Social media is rife with open-source information that can prove vital to OSINT, but are you using all the platforms at your disposal?
Thanks to the rise of Twitter sleuths, many researchers are catching on to the importance of open-source intelligence (OSINT). Twitter has been on the digital frontlines of the war in Ukraine – becoming a place where OSINT researchers crowdsource information to geolocate photos, identify victims and soldiers or sometimes debunk staged shots.
But good researchers need to move beyond Twitter to discover the other popular and vastly content-rich social media platforms that can be used for intelligence gathering. Twitter is only the 10th most popular social media site as of 2022. Meanwhile TikTok has surpassed Google as the most frequented site worldwide, according to Forbes. Other social sites like Discord and GitHub not only have great potential for evidence gathering, but they also host vital communities where researchers can share tools and collaborate. Understanding each social media site, how it's being used and who is using it can help researchers get to the source of what they’re looking for.
Here are the six platforms to use to step up your research:
Discord is an instant messaging, voice and video call platform filled with private communities called “servers.” Popularized by gamers, Discord allows users to organize conversations into channels (similar to Slack, which is widely used among professional teams.) While it’s best known for the ability to stream games in live voice and video chats, servers on any subject from travel groups to houseplant care can be found.
Researchers can find leads on Discord, but more importantly, OSINT communities offer key resources in their own servers. Project Owl: The OSINT Community and The OSINT Curious Project both host servers for researchers to participate in discussions, share tools for collecting evidence and interpret data together, such as one to scrape member data and learn what servers they participate in.
As noted above, TikTok recently dethroned Google as the highest traffic site on the internet. Meaning if you are not on TikTok, you’re missing out on key content. TikTok made international news waves earlier in the year when users uploaded videos of tanks being moved across the country in Russia. Researchers were able to geolocate these photos to see the buildup of military power on the border prior to the invasion of Ukraine. The ability to download full videos can be helpful to researchers to keep and analyze after they’ve been deleted.
TikTok is a platform of short videos, often 30 seconds or less but up to three minutes. Videos can use green screens, popular music or be “stitched together,” when users respond to a previous video with their own. The short-form content lends itself to short sketches or jokes, but content on any subject can be found, from podcasts to educational resources. The quick-moving feed and “For You Page” are responsible for creating high impressions and frequent viral sensations.
Telegram is a cloud-based instant messaging service that boasts its secure encryption technology to protect users’ personal identifiable information (PII). The chat has end-to-end encryption and the function of “secret chats,” where data is stored locally and will be wiped after a certain period of time. But the biggest function of Telegram are the groups.
Telegram groups can hold up to tens of thousands of members and some are used for criminal activity and by extremist groups. Researchers investigating hate speech, data breaches, potential war crimes or domestic terrorism may find evidence out in the open in these groups. The platform doesn’t work in browsers, but many analysts have made or found scrapers to get around this limited functionality.
Snapchat is a popular social media app best known for its disappearing messages. The platform has more than 530 million users as of April 2021. Many of the messages are private between users and not viewable to the public. But one of the key features is the Snapchat Map, to which users can add content via geolocation.
While the platform is only available on the mobile app, the map can be viewed in the browser. Like the messages and stories themselves, the geolocated data disappears after 24 hours. The geotagging and current nature of the content can help researchers stay up to date with what’s happening in a particular location.
VSCO is a photo and video editing and sharing tool. While it hasn’t risen to the popularity of social media titans like Facebook or Instagram, it now has 100 million users and most of them are young people. Like Instagram, VSCO also allows for geotagging of posts, a helpful tool for investigators when looking for location data that has been stripped from images.
Where VSCO differs from Instagram is in the lack of likes, comments or follower counts. The lack of “clout-chasing” allows for a more laid back, less anxiety-driven user experience that is popular with Generation Z. Their recent expansion into video and growing user count makes VSCO an app to watch when collecting OSINT.
GitHub is an open hub for developers to share repositories and collaborate together. The cloud-based service allows users to upload backups of their code for projects. The advantage of the platform is having version control, meaning that if something goes wrong on one branch, the project can be easily backtracked to a working one, because it’s all saved on the cloud.
But GitHub is also a popular place for sharing open-source projects and code. Many researchers develop and share their own OSINT tools like scrapers and other resources available to investigators. Crowd-sourced projects like the “Awesome OSINT” list with more than 100 contributors, can be a great place to start looking for helpful tools.
Intelligence is only as good as its sources
To expand and grow OSINT research, investigators need to move beyond the big three social media platforms of Twitter, Facebook and Instagram. Facebook has repeatedly failed to attract Gen Z to its platform, and younger people are showing shifts away from the previously dominant networks. As social media and its users adapt, analysts and researchers need to stay up to date on what apps are in use in order to have the best intelligence.
To learn more about how Authentic8 keeps researchers safe as they conduct online investigations — check out Silo for Research.OSINT research Social media