social networking « WebCase WebLog

Posts Tagged ‘social networking’

Social Media, Travel, Speeches and FourSquare

Thursday, April 29th, 2010

As much as I try to avoid business travel anymore, the more I seem to do. Although travel is not bad it can get overwhelming at times and seems to just put me further behind. I did recently in my travels have the opportunity to speak, on an as of late favorite topic, and that is the use of Social Media by law enforcement. Specifically I was speaking on the lack of policy by agencies starting to use Social Media, not only as a community policing tool, but as an investigative tool.

Recently I was asked to present at the first annual SMILE conference or Social Media in Law Enforcement conference in Washington DC. This was a great gathering of various law enforcement professionals interested in Social media and its implementation within law enforcement. My specific piece was on the policy decision behind using social media as a law enforcement tool. I spoke about the need to have policy to protect the law enforcement officer as much as the agency. I was able to speak with some great talent in the field that are adapting social media for investigative and communicative reasons.

I also had the opportunity to speak at the Massachusetts Attorney Generals Cyber crime Initiative quarterly meeting. The Mass AG sponsors a meeting quarterly on various cybercrime topics. She brings in investigators from all over the state to discuss cybercrime. I was lucky enough to speak on the investigation of social media, and of course hit the topic of policy for law enforcement. The crowd of over 200 Massachusetts law enforcement investigators was eager to understand more about investigating social media especially as it applied to Cyber bullying cases.

During the two weeks I was gone, connecting to so many investigators in person, I wanted to be sure not to lose touch with my online contacts — not just customers and prospects who email me, but also Twitter and Facebook followers. So, as a smartphone user, I downloaded a new app and signed up for a new program called “Foursquare”. The use of FourSquare allowed me to stay connected on the road from my phone. I could and did update my Facebook page and my twitter account from my phone with a few clicks of the keyboard.

I found this to be a simple and easy use of the media and received numerous comments back regarding my updates. Many were interested in my travels and found the topics I was speaking on of interest.

Why am I mentioning this? When I talk to groups like these, I want to be sure they understand the value of social networking in their professional lives — not just from an investigative standpoint, but also from the standpoint of being able to network and share ideas with one another. Our increasingly interconnected world makes this an absolute necessity.

Are you on Foursquare, Twitter, Facebook or LinkedIn? Please feel free to connect with me.

Tags: Cyber, Cyber Bullying, Cybercrime, Facebook, Foursquare, Law enforcement, LinkedIn, Massachusetts Attorney Generals Cyber crime Initiative, Online investigation, SMILE conference, social networking, Twitter
Posted in Company News | 1 Comment »

How people socialize online

Thursday, April 8th, 2010

By now, news stories about online criminal investigation are commonplace, from finding graffiti taggers to collecting gang intelligence.

But where do the social network users come from, and how do they use their favorite sites? These are important questions, whether you are trying to understand your community’s overall demographics, or specifically address criminal activity.

From spectators to creators

In 2007 think tank Forrester Research came up with the graphic on the right (explained most recently in this post). Rather than showing segmented user groups, the Social Technographics Ladder demonstrates a progression of behavior, from “inactive” (bottom rung) to “creators” (top rung), so that behaviors overlap.

What does this mean for law enforcement? Lots of things. Although it’s generic (Forrester has completed profiles for specific companies and industries about their customers), it’s a good start for investigators and administrators who want to understand victims and criminals alike.

First, only 17% of U.S. adults who are online are inactive in social media. From the standpoint of victims, they’re still at risk from email phishing, for instance, or other forms of identity theft.

But they’re not as at risk as Facebook or Twitter users, for instance, who are more exposed to “bad” links that send them to phishing sites, or surreptitiously download keylogger and other malware to their computers.

Criminals, meanwhile, are becoming bolder and more active. They may not so much be “curating” content—collecting, say, tips and techniques—as sharing and creating it, largely for the sake of having “bragging rights.” Witness the copious photos of drug and gun stashes on MySpace.

A full spectrum of social networks

The other graphic law enforcement can make use of is the Conversation Prism, a graphic designed by public relations professionals Brian Solis and Jesse Thomas. The Prism shows not just the wide variety of social networks out there, but also groups them into categories by use type.

