transactions to suspects.
- Semantic Analysis: Large language models performed semantic analysis on blog posts and forum threads, identifying trends and potential connections between suspects and cyberattacks.
- Comprehensive Reporting: Hume’s ability to draft comprehensive reports using large language models saved analysts significant time, allowing them to focus on investigations rather than report writing.
Conclusion
What is in store for fusion analysis’s future, and its potential to transform intelligence work? Fusion analysis, powered by graph technology, makes the process faster and more efficient, enabling a deeper understanding of complex data, ultimately leading to better decision-making and enhanced security. By leveraging graph databases and integrating advanced analytical tools, it enables scale, removes errors, and enables deep data exploration in unprecedented speed and ease.
The transition from traditional intelligence methods to fusion analysis marks a significant leap forward, addressing evolving challenges in intelligence and security. As we progress, the continuous development and adoption of such innovative technologies will play a crucial role in our ability to navigate the information from our connected world in order to prevent crime and security threats.