Network mapping is the process by which an adversary gains insight into the organization and social relationships of a given network. By gaining this insight, an adversary can select individuals for additional scrutiny, arrest, or recruitment as informants.
The State very frequently uses social media friends lists (a form of open-source intelligence) for network mapping because they do not require a warrant or legal authorization.
Used in tactics: Incrimination
Mitigations
| Name | Description |
|---|---|
| Anonymous phones | You can use anonymous phones to make it harder for an adversary to conduct network mapping. |
| Avoiding self-incrimination | An adversary can use information obtained through self-incrimination to endanger not only the individual from whom the information was obtained, but also the rest of their network. To mitigate this, you should not talk to an adversary under any circumstances, and you can avoid providing biometric information (face photograph, fingerprints, DNA) if possible. |
| Compartmentalization | You can compartmentalize your different identities (or projects) to make it harder for an adversary to conduct network mapping. |
| Digital best practices | You can follow digital best practices, and in particular use end-to-end encrypted messaging applications on encrypted devices, to obscure your social networks and make it harder for an adversary to conduct network mapping. |
| Fake ID | During an ID check, you can present a fake ID to make it harder for the State to conduct network mapping. |
| Need-to-know principle | You can apply the need-to-know principle to make it harder for an adversary to conduct network mapping. |
| Network map exercise | An adversary can conduct network mapping by using infiltrators and informants to monitor networks: infiltrators and informants build credentials through association, build social profiles of people in the network, find pressure points to instigate interpersonal and political conflict, and entrap people. To mitigate this, you can conduct a network map exercise to make your network more resilient to infiltration attempts and help ensure it does not place trust in people who could become informants. |
Used in repressive operations
| Name | Description |
|---|---|
| Mauvaises intentions | To prove that the accused comrades knew each other and were therefore likely accomplices, the investigators used several clues[1]:
|