The circular spectrum is a good way to visualize how social networks fit and the many ways users have to create and share content, according to their behavior as shown on the Social Technographics Ladder.

Additionally, at the Prism’s core are shown the value of these uses: ongoing feedback and insight, crisis communications and PR/marketing and customer support, all revolving around an organization’s brand. This is important to law enforcement agencies, but also valuable when applied to criminal organizations, such as gangs or narcotics networks.

And no, investigators do not have to create or maintain accounts on every single one of these sites. That would be cost-prohibitive. They should, however, maintain awareness—of these and of new popular sites—and be prepared to go where the investigation leads.

What online networking behaviors have you observed among criminals you investigate?

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and digital forensics and can be reached at christa at christammiller dot com.

Tags: Conversation Prism, Forrester Research, social networking, Social Technographics Ladder
Posted in Investigative Tools | No Comments »

Cloud computing: Not just for geeks or feds

Monday, February 8th, 2010

Think online investigation is just for the high-tech crimes types, the computer forensics geeks or the feds? Not so, says Todd in his interview with Cyber Speak’s Podcast (hosted, ironically, by two former federal agents). The more people are online, the more they’re likely to use cloud services, the more important it is for local law enforcement to be there too.

Todd’s appearance on Cyber Speak came about because of his two-part article on cloud computing, which had appeared in December in DFI News. He and Ovie Carroll discuss:

Impact of cloud computing on first responders

Detectives performing searches can’t simply pull the plug on a running computer anymore (a fact which prosecutors are having to get used to). They need to be able to perform data triage and possibly even volatile data collection.

Why? Because knowing whether a suspect has an online presence is critical to whether an arrest is made—and what happens afterward. Whether users are actively storing files “in the cloud” or simply members of social networking sites, law enforcement officers who don’t find evidence and therefore, do not make an arrest risk that suspect going online and deleting all incriminating information.

Why is this a problem? Because the very nature of cloud storage means investigators may not be able to access a logical hard drive somewhere to recover the evidence. First, the sheer amounts of data stored on servers make this close to impossible. Second, there are jurisdictional issues.

Are you exceeding your authority?

Not only may information be stored outside your jurisdiction, but it may also be stored in another country altogether—one with different criminal and privacy laws. Accessing evidence of a crime in the United States may actually mean committing a crime in another country (Todd relates the story of two FBI agents for whom arrest warrants were issued in Russia).

This is a problem for local law enforcement, which Todd notes has been left largely to its own devices when it comes to online crime. Only Internet Crimes Against Children (ICAC) task forces have clear direction from the federal government on how to proceed.

Hence it’s easy for local police to kick Internet crimes up to regional, state or federal task forces. But as Todd points out, more people coming online means more crimes being committed against people in local jurisdictions both large and small. Law enforcement at every level needs to be able to respond.

Please listen to Todd and Ovie, and then come back and tell us what you think!

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

Tags: cloud computing, Cyber Speak's Podcast, data triage, DFI News, high tech crimes, incident response, Internet Crimes Against Children, live forensics, Ovie Carroll, social networking
Posted in Company News, Legal & Policy Issues | No Comments »

Gangs on the Internet

Wednesday, September 16th, 2009

Everyone engaged in technology today is using some form of social media. Law enforcement is learning to deal with it and so are the criminals. Gang members have found it to be a great communication source and are regularly using social media to keep in contact. MySpace, Facebook and especially Bebo, have become popular places for gang members to hang out. The term used to describe gang members activity online is Cyberbanging. Cyberbanging isn’t a brand new term, but it is probably not widely known outside of its gang member users.

General intelligence collection is a task that the web can offer gang investigators. Blogs, social media pages, tweets can all give the law enforcement gang investigator valuable information about the goings on in a gang and potential strife between varying factions.

Law enforcement generally identifies a criminal street gang by having 3 or more members, common symbols or leadership, and gathering together to commit crimes or a continuing criminal conduct (or enterprise). They also generally classify gang members according to one of four criteria: 1) self admission, 2) a reliable informant confirms membership, 3) an unreliable informant confirms, and a second source corroborates, and 4) via confirmed law enforcement source.

