Threat Intelligence & Incident Response

Reducing Prison Risks Through AI-Based Threat Intelligence

Technology acts as a force multiplier to help investigators keep tabs on arrivals and expose potential conflicts

Originally written for Corrections1 by Johnmichael O’Hare, sales and business development director of Cobwebs Technologies.

From federal and states prison to local jails, corrections personnel face a common problem: understanding who, exactly, they are bringing into their facilities.

Does the newcomer pose a safety risk to other inmates or corrections officers? Is the arriving prisoner affiliated with a gang? Needless to say, a gang member housed among his or her rivals becomes instantly “marked” for violence and an opening for all-out war.

Department of corrections (DOC) investigators are on point for knowing their prisoners and preventing conflict where possible. But to do so, they face the dual challenge of investigating the criminal networks operating within the jail or prison and keeping tabs on external networks and their relationships with inmates. It is complex work with no margin for error.

DOC investigators, which consist of DOC intelligence units and DOC officers, working alongside external law enforcement agencies when necessary, face a number of obstacles. They may lack ready access to actionable intelligence or become bogged down in complicated investigative processes. They may use disparate investigative solutions that fail to provide a comprehensive view of the threat landscape.

Other challenges include prisoners with contraband. The list of illicit gear includes internet-enabled devices such as cell phones, which let inmates manage their enterprises while in prison. In the case of tech-savvy prisoners, cell phones provide an onramp to the deep or dark web. In those regions of the internet, which operate beneath the familiar “surface” web, threat actors can conduct business using anonymizing browsers that conceal their online activities from authorities. This brings up another technical issue: DOC investigative teams typically lack the know-how and technical tools for probing the deep and dark web.

The upshot? Investigators struggle to uncover inmate affiliations, whether within a facility’s walls or with external associates. As a result, prisoners can continue to manage their business dealings and interact with external networks while incarcerated. The organizational structure remains intact inside and outside the facility. The situation worsens when contraband technology is added to the mix. Cell phones can prove difficult for corrections officers to detect, which means conventional internet and dark web communications can continue uninterrupted.

WANTED: TECHNOLOGY

What’s needed is a technology equalizer that puts DOC investigators in a better position to uncover threat actor relationships that encompass external gang members and the incarcerated population. DOC personnel, however, often go about their missions without effective technology tools that provide threat intelligence.

As a consequence, the investigative process becomes slow – as does case resolution. The quality of intelligence is questionable. Crime networks persist and corrupt prison staff can continue to smuggle contraband. The reputation of the jail or prison, along with its management and employees, suffers.

So, what do DOC investigators need to break up relationships between organized crime groups, or gangs, in prison and their external counterparts?

Fundamentally, investigative teams should have access to artificial intelligence (AI) and machine learning (ML) technology that delivers trustworthy and actionable intelligence. AI and ML automate the investigative process, which is critical for prisons constantly vetting arrivals. The largest complexes may process hundreds of new inmates every day. 

The influx of newly incarcerated people is too large to evaluate effectively without technology assistance.

With AI and ML in place, DOC investigators gain continuous situational awareness regarding threats to officers, inmates, and the facility itself. This level of protection stems from the ability of AI and ML to conduct a deep analysis of groups and threat actors.

Traditionally, determining whether a new inmate is a member of a security threat group relied on the prison’s knowledge of insignia such as tattoos or a prisoner’s declaration of affiliation. Absent those indicators, investigative teams need to know the inmate’s social network. Here, technology can help investigators look into a person’s social media presence prior to incarceration.

Such social media analysis could reveal relationships with gangs. That insight helps corrections officials properly gauge the prisoner’s threat to other inmates or, conversely, determine whether the inmate will be vulnerable to attack. The social media examination can also determine whether the inmate has any connections to corrections officers, which protects officers from harm or, at the other extreme, sheds light on potential insider threats.

Gaining insight into an inmate’s friends and foes outside the prison is also important. If DOC investigators focus solely on what they observe inside the facility, they could be missing some vital intelligence. A person that had a beef with the prisoner while on the outside becomes an obvious threat if admitted to the same complex.

The ability of AI and ML to churn through big data plays a key role in social media analysis. Attempting to manually process the millions of social media posts that accumulate daily would be impossible without advanced technologies that let investigators scale their analyses. In addition, investigators can train AI and ML to flag the posts most valuable to their current inquiries.

AI also provides image recognition. Finding visual clues has become increasingly important as more social media posts revolve around images and videos. Gangs may post music videos, for example, that could point to affiliations or outgroups targeted for violence.

In summary, social media analysis helps DOC investigators know their prisoner, know what’s happening on the street and get the jump on possible insider threats. The ability to conduct in-depth analyses of social connections also provides insights into hierarchies that span jails, prisons, and the outside world. DOC officials, equipped with such knowledge, can break up nodes within prison networks and transfer prisoners who could destabilize a facility.

DIGGING BELOW THE SURFACE

The deep and dark web provides hiding places for threat actors. While most prisoners probably won’t access those internet layers, a few may have the technical knowledge to do so. Members of homegrown violent extremist groups, for example, may turn to the dark web once they’ve been expelled from, or choose to abandon mainstream social media sites and forums. DOC officials need to stay ahead of the technology curve, given the rise of such groups.

The scope of threat intelligence, therefore, should include the forums and communications channels lurking below the surface web. AI-driven web intelligence can help investigators monitor the dark web, using complex keyword searches. DOC investigative units may already possess a trove of useful keywords if they have compiled dictionaries of prison language and code. Let those terms fly across all the layers of the internet – dark websites as well as familiar social media outlets on the surface web.

Signals intelligence, or SIGINT, is another advanced technology capability that can help DOC investigators uncover threats that would normally be hard to interdict. SIGNIT can identify the presence of unlawful electronic devices such as cell phones within the boundaries of the prison. Once investigators are aware that an illicit mobile phone is being used by inmates, they are then able to utilize location data to identify the rough position of the device. AI can help with the processing of signal data, much as it does with web and social media data.

BENEFITS OF TECHNOLOGY-BASED THREAT INTELLIGENCE

From social media analyses to SIGINT, investigations enabled via AI and ML give DOC investigators a critical edge. Here are some of the benefits:

  • Diffuse the potential for violence among inmates or toward corrections officers.
  • Gain threat intelligence that uncovers the key players in security threat groups, mitigating the risk of prisoners running internal and external networks from their cells.
  • Find and remove the tools of communication, further disrupting networks and threat actors’ ability to coordinate plans.
  • Support police forces and prosecutors: DOC investigators, as they gather accurate data on gang affiliations, can serve as expert witnesses in court cases.
  • Become a better intelligence partner: DOD intelligence units, corrections officers, state police forces and other law enforcement agencies share data on incoming prisoners. With AI and ML technology, a DOC can offer more actionable, trustworthy data.

The task of identifying and classifying incoming prisoners presents a daily challenge for DOC investigators. The numbers are daunting. But AI and ML technology provide a force multiplier that helps investigators keep tabs on arrivals and expose potential conflicts before they become problems.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybsercurity, go to AI-Techpark.com.

Related posts

Riskonnect Launches Threat Intelligence Module with OnSolve

Business Wire

Kyndryl Announces Recovery Retainer Service

PR Newswire

Searchlight Security Launches New Ransomware Group Module

Business Wire