As social media seamlessly integrates into our everyday lives, its value as an intelligence source has gained significance. In this blog, our experienced Tradecraft Advisor explores social media intelligence and its importance to investigation teams.
Open-Source Intelligence (OSINT) is an overarching term used to describe any method focused on gathering publicly available data from open sources. This can include public records, news sources, search engine results, the dark web and social media content.
Talking about OSINT is like talking about healthcare. It’s such a broad topic, that it comes with its own subcategories and niche methods that deal with specific requirements.
Analysts may need to meticulously research internet records using advanced internet search techniques. Security services and police teams may wish to conduct monitoring of keywords and hashtags found in information feeds to identify threats to an area or event. This information can then be geolocated using flight data, ship tracking, content metadata found in a post, or even manual analysis of an image or video to determine its location.
Criminal investigations might take a team to the Dark Web, requiring additional knowledge and software to access some of the trickiest areas of the internet. Investigators might need to use a combination of OSINT methods to gather the right data.
The value of SOCMINT data for Intelligence teams
In almost every type of investigation, an intelligence team will need to access social media data to corroborate existing information or identify new leads. SOCMINT specifically focuses on extracting intelligence and insights from social media platforms like mainstream platforms, niche platforms and country-specific sites. Tasks can involve discovering multiple accounts for one individual, deanonymizing criminal users or linking groups of people together to understand their networks in real time.
Types of Social Media Data
Once accounts have been identified, the next important step comes in analysing collected social media data to gain valuable insights about individuals, organizations, events, and trends. This data can be divided into two main categories:
- Timeline Data – Images, video uploads, posts, comments.
- Non-Timeline Data – Friends/Follower lists, profile details, page ID, profile descriptions (bio/about me)
The use cases for SOCMINT are abundant but maintaining persistent access to the ever-changing platforms is a daily challenge. To have the greatest coverage of threat actors’ activity, analysts need to have access to as many current and emerging social media platforms as possible. This involves continuously identifying threat actor profiles across the internet, securely gaining access to the platforms, and having a way to collect masses of data in a structured format for further analysis. All of this must be done at scale and be repeatable.
Manually, this collection and discovery process requires advanced knowledge and complex infrastructure to be in place, draining valuable time analysts could spend on their investigations.
Leading the way with Fivecast ONYX
Our cutting-edge OSINT tool, Fivecast ONYX, delivers unmatched access to multi-media data across a diverse range of platforms on the Surface, Deep, and Dark Web to identify relevant accounts and subjects for deeper exploration in real time. Significantly, Fivecast ONYX goes beyond data access, providing an intuitive, AI-enabled risk detection framework which analysts can customise to their investigation topics to filter through masses of data to uncover potentially risky data in a timely manner.
We consistently broaden and enhance the range of supported data sources to align with current industry patterns, catering to a range of intelligence objectives. Our Product Development and Tradecraft teams, with extensive backgrounds in intelligence, law enforcement, border security, security vetting, and private industry, contribute their know-how. Fivecast ONYX data sources have been carefully selected to ensure comprehensive coverage across the Surface, Deep, and Dark Web.