OSINT and 2024. How investigations are changing with analytics of mass data.

In 2024, every single day, users share?6.9 billion?images on WhatsApp,?3.8 billion?on Snapchat,?2.1 billion?on Facebook, and?1.3 billion?on Instagram. (Source: Photutorial)

I remember a long time ago, when internet chat groups were first 'invented'. Images were not posted (bandwidth) and chat was important.

I've put 'invented' into inverted commas because they weren't really invented, they were borne out of Usenet groups, where people would come together to share ideas and technology, and were pretty much only frequented by high tech users, super geeks etc. Once people started getting social on these Usenet groups, other chat rooms were created specifically for socialising, sometimes to keep the idle chatter out of the Usenet groups, other times to create online live forums for people with similar interests.

Images were not posted back then, bandwidth was expensive, and even the most powerful machines couldn't deal with a 1mb image. If you tried to download/see an image, it would take your machine a really long time, as most connections were over 1kbps modems that connected over the telephone line making a screeching noise as it communicated with the telephone line (handshake).

Most websites and chatrooms didn't have capability for posting images - which is weird when we think about that today, when we can easily upload a 4k high definition image to any platform we choose, and it's actually become an inconvenience when a website doesn't accept an image over a certain size (1mb/100mb).

Who remembers ICQ?

ICQ (I seek you) was a way for IRC (Internet relay chat) which was really popular at the time, to become a locally installed chat application, allowing chat and VoIP calls (VoIP was not really heard of at the time) between 2 users. Instant, and always on staying connected. It was the first of it's kind, and was really popular.

Interesting fact: ICQ was sold to AOL, who then sold it to Mail.ru group (the people who run VK, the Russia based chat app).        

At about the same time, internet forums and massive group chat sites were becoming popular. Sites such as Lycos chat which rewarded the chattiest of people with status and rank up in the group, creating hierarchies effectively of individuals who spent their entire time chatting. Places like these coined the famous 'A/S/L?' as strangers were welcomed to the flock by announcing gender, age and where they lived, with many individuals attempting to find love through chat and flirt specific user rooms.

Not long after this, MSN messenger arrived on the scene in 1999, and appeared to be a much more popular platform for young people to chat and socialise.

Online socials was about to escalate in the form of MySpace.

MySpace gave users the ability to create an online profile for people to visit, where they could upload photos of themselves doing the things they loved, such as creating music, or art. One aspect of the site that was hugely popular was the ability to play music when someone visited your profile/page.

MySpace came out at a reasonably similar time to Friends Reunited. Which enabled adults to find old friends from school and the past and reconnect.

All of this gave way to the advent of Facebook. Facebook had a great mix of MySpace features and Friends Reunited features, so became a massive hit immediately. It was officially launched in 2004, and was originally designed to be a way for college students to organise events and connect, but quickly became more than that, and quickly overtook MySpace as the most popular social media, as it allowed not only the ability to reconnect with old friends, but to also have that profile/status front page to your life.

Social Media. Its a phrase that is super common today. We use it all the time. I don't think this was a phrase that was ever used before Facebook came along. All of the other iterations of connecting and chatting online didn't offer the whole experience like Facebook did. You could organise events, create groups, pages, chat (it was much later when messenger was launched), and you could create large lists of people you could count as 'friends'. A large friends list was like a badge of honour, an early 2000's way of saying 'look how popular I am, I have many friends' which increased the connections depth, and started creating large communities of individuals who matched the algorithm, and were match 'suggested' by the system.

Facebook has now given way to more 'advanced' social media, in the form of picture sharing through Instagram, live videos and stories through Snapchat and TikTok, and various social apps offering more privacy by auto destroying messages and media once read.

Not forgetting massive multi user platforms such as Reddit, slicing up all communities into subreddits according to interest, and has quite famously been compared to 4chan (memes), which although many believe to be a dark net site, is not, but spawned 8chan (8kun) which is located on the dark net.

Thanks for the History lesson, but whats it got to do with OSINT?

The fact that all of these different social medias had algorithms that were creating these large groups and communities of individuals all rallying to the same interests, the same locations, the same beliefs, the same causes means that there are huge swathes of already categorised individuals.

