For Christopher Ahlberg, predicting the future is as simple as typing a single word into a piece of software.
For example, punching the word “protest” into the dashboard of his software product pulled up a real-time map of areas around the world where conversations about future protests were taking place.
“Interesting,” Ahlberg told me on the phone. “We get a very specific set of places in Nigeria where there are protests.”
Ahlberg is the CEO of Recorded Future — a company that makes software which he claims can create actionable data points about what is happening — or what is going to happen — in the world by analysing all of the text on the open web.
In this specific example, Ahlberg was able to predict where protests in Nigeria would pop up next by using his software to aggregate open calls for participation that protesters have already published on the web through blogs and other public sources.
But it’s not always as easy for Recorded Future to see what’s going on in the world. Tech savvy hackers, for instance, don’t publicly announce their actions in the same way, Ahlberg noted.
Even so, his company is likely to be clued in. That’s because Recorded Future doesn’t just mine open forums for information: it tries to scan every part of the open web. Hackers frequently talk to each other on chat platforms known as IRCs — and Recorded Future is able to pick up those conversations too.
“8 billion data points, 600,000 sources,” Ahlberg rattled off. “English, Arabic, Farsi, Chinese, Russian, Spanish, and French. Thousands of sources each week; from the deepest underbelly all the way up to news,” he explained.
Recorded Future’s software is programmed to constantly monitor these sources and relay data in real time. In short, if it’s being written on the open web, Recorded Future will likely see it and index it.
Preventing future cyber attacks
Recorded Future has been around since 2008, but it’s been getting more attention in recent years. When the company first launched, it considered itself an intelligence platform for anyone trying to get an idea of what’s going on in the world. It wanted to be a go-to automated intelligence platform for any operation big or small.
Both Google and In-Q-Tel (the CIA’s investment arm) invested money into the company in 2010. The company has since kept a relatively low profile, building out its service offerings based on its hallmark technology.
In the early days, Recorded Future saw the most interest from the financial sector. Quant investors were able to use the platform’s intel to make market predictions.
But now, Recorded Future has morphed into more of a cybersecurity outfit.
“We started seeing about two years ago this area of cybersecurity exploding,” Ahlberg said.
Companies trying to get a handle on what cyber-criminals are aiming to do have been seeking out Recorded Future’s technology. It’s slowly becoming known as an automated cyber-attack platform.
At first glance, Recorded Future looks almost like a web analytics dashboard.
One page shows all the known online attackers, what methods they use for attacking, and which geographical areas they are targeting. Another indexes all of the instances a specific threat has been mentioned. If a customer is trying to track a certain threat, it can set up email alerts so they can remain abreast of the situation.
That’s primarily why the global air transport technology company SITA uses Recorded Future. SITA provides the backend IT and communications technologies for nearly all aspect of air travel, and its customers consist of airlines, airports, and even governments. Big players in the airline industry are frequently facing cyber threats, so it needed a way to analyse potential attacks.
Companies like SITA, whose partnerships are vast and with heavy-hitter aviation names, face cyber-attack issues everyday. For example, every year hackers perform an annual campaign against Israeli targets. Given that SITA’s customers fly to the country, and many of its clients are based there, it’s necessary to have up-to-date information about what precise hacks are happening.
SITA has even used Recorded Future to monitor leaked user names and passwords of its customers.
Can it read everything?
But with this technology comes potential for controversy surrounding privacy.
This was exhibited earlier this year when a coding website asserted that Recorded Future was even analysing Facebook private messages.
The website, Bosnadev, had posted a link to a private link in a Facebook chat box. It then claimed that the link was opened by Recorded Future, despite it never posting the link to anything but Facebook. To Bosnadev, this meant that Recorded Future had access to private chat messages.
It turns out that this thought-to-be private link had actually been posted online via a server log put on website Pastebin. While Recorded Future adamantly maintains that it does not have access to private Facebook chat messages, the fact that it was able to access such an obscure link so systematically demonstrates the technology’s capabilities.
Privacy concerns aside, Recorded Future’s software creates vast business opportunities for some. Ahlberg emphasised that his company’s services shouldn’t be pigeonholed to one specific use case — saying nearly any business with a stake in online intelligence could likely find a use for its online engines.
For now, though, many cybersecurity firms are using Recorded Future to mine more robust data.
“Our customers are incredibly innovative,” he said. “They have used the product for things that have blown our minds.”