The Internet can help identify gang affiliation by finding the members’ self admissions, i.e. photos of gang activity, comments indicating gang activity and being the corroborated source of information. A member’s MySpace page can contain significant information about them and their activities.

Those investigating gang members need to look on the Internet for potential members of their local gangs. Failing to do so could potentially overlook threats or trophy shots of criminal behavior that could prevent or solve crimes. In the worst cases, they may find the evidence to support a murder as a gang related crime as in the Jamiel Shaw case in Los Angeles. By many reports Jamiel was a star athlete. The dark side of his life was his Cyberbanging as a member of the Bloods. His MySpace page tells a very different story of his life then many people thought. There he allegedly proclaimed his gang membership and flashed gang signs.

Documenting this kind of online activity easily supports a law enforcement agency’s investigation into gang activity.

Tags: Crime, Cyber, Cyber vigilantism, cyberbanging, Cybercrime, Facebook, gangs, Internet evidence, Law enforcement, MySpace, neighborhood watch, Net-Watch, online evidence capture, Online investigation, social networking
Posted in Investigative Techniques | 1 Comment »

Sources of Online Information: Some Background

Wednesday, September 9th, 2009

Cynthia Navarro understands how overwhelming Internet searches for information can be. Not only does she do them in the course of her work as a private investigator, but she also regularly teaches law enforcement officers, corporate practitioners, and others about what’s available and how to find it.

Her “Sources of Online Information” webinar grew out of that experience. “The Internet is a tool that augments what you already have and enables you to get more,” she says. “I base my training on how investigators can get what they need. If they need an individual’s professional information, there’s LinkedIn or Spokeo. If they need personal information, I show them what they can and cannot get from various sites, and how that information is presented.”

She also shows how to perform “creative” searches across Web sites, not just in Google but using search utilities included in social networking sites. “Different results come up for my name, Cynthia Navarro, than for ‘Cynthia Navarro’ enclosed in quotes,” she explains. Likewise results that include a keyword combined with a name, such as the individual’s interests or profession.

Sometimes investigators must collect information from people directly, using social networking sites to get personal. Such “pretexting” is necessary because people would not otherwise give up information to someone they know is an investigator. Pieced together with data gleaned from searches, this can become an invaluable means of constructing a case.

Connecting people, connecting identities

Navarro provides numerous examples of the ways it’s possible to use Web-based information to connect people to each other, as well as to find “other lives” they lead. One man she investigated turned out to have a profile on Match.com—as a woman. “People you wouldn’t expect to be associated with certain sites turn out to have a real dark side,” Navarro explains.

They also have certain habits, “things they need to get out there about themselves,” she says. “One CHP officer used his police vehicle and uniform in one of his Match.com pictures. I used him as an example in my classes, and not long after, his profile was deleted. But when he came back later on, using a different profile with different information, he still had a photo of a police vehicle.”

Navarro recognized him because she’d talked about him so much; she now uses the example to discuss how one deleted profile doesn’t necessarily mean another isn’t available.

Keeping up with information changes

Because Web-based information changes so rapidly, Navarro teaches that two things are important:

Evidence capture and preservation. “Within just one hour, a profile can go from public to private or even deleted,” she notes.
Evidence verification. “Some people post totally false information, so the investigator needs to know where to go to verify that what’s out there is true,” she says. Likewise what they find on information retrieval services, which may not contain the most up-to-date data.

Overall, as Navarro teaches, many different tools exist for evidence capture; investigators must know which are most appropriate for the investigator’s needs at the time. She cites Archive.org as one example of ways investigators can see what a website looked like at a certain point in time.

Most important for investigators to know: “The enormous amount of information at their fingertips,” says Navarro.

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

Tags: corporate investigators, Internet evidence, keyword searches, Law enforcement, online evidence capture, Online investigation, pretexting, private investigators, social engineering, social networking, Webinars
Posted in Company News, Investigative Techniques, Investigative Tools | No Comments »