recommended reading

Tool will help TSA connect the dots among scattered pieces of digital evidence

Sergey Nivens/

The Transportation Security Administration has awarded a contract for technology to mine digital evidence scattered across emails, the cloud, hard drives and digital files stored in the agency’s internal network, according to the system developer.

The tool digests huge volumes of disorganized information, known as big data, according to officials from software firm Nuix.

The company was not authorized to speak to the types of investigations that the technology will help TSA pursue.

TSA’s Focused Operations Branch expects to use the technology for after-the-fact investigations, not screening would-be hijackers -- although agency officials recently said that is a big data effort TSA might pursue.

This type of forensics investigation involves sorting hard facts already collected, and strewn across incongruent data sources, to build solid cases.

“Hypothetically, if they have an individual they have profiled in the past digitally or digital information on previously profiled individuals, Nuix could provide visibility into additional connections to other people,” said Peter Morse, U.S. public sector director for Nuix.

TSA officials could not comment in time for publication.

Generally, investigators use evidence synthesized by such software to convict criminals, or to piece together proof of ongoing criminal activity, Morse said.

Investigators for the Internal Revenue Service’s Criminal Investigation division, Health and Human Services Department inspector general, and Immigration and Customs Enforcement, for example, cull evidence of fraud with the software.

According to TSA’s contract specifications, the technology must be able to crunch up to 1.5 terabytes daily, or the amount of paper made from 75,000 trees.

Here is how it works: With the software, a federal agent can find out who an individual has emailed incriminating information to, based on seized computers, while simultaneously inferring which websites that individual has visited based on cloned hard drive data. At the same time, the agent can be examining the timestamp on a digital photo file retrieved from a smartphone to determine where the suspect was on a certain date.

The technology does not intercept emails, wiretap smartphones or perform other types of real-time surveillance. Rather, it extracts emails, digital recordings or other communications and files that an agency has collected in the past, Morse said.  

The contract cost was not disclosed.

(Image via Sergey Nivens/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.