Transforming Public Data into Open-Source Intelligence

Hand holding digital globe with tablet, magnifying glass, lightbulb, and other icons around it.

Lawful intelligence tools and practices must be nimble enough to draw data from a wide range of sources but powerful enough to help analysts draw investigative insights from it. Inputs may be as reliable as verified lawful intercept or location data, as flimsy as scraped social media data, or even fragmented as scraps of encrypted metadata. The lawful intelligence platform must help investigators draw and corroborate conclusions while also accounting for the integrity of the information itself. Rigorous validation allows only the most robust data to be analyzed, transforming it from raw, public information to open-source intelligence (OSINT).

While the skill, experience, and intuition of human investigators must remain at the center of this work to synthesize e actionable conclusions from the full spectrum of information available, computer-driven automation can greatly assist investigators. The information sets available today are often far beyond the capacity of humans to manage with the rigor and efficiency required. Modern tools help scale investigations using technology rather than additional human resources, making it practical and efficient to consider more potential evidence.

These platforms must also operate within legal and ethical boundaries to ensure they adhere to local privacy laws and other jurisdictional requirements. SS8’s decades of experience working with international law enforcement agencies (LEAs) and the global intelligence community help us create solutions that give investigators sophisticated workflows where human and machine logic complement one another to capture, vet, and analyze public data and transform it into open-source intelligence.

Incorporating OSINT into Lawful Intelligence

From the lawful intelligence perspective, OSINT comprises information that can be freely collected and analyzed without special authorization and used to contribute to investigations. While it may include sensitive elements such as personally identifiable information, it does not include legally restricted sources, and lawful intelligence operations properly seek to protect privacy rather than violate it.

LEAs typically begin investigations with specific types of information from public records such as names, phone numbers, addresses, and digital usernames and handles. A wide range of tools are available to mine and scrape such information from the internet, allowing investigators to cross-reference many different data sources to build comprehensive profiles on subjects of interest.

The SS8 platform uses APIs to effectively access and query such tools and information sources from a single interface and includes analyst-focused tools to guide discovery and verify, validate, and flag evidence for human investigators. This helps build cases and assemble requests for warrants and other authorizations for more targeted investigations. At the same time, the SS8 platform automatically inspects and validates inputs, identifying data of potential interest and checking expected formats for strings such as phone numbers and email addresses.

Within the spectrum of information sources, many LEAs maintain extensive repositories of historical operational information. Data from these past cases and subjects of interest can be valuable to new or ongoing investigations, and SS8 incorporates it as a primary information source along with those of other LEAs and various public records systems. This extensible connectivity to existing or publicly available information, wherever it resides, is a critical component of state-of-the-art lawful intelligence.

Managing Information from the Deep Web and Dark Web

The internet is often compared to an iceberg, with the vast majority of its contents hidden beneath the surface. By some estimates, as much as 94% of it is made up of the deep web and dark web, which are invisible to conventional browsers, search engines, and users. This is where stolen data is bought and sold illicitly, from financial records to email addresses. As these markets have proliferated and developed in recent years, so too have the publicly available OSINT tools designed to investigate and analyze them. For example, an enterprise company might use such tools to help investigate financial fraud or as part of a breach response to track its compromised data.

From an investigation perspective, using information from the deep and dark webs involves an added layer of secrecy and hidden identities. Illicit actors necessarily obscure who they are in these venues, but identifying individuals is fundamental to making use of associated OSINT. The SS8 platform provides data fusion and analytic capabilities that can help associate a user handle from an illicit cyber market with a public email or IP address, creating a key investigative connection. This information can then be easily compiled into suspect profiles using our powerful iDossier capability, allowing LEAs to gain a more complete understanding of a suspect’s pattern of life and criminal associates. Stitching together clues from all available information allows a comprehensive view and helps investigators derive the full value from every data source.

The range of OSINT tools built for cybersecurity, fraud prevention, and other usages offers a wide variety of potential contributions to lawful intelligence. Most, however, were built for other domains, which can limit the efforts of LEAs to adapt them to their investigative needs. SS8 provides the technical bridge for that integration, such as providing open APIs and powerful query capabilities that help analysts access such tools and leverage the wealth of public information available today to enhance investigations.

About Syed Hussain

Syed Hussain headhot

Syed Hussain has spent more than 20 years working in the telecommunication and cyber security industry in Engineering and Product Management leadership roles. He brings significant technical expertise to his role as VP of Product Management for SS8’s Lawful Intelligence products, covering Service Providers and Law Enforcement market domains. He has led architecture and design of 4G and 5G Lawful Interception solutions in Cloud and non-cloud environments. Syed represents SS8 in both ETSI and 3GPP standards bodies and at technology summits and holds a BS in Computer Science and Engineering. You can learn more about Syed on his LinkedIn profile here.

About SS8 Networks

As a leader in Lawful and Location Intelligence, SS8 helps make societies safer. Our commitment is to extract, analyze, and visualize the critical intelligence that gives law enforcement, intelligence agencies, and emergency services the real-time insights that help save lives. Our high performance, flexible, and future-proof solutions also enable mobile network operators to achieve regulatory compliance with minimum disruption, time, and cost. SS8 is trusted by the largest government agencies, communications providers, and systems integrators globally.

Intellego® XT monitoring and data analytics portfolio is optimized for Law Enforcement Agencies to capture, analyze, and visualize complex data sets for real-time investigative intelligence.

LocationWise delivers the highest audited network location accuracy worldwide, providing active and passive location intelligence for emergency services, law enforcement, and mobile network operators.

Xcipio® mediation platform meets the demands of lawful intercept in any network type and provides the ability to transcode (convert) between lawful intercept handover versions and standard families.

To learn more, contact us at info@ss8.com.

Follow Us LinkedIn       Tweet Us @SS8

SS8 Newsletter

LATEST WEBINAR

THE DATA SILO DILEMMA FOR LAW ENFORCEMENT

How to Ingest, Filter and Query 5G Volumes

Webinar Presented by Kevin McTiernan

CLICK HERE to watch!