Author: Brian Devine, Investigator
I started working in the investigative field roughly a year and a half ago, and ever since then I’ve heard a lot about OSMOSIS and how beneficial the experience is. For those who are not familiar, OSMOSIS is a two-day conference focused on sharing the latest and greatest in the OSINT (Open-Source Intelligence) industry. So, naturally, when the opportunity to attend came my way I was more than eager to capitalize on it. This year’s conference was held in Las Vegas, Nevada (any surprise I was so eager to attend?).
As with the past three years, Cynthia Hetherington of the Hetherington Group put together this year’s OSMOSIS and did a fantastic job at that. It was a two-day, information packed conference with exceptional speakers and plenty of opportunities for networking. Being that I am a “newer” investigator and am just getting a feel for this industry, I thought I would share my experience so that other new investigators know what to expect at OSMOSIS.
Day 1
Anthony Reyes kicked off the summit with a fascinating presentation geared towards identifying a subject’s dark web activity. Anthony demonstrated to us how investigators can determine if an individual has been accessing the dark web, and even which sites they have been accessing. The common presumption dark web users have is that their activity is anonymous and untraceable. We learned from Anthony both of these presumptions are incorrect; there are “breadcrumbs” left behind when a person accesses the dark web; and the content they view can be retrieved from their device. In summation, Anthony was a great presenter and started the summit office on the right foot.
Next came Andrew Fordred, whose presentation covered dirty businesses and how to expose them. In this regard, Andrew was able to provide an extensive list of valuable resources and programs vital for OSINT investigations. In my office, we have begun to implement these resources and the effectiveness of them has been immediately observed. Andrew’s presentation concluded the morning session and gave way to lunch.
After a delicious lunch with an interesting presentation on enterprise security risk management by Brian Allen, we shuffled back into the conference room and took our seats.
After lunch we heard from Eric Huber, who knows more about virtual currency than I thought was possible. Eric not only explained what crypto currency truly is, but also how it functions via block chain technology and how this technology is projected to develop. He enlightened us in how crypto currency inflates through a process called “mining.” He also shared why bitcoin is such a volatile currency and how we might be able to stabilize this. Eric explained that all crypto transactions are assigned transaction numbers, and with the right skills and some tenacity, most block chain transactions can actually be traced. Eric’s presentation was extremely thorough, detailed, and informative and if there was ever a person to refer to regarding crypto currency, he is it.
Our next presentation ended up being my favorite of the conference. Andrew Lewman, a tech guru and dark web pioneer, gave a captivating presentation on the origins of the dark web, how it became what it is today, and how authorities are currently trying to map and combat criminal activity therein. From my understanding, Andrew Lewman played a crucial role in developing “onion router” technology, and his first hand perspectives on both the positive and negative aspects of online anonymity were truly insightful. In addition to this, the information was translated from highly complex material into easily digestible information all while adding a touch of comic relief to an otherwise serious topic.
Andrew Lewman concluded the presentations for the first day. Next came Bits and Bytes, a networking and tip-sharing forum. For an hour, we had the opportunity to choose six of ten tables, rotating every ten minutes. At each table were respective investigators whom all had specialized topics which they shared tips about. This was my favorite part of the conference as we had the ability to engage directly with each investigator, as well as hear from other attendees on what worked for them in niche’ areas. This and the fact there was an open bar led to a highly informative and constructive event.
Day 2
We started the next morning off by hearing from Cynthia Hetherington and Cynthia Navarro, both of the Hetherington Group. Cynthia and Cynthia presented on protecting your own personal identifying information and what the best steps are to do so. They proposed the idea of conducting a “self-audit” which is essentially an investigation on oneself to determine what is out there. I thought this a highly effective way of understanding where exposure points are and how to plug any information leaks you were previously unaware of.
Amber Schroader was up next. Amber is the CEO and Founder of Paraben Corporation, a digital forensics and solutions company. Amber was a captivating speaker who lectured on the Internet of Things (IoT) and various security risks associated therein. She also drove home the point that if it sends or receives a signal, it can be hacked and exploited. Her presentation was extremely thought-provoking, albeit slightly unsettling as she highlighted just how exposed various personal devices (phones, laptops, Fitbits, smart watches, vehicles, and even medical implants) are to hackers. However, she did alleviate some concerns by sharing tips on how to protect against cybernetic intrusion. All in all, Amber delivered an informative presentation and it is apparent that she and Paraben Corporation have their eyes and minds set on the future of cyber and digital security.
Andrew Rudd was next up to bat. He presented on anti-money laundering investigations and provided a plethora of useful information on leveraging open source material. Andrew gave us the low-down on international banking, and how fraudulent activity via money laundering often occurs. He provided several valuable resources as well, some of which we have begun to implement in our office.
We then broke for lunch and a presentation by key note speaker Angela Aufmuth regarding child sex trafficking. Although a rather difficult and serious topic, Angela’s presentation was interesting and motivating, and we were lucky to hear from her.
After lunch Don Colcolough presented on anonymization and de-anonymization on the dark web. Don walked us through the various tricks and tools people use to anonymize themselves on the internet, and conversely, how to de-anonymize and lure a subject out of anonymity using cloaked URLs, IP Loggers, and web beacons. Don also provided us with several evidence capturing resources and provided a thorough explanation on the nature and process of rooting someone out online.
Our last speaker was Kirby Plessas, an expert in dark web and OSINT investigations. Kirby preformed a live investigation using OSINT techniques to uncover the identity of a dark web user. While doing this, she spoke on her favorite methodologies and how other notable dark web investigations were conducted. Watching her work in real time was truly eye opening, and it is no wonder that she is a leading expert in OSINT investigations.
All in all, the 2018 OSMOSIS conference was immeasurably informative and provided a glimpse into the broader world of OSINT investigations. Although it is nearly a year away, we will assuredly be sending another representative from our office as it would be foolish to forgo such an opportunity for learning, networking, and professional development.
Author: Brian Devine is a research and field investigator with Subrosa Investigations. Brian specializes in investigations around personal injury fraud and deep dive research.
