Open Source Intelligence
We highlight various types of situations where online information can significantly increase profiling effectiveness, especially for urban targets. Understanding internet visibility is a prerequisite for an effective defense against internet counter-intelligence attacks. We work with clients to examine and identify effective OSINT methodologies that can be incorporated into their investigation frameworks.
Search Engine Masterclass
Search engines are a readily available tool to conduct basic exploratory analysis. To unlock the full data-mining potential of search engines, it is vital to continually upgrade searching capabilities, with the aim of generating search queries that return more specific and targeted search results.
The Dark Web
Not all is what it seems, and the saying is never truer than on the internet. Search engines work in very specific ways to catalogue easily accessible websites, and index them to allow for quick access to what is called the surface web. There is however, a deeper, darker web, which utilises web layers to circumvent search engine indexing, building networks based on anonymity. Other methods of concealment may be deployed, such as steganography, where an unassuming image may be encoded with valuable information, hidden in plain sight.
General Internet Defence
The internet is built on several very standardised forms of communications between computers, with some parts of the communication being safer than others. The effective use of each part of the internet for its designed purpose will only ensure that communications are secure. Various methods and tools can be employed to minimise risks whilst online and allow for the quick identification of internet security threats such as phishing, spamming and clickjacking.
Underlying Web Mechanisms
The internet is an evolutionary structure which has changed its form every so often to cater for the growing needs of its users. We provide an overview of the modern architecture of the internet, in terms of what happens when a user requests for a website, how websites are served, and how website data is transferred through undersea cables and exchanges, to arrive at the user’s computer. Understanding how internet requests and responses travel across cyberspace will allow investigators to identify key parts of the chain where information can be monitored and extracted.
Social Network Information Extraction (SOCMINT)
The advances in social media technology, in combination with the oversharing “me” generation, has presented a unique situation where many individuals willingly and frequently upload personal information online for public consumption. We provide an appreciation of the mechanics of social networks to allow for a better understanding of the types of information that can be obtained directly, or at least gleaned from social media data and methods to extract them.
Exploiting Public Databases
There are various initiatives and work groups that consistently gather data surrounding a cause or a common interest. These databases are usually available for online access at minimal or no cost, allowing for the generation of additional leads where the traditional investigative process stops due to policies and jurisdiction. Many data feeds are also unsecured, providing skilled analysts with the opportunity to access live feeds such as unsecured CCTVs, and exploit or protect against vulnerabilities in unsecured IoT connections.
Social Media Tracker
The social media tracker allows for the tracking of social media accounts across a wide range of identified media using our proprietary model. The reporting allows for the identification of the status facing specific crucial issues and determination of how particular actions are progressing.