Imagine you want to find all of the individuals aged 30-35, in location Leicestershire, who are all interested in music by Robbie Williams? Well, no problem, the algorithm has already done that, someone from Leicestershire has created the Robbie Williams fan group for the over 30's, and the algorithm has suggested it to all of it's target market. Thanks for the lovely grouping Facebook.

The Algorithm.

The dreaded algorithm. The back end to every single social media site. Listening and watching your every move, running it all into a database in order to show you content designed just for you, adverts that you will click and buy, and then harvesting all of this lovely data and selling it or sharing it to other social media providers or advertisers, allowing them to personalise their ads to you through the use of cookies.

This is evident in apps such as TikTok, where my wife will see cooking videos in her feed, and mine is full of attacks, shootings and war footage.

Ever had a chat/voice conversation with friends about a certain product and then found that very same product advertised to you? Coincidence?

A key part of OSINT investigations is being able to work across massive amounts of data to create conclusions, track individuals, companies, tracing money, transactions, and much more. The amount of data that's currently out there is increasing exponentially every day and much larger and faster tooling is required to sift through the data to get to the desired investigative outcome.

Massive Data or Massive Analytics

Societies need to express, and connect, always being able to share their current activity, to 'boast' about how nice their life is to their friends, or to ensure their loved ones know they are safe and well through continued online presence.

I often use the example: An individual is travelling for vacation or work, one of the first things they do when arriving in a foreign country is to let their friends and followers know that they have arrived safely, or to document some part of their travel, whether it's an uncomfortable flight "@BA Your economy seats to Turkey are too small" or a check in at a hotel, or a photo of the view from their window.

Mass analytics can then identify all of the individuals from example: Ireland Nationals or Irish residents, who are currently located in Cyprus. This data is especially important to government for when there is an incident (terror or natural disaster) in a location, and they need to quickly identify how many individuals from their home nation may be located in the vicinity of this incident in order to mobilise international aid.

If we are looking into individuals who may have perpetrated a crime, their social media pages may be closed down or switched off, but it doesn't mean their family has disconnected theirs, and OSINT investigators can piece together the suspects life through snippets discovered on all of the connections that individual may have.

I first got involved with OSINT (it was never called that in the past) when I was much younger, using google, Facebook and many other sources to identify fake accounts, trolls, and favours for friends who thought they may have been cat fished (if you think you have, you probably have!).

Today, although the investigations have more depth and more data, its a little easier to analyse mass data and sway large groups of people to your way of thinking (see: Cambridge Analytica scandal) and the sheer volume of bots on all of the platforms created to spread positive or negative messages by the left or the right means that elections have been won and lost according to the party with the better technology.

Investigations have become more specialised, with different data available for analysis such as IOT devices with public IP, geo data such as satellite imagery, public webcams, and many thousands of news sites, each with a different opinion and new source available as publicly available data.

Utilising the image background to identify a location (Social media strips geo information from the photo meta data) is a new skill that people are developing using sites such as GeoGuesser . The skill to be able to identify a location anywhere in the world based on a picture taken at that location is sometimes astounding.

All of these sources can be utilised to draw conclusions and to build a simple picture for displaying patterns, trend analysis, or even just individuals hiding behind accounts in order to sell drugs on the dark web.

So what does the future look like?

Meta (Facebook) and others are currently working on something they are calling the 'Metaverse' an augmented or virtual reality social universe available by using a VR headset for complete immersion. See the movie 'Ready Player One' for reasons why this might become a nightmare reality. I don't know whether this is the future or not, but the biggest companies in the world right now are investing heavily in to it.

How do you think OSINT has changed? Did you use/remember any of the tech that I talked about here? Did I forget to mention any?

All of this work is my own, and is my own opinion. Any data gained from any sources are mentioned or linked in the article with credits.

About the author:

Sam has a long standing background in Technical Pre-Sales Support, Solution Consulting and Compliance. Sam is a specialist in supporting new and potential client opportunities, by building and delivering bespoke Proof of Concept projects utilising the entire product estate. His rich and varied skillset allows him to immerse customers into new product experiences, tailored to their personal workflows.

Sam is currently working in the field of OSINT investigations, solving regional based crime and incident and showing the route to result as a 'use case' demonstration utilising live open source data.

Sam has authored a number of Industry related articles on subjects including GDPR, Financial crime and Digital Forensics.

Sam’s areas of interest include Cloud Technology, Artificial Intelligence and OSINT investigations.