Digital input

Question 1

Digital device data example

Answer 1

Images, Calls, Contacts (Native and App), File/Folders,
Settings, Network, GPS Locations, Passwords, Notes,
Chats, Calendars and many other data files can be
investigated

Question 2

How is data used to make decision?

Answer 2

Any data used needs to be ATTRIBUTED

Information needs to be clear and dealt with by the correct
person. There should be a reliance on facts with evidence to support any theories.

Find a recent news report or published case where
information was not use correctly

Question 3

Digital data

Answer 3

Once attributed and determined as useful, data needs to be visualised for any further investigation or court
presentation.

All information also needs to be attributed to a source

Question 4

Making sense of the data

Answer 4

Information from different programs and sources needs to be pulled together and there is specific software that can do this:

ARU works with Forensic Analytics is a company that can make sense of police data using interfaces (GUI)
and specialise in digital data (Cell site analysis etc)

CHORUS is another platform that is used and allows easy linking of information.

These companies are able to create reports, link to open-source platforms, perform cross case analysis and audit files.

Question 5

Open source databases

Answer 5

These range from simplistic internet searches

To more specific sites. Some need a basic password
and most are free.

Other data mining can be located on sites within the
‘TOR’

Question 6

What is OSINT

Answer 6

OSINT is intelligence produced by collecting and analysing public information with the purpose of answering a specific intelligence question.

It’s important to note that information does not equal intelligence. Without giving
meaning to the data we collect, open-source findings are considered raw data. It is
only once this information is looked at from a critical thinking mindset and analysed that it becomes intelligence.

For instance, conducting OSINT is not simply saving someone’s Facebook friends
list. It’s about finding meaningful information that is applicable to the intelligence
question and being able to provide actionable intelligence in support of an
investigation.

Another way to look at it is to answer, “why does this data matter” and provide
meaningful intelligence about the data collected.

Question 7

OSINT intelligence framework

Answer 7

Stages of the intelligence cycle

Preparation: when the needs and requirements of the request are assessed, such as determining the objectives of the tasking and identifying the best sources to use to find the information for which you
are looking.

Collection: the primary and most important step in collecting data
and information from as many relevant sources as possible.

Processing: when the collected data and information are organised
or collated.

Analysis and Production: is the interpretation of the collected information to make sense of what was collected, i.e. identifying patterns or a timeline of travel history. Produce a report to answer the intelligence question, draw conclusions, and recommend next steps.

Dissemination: is the presentation and delivery of open-source findings, i.e. written reports, timelines, recommendations, etc.

Question 8

How is open-source intelligence used?

Answer 8

1.Security and Intelligence: OSINT can be used to gather information on potential security threats,
such as terrorist activity or cyberattacks. It can also be used for intelligence gathering on foreign
governments, organisations, or individuals.

2.Business and Market Research: OSINT can be used to gather information on competitors, industry
trends, and consumer behaviour. This information can be used to inform business strategy and
decision-making.

3.Investigative Journalism: OSINT can be used by journalists to gather information on a range of
topics, including politics, business, and crime. This can help to uncover stories and provide
evidence for reporting.

4.Academic Research: OSINT can be used by researchers to gather data on a range of topics,
including social trends, public opinion, and economic indicators.

5.Legal Proceedings: OSINT can be used in legal proceedings to gather evidence or to conduct due
diligence on potential witnesses or defendants.

OSINT is an exceptional tool for gathering information on a wide range of topics and can be used by
a variety of organizations and individuals to inform decision-making and strategy.

Question 9

Where can you find OSINT?

Answer 9

Public Records
News media
Libraries
Social media platforms
Images
Videos
Websites
The Dark web

Question 10

Who uses OSINT?

Answer 10

Government
Law Enforcement
Military
Investigative journalists
Human rights investigators
Private Investigators
Law firms
Information Security
Cyber Threat Intelligence
Pen Testers
Social Engineers

Question 11

OSINT frameworks

Answer 11

All of these can be used by
investigators or to help train staff – links to locate other websites.

Staff in policing positions need to be certain that websites do not
recognise their location

Question 12

Visualisation of data

Answer 12

Often information can be presented in databases and
user interfaces that is not clear. Often police programs
are guilty of this.