Open Source Intelligence: What Social Media Can Tell Us

14 February, 2020

Matt Burns

Open Source Intelligence: What Social Media Can Tell Us

Open source intelligence is a hugely valuable data source. And the information we freely give away on social media forms a key part of it.

From one profile, a person’s name, online pseudonym, geolocation and social network can be gathered in seconds. But for the most part, this stays as raw data.

Law abiding citizens nurture their profiles free from the gaze of the authorities. On the other hand, criminals do not.

Their social media is mined for potential clues which can connect them to crimes. And it’s an incredibly fruitful law enforcement technique.

What is open source intelligence?

Open source intelligence (OSINT) is data gathered from the open internet for intelligence purposes. The data is accessible by anyone.

Open source intelligence need-to-knows

  • Open source data accounts for a tiny proportion of the internet’s data

99% of the information held on the internet is on the Deep Web. Though some of the information held there can be considered open source, much of it can’t. For example, you can’t find information held on the Dark Web on search engines. This is a highly encrypted component of the Deep Web where key identifiers like the DNS and IP addresses are removed.

  • Law enforcement leverages OSINT to protect people from a variety of crimes

Open source intelligence often provides investigators of sexual exploitation, identity theft, drug crime, trafficking and more with important clues. Keywords and images that appear on the open internet can help law enforcement to apprehend suspects before their crimes escalate.

Why is social media such an important open source intelligence resource?

Billions of people have profiles on social networking sites. And a significant percentage of them upload content underpinned by rich data. For example, a single image posted to a social networking platform can include geolocation, metadata and camera serial numbers.

That’s not to say social media intelligence is comprehensive. After all, it only represents a minute portion of the data held on the internet.

However, social media intelligence is actionable and often progresses criminal cases towards positive conclusions. This is because, by connecting fragments of data, law enforcement can work out a suspect’s whereabouts and activities.

Aside from images, these data fragments can come from videos, location check-ins and tags from different social media platforms.

Example One: Social media open source intelligence

A simple example of open source intelligence gathering through social media is as follows.

Let’s say an investigator is doing some background research on a person of interest. They Google the person’s name to work out their digital footprint and potentially incriminating sources of evidence.

Their checklist of questions would include:

  1. Is the suspect active on Facebook?
  2. Is the suspect active on Twitter?
  3. Is the suspect active on Instagram?
  4. Does the suspect have a personal blog?
  5. On these platforms, does the suspect have their location settings turned on?

After answering these questions, the investigator would check if any of the intelligence correlated with the crime they’re investigating.

Example Two: Social media open source intelligence

A second, more detailed, example would be when an investigator is focusing on a particular piece of evidence. Let’s say in a child sexual exploitation case.

The investigator is trying to verify the whereabouts of the person of interest on the day the crime was committed.

The piece of evidence is an Instagram photo of the person of interest. In the background, there’s an apartment block and a petrol station.

The photo was taken on the day the crime occurred, but no geolocation data can be extracted from it. Further, the person in question has given no indication of their whereabouts on their other social media platforms.

The investigator must figure out if the person of interest was in the vicinity when the crime took place. So, by using Google Maps, they identify locations where petrol stations and apartment blocks are in close vicinity in the city.

They narrow down their search to the specific chain of petrol stations featured in the original image. This leaves them with three results.

Next, on Street View, the investigator tries to recapture the angle of the person of interest in the photo. However, on the first two sites, it’s impossible to capture both landmarks in the same frame.

But the third photo of the suspect corresponds with Street View. This proves that they were in the area on the day of the crime.

Can open source social media intelligence be leveraged on the Dark Web?

Yes, open source social media intelligence can be leveraged in Dark Web investigations. This is achieved by matching device properties and metadata found on the surface web with corresponding data on the Dark Web.

CameraForensics collects and indexes open source images to help law enforcement safeguard victims of child sexual exploitation. By providing powerful BigSearch functionality, inclusive and exclusive filtering and Exif parameters, we empower investigators to drill into data. This helps them to deanonymize perpetrators and keep citizens safer.

Please get in touch to see how the CameraForensics platform can help you


Subscribe to the Newsletter