Not long ago, a would-be terrorist would have needed weeks of surveillance, technical expertise, expensive software, and help from trained specialists to understand a critical infrastructure target's vulnerabilities.
Today, that same individual could ask an AI chatbot questions, review publicly available satellite imagery, and analyze information about a target all without leaving home.
The accessibility of this technology has made it easier than ever for bad actors to identify and exploit weaknesses in the systems Americans rely on every day, like roads, bridges, railways, communications infrastructure, powerplants, and more.
What’s new
A new study from the University of Nebraska at Omaha (UNO) National Counterterrorism Innovation, Technology, and Education (NCITE) Center examined how threat actors with varying levels of technical expertise could use open-source GIS tools, public datasets, and generative AI to conduct reconnaissance and planning activities targeting critical infrastructure.
People are also reading…
Why it matters
Critical infrastructure operators have traditionally focused on threats involving classified information, insider access, or sophisticated technologies.
- The study suggests a growing challenge may come from the creative misuse of publicly available data and tools that are accessible to nearly anyone with an internet connection.
- Researchers found that even low-skill users could identify basic facility characteristics using free satellite imagery.
- When paired with generative AI, those same users were able to draw more sophisticated conclusions and generate more advanced planning scenarios than would typically be expected without specialized training.
Zoom in
The research published through the National Geospatial-Intelligence Agency’s Tearline platform was authored by Elle Ward, a doctoral student at the University of Nebraska–Lincoln and NCITE research assistant; Austin Doctor, Ph.D., UNO associate professor of criminology and criminal justice and NCITE director of strategic initiatives; and Ryan Vilter, a UNO MBA student and NCITE graduate research assistant.
What they’re saying
- Elle Ward, NCITE research assistant and University of Nebraska–Lincoln doctoral student: “People often assume it takes classified information or highly sophisticated technology to identify and exploit weaknesses in critical infrastructure. What we found is that someone with merely a laptop, publicly available information, and an AI tool can now do things that once required specialized training and resources. As AI and geospatial technologies continue to create new opportunities and efficiencies, it's crucial we understand how they could be misused, and what that means for the security of the systems and information we rely on every day.”
- Austin Doctor, Ph.D., UNO associate professor of criminology and criminal justice and NCITE director of strategic initiatives: “Research like this helps security professionals better understand how emerging technologies are changing the threat landscape and where new vulnerabilities may exist. But just as important, it gives our students the opportunity to tackle real-world national security challenges, develop highly sought-after analytical skills, and prepare for careers in government, industry, and research where they can help protect critical infrastructure.”
