Offensive OSINT s05e06 - Situational Awareness
Open Source Surveillance is an affordable and powerful OSINT system designed for both companies and individuals. It allows to gather real-time geo data from a variety of social media platforms and numerous other open sources.
Try it on
Introduction
Originally developed to aid OSINT investigations but now it's being used by people with various backgrounds. In this article, I will explore the most common use cases for OSS and demonstrate how it enhances your investigations and helps with day to day research.
System supports many sources: public & surveillance cameras, Internet facing devices (IoT & ICS & Cameras), Wifi networks, crimes, Amber alerts, many social media platforms, information about protests or different ongoing events. This platform stands out because it is primarily location-based. This means that each post or item is displayed on a map with either an exact or estimated location. It effectively combines physical security with incidents that occur on social media or the internet at large, providing a unique and comprehensive view of events as they happen.
Use cases
In previous posts and tweets, I’ve shown how to fully utilize this system and shared some of its most impressive findings. Now, let's explore what OSS can do to enhance your situational awareness across various fields.
Critical infrastructure
Open Source Surveillance allows to quickly find all critical infrastructure facilities on a given territory. It includes military, power, water, religion, communication, emergency sectors.
Last year, there were around 235 acts 0f vandalism on US power grids
Having exact coordinates and up to date satellite images allows to check physical security of the facility. Moreover, OSS allows to gather information about Internet facing industrial devices and potential more information via social media modules.
It's one of my favourite topic, but you should know it already if you follow the blog. I published couple of research to show how to gather intelligence on critical infrastructure around the world.
Situational awareness
Open Source Surveillance provides situational awareness by gathering data from a variety of open sources, connecting the cyber and physical worlds. I'm particularly referring to the Transportation modules—covering planes, ships, trains, incidents, and Waze. Additionally, social media modules like Snapchat, Meetup, Ticketmaster, and Eventbrite provide a full overview of mass gatherings giving more context.
In addition, the Crimes and Amber Alerts modules provide further insights into events occurring in the city, helping to address them quickly
The timeline and statistics feature clearly indicate what happened and where. Additionally, you can obtain more information about the owner of the activity or post. Each item also includes a timestamp, giving you clear details on who, where, what, and when.
Face recognition
Face recognition have gained significant attention among OSINT researchers and law enforcement agencies. OSS enables face search on collected images with just one click.
This feature helps in identifying other social media accounts linked to a person under investigation or discovering new ones from a provided photo. It's particularly useful for finding photos of suspects or missing persons from the News module and using them in the Face Search module.
Crimes & Amber Alerts & Sexual offenders
These modules are particularly useful for various types of investigations. By knowing when and where a crime occurred, we can compare events, photos, or other items from that specific location and time frame.
Additionally, having the exact addresses of sexual offenders in the US and the locations where Amber Alerts were issued can provide further leads and connections
Military
This highlights another unique use of OSS. I've tracked numerous military bases worldwide to look for any activity, often sourced from fitness tracking applications but not only. For instance, in Ukraine, soldiers sometimes upload photos with geolocation tags, which can have significant consequences. By analysing movements on bases and across territories, along with information from other potential sources, OSS can provide useful information on battlefields and military installations, often due to the personnel's limited cyber training.
Protests
OSS acts as virtual 'boots on the ground,' monitoring social media and other open sources in real time. The ACLED Protests module is particularly useful, providing details on the topic, location, and timing of major protests in specific cities. Each module serves a unique purpose, with Snapchat being especially valuable for tracking real-time events, such as ongoing protests at Columbia University in New York.
Espionage
By combining the techniques mentioned earlier with additional information about activities and vulnerable facilities, you can uncover sensitive information that may provide strategic advantages.
Data from the AllTrails hiking app was used to track the precise movements of a former top official in the Biden administration. This data not only recorded visits to the White House but also indicated the specific residence of the official or his family. Such detailed information, including names, exact positions, and timestamps of military or government personnel, exemplifies how OSS can be used in espionage activities.
For example, Report from New Europe Institute describes Russia military bases abroad
https://ine.org.pl/wp-content/uploads/2020/12/THE-RUSSIAN-FEDERATIONS-MILITARY-BASES-ABROAD-1.pdf
and there is a presence of VK posts from Hmeimim Airbase in the time frame mentioned in the report.
It's just one dummy example but count how many military bases/camps/facilities are around the world and what else can be found and what connections to be made.
Cyber security
Internet of Things & Industrial Control Systems devices and Cameras are all around us and misconfigurations in these devices can lead to unauthorized access, potentially allowing anyone to exploit them. Such access can be utilized for intelligence gathering or, worse yet, for infiltrating the network and compromising additional devices.
Printers and MQTT are the most popular IoT ones that might reveal their purpose or exact location to the end user. Also, in OSS you can search for plenty of industrial devices like wind turbines, Building Operation Workstations, fuel tanks or Niagara Fox, Bacnet and Omron devices.
In preparation for the 2020 Olympic Games, the Japanese Government planned to assess the security of devices owned by citizens as part of their efforts to bolster cybersecurity ahead of the event.
If we talk about the Olympic, there are around 1,1k cameras with live footage exposed to the Internet in France, with most of them in Paris.
Shodan query
has_screenshot:true !port:3389 !port:3388 country:FR
and thanks to Screenshot module you can have this data directly in OSS, geolocate cameras and secure sensitive ones.
Travel & Public safety
Explore both popular places and less known hidden streets through photos from various social media platforms. Airbnb and Airbnb Experiences offer insights into local attractions, while Flickr and Snapchat serve as hubs for community engagement. Find engaging activities through platforms like Meetup, Ticketmaster, or Eventbrite.
Prioritize safety by staying informed about current incidents and crimes to navigate urban areas with confidence.
These are the most popular purposes OSS is being used for, but there are many others; I didn't even mention about the Bluetooth & WiFi networks search or locating and securing industrial devices.
Register on
API access
Open Source Surveillance offers API access and contact me for documentation.
Mobile
There is idea for Open Source Surveillance mobile app that collects location and scan for nearby cameras, crimes and other events. It would alert you to potential dangers in your area to keep you safe. This app would be similar to citizen.com, but it would utilize open-source information.
Summary
Despite OSS being already ultimate OSINT geolocation monitoring, there are still place for improvement. Are you looking for current information on earthquakes, power outages in the United States, or real-time public transport updates in Vancouver? These features can be integrated as needed.
Knowing all potential use cases, you can integrate critical infrastructure module with social media lookup or Vkontakte with face recognition. There are plenty of opportunities, not just from a detective or OSINT perspective but also for enhancing public safety.