活动的细节 攻击者的攻击 sear through our inboxes, browsers and TVs daily. 在布法罗、博尔德、埃尔帕索、高地公园和许多其他城市都发生过类似事件. And in each case we hear about, 很明显,凶手在采取行动前花了数周时间在社交媒体上表达他的可怕意图. The Federal Bureau of Investigation (FBI) reported 61 active shooter incidents in 2021, reflecting an increase of more than 50% compared to the previous year.
社交媒体一直是 increasingly linked with these mass shootings. 例如, 布法罗的袭击者, 纽约, 据报道,大规模枪击事件使用了几个社交媒体平台来策划他的袭击, the extent of which remains under review. 然而, 在皇家88账户注册种情况和许多其他情况下, no one looked at the attacker’s social media activity until after people died. 真遗憾,因为, for entities such as large cities, 雇主和学校系统, 使用开源情报(OSINT)和威胁监控的前瞻性方法可能挽救了许多生命.
什么是OSINT?
Think of it as online research, 评估, and monitoring of social media platforms, 公共网站, 在线讨论, 留言板, 以及其他公共论坛,以发现影响组织或个人安全的问题, 资产, 或利益.
通常, OSINT is structured in one of three ways: (1) as a critical component of ensuring special event security; (2) as a one-time review or investigation supporting any number of corporate, organizational or individual objectives; or (3) as ongoing OSINT monitoring, with a periodic reporting schedule, supporting a broader approach to strategic risk management and prevention. It can also take the form of a stand-alone task, focusing on a specific individual’s or group’s activity on social media.
What Are the Primary Activities Associated With OSINT?
皇家88娱乐的团队 Jensen Hughes provides a range of OSINT support for our clients based on their needs and risk issues. A well-trained OSINT team commonly approaches monitoring with three tactics:
- 围绕感兴趣的离散和特定主题寻找和排名影响者, 比如计划好的活动, issue of concern or a corporate 品牌.
- 专注于公开张贴物品的地理位置或区域.
- 定位并识别对处于危险中的组织或个人提出相关参考或表达负面情绪的个人.
What Do OSINT Monitors Look For?
在一般情况下, OSINT监测和分析小组扫描有损声誉的声明, 虚假信息, posts that reflect behaviors of concern, and criticisms or 威胁 referring to the organization or individual. Each one of these may represent “red flags” (e.g., WAVR21), 在某些情况下, reflect behaviors signaling a potential attacker’s pathway to violence.
Think of this journey as often starting with an original “trigger event” (e.g., loss of a job, bankruptcy, discontinuation of medications). 联邦调查局和其他机构对潜在攻击者的行为进行的研究证实,许多攻击者都是沿着一条路径进化的, 从暴力构思到研究和计划再到攻击前的行为,比如探查和破坏. 通常,皇家88账户注册些信息是在事件发生后作为调查的一部分确定的. OSINT评估可以主动用于确定个人相对于标志暴力途径的行为的位置和程度.
How Do OSINT Teams Go 关于 Uncovering Red Flags?
Using tools supported by manual analysis, open-source intelligence teams monitor social platforms such as Twitter, Instagram, YouTube, VK和Tumblr, as well as various 留言板 and blogs. 他们进行关键字搜索,可能会发现与未知因素相关的潜在问题, 负面情绪, 犯罪行为, and references to key locations, 聚会及职能. They can also focus their monitoring by geography. 通过检查特定地点产生的社交媒体,可以深入了解潜在的犯罪行为, intentional or inadvertent posting of confidential information, and virtual surveillance of 事件 or areas of interest.
使用链接分析, 情报调查科小组还设法查明关键影响者,以便深入了解有组织团体或犯罪网络的行动. 例如, they’ll look at who the influencers are, 他们的意图是什么,他们的帖子是否提供了任何信息,可以帮助集中更多的研究,甚至引发干预.
最后, OSINT teams spend a lot of time on analysis. They look to establish a broader context for evidence of interest, such as determining whether it relates directly or indirectly to risks, 威胁, or vulnerabilities of the client’s people, 品牌, 资产, 和声誉.
What Happens When an OSINT Team Makes a Significant Discovery?
皇家88账户注册取决于客户. 在此过程中,如果出现相关信息,OSINT团队应立即通知客户. 不太紧急的信息通常汇编成一份报告,确定具体情况和趋势——要么作为一份报告,要么作为一系列正在进行的每日报告, weekly or monthly monitoring updates.
Upon receipt of this information, the client has several choices. 首先,他们可以选择不采取进一步行动,无论是否继续监测. 第二个, 客户可以指示监测小组捕获和保存证据(包括元数据),以备将来参考或采取行动. 第三, 它们可以加强安全和工作场所暴力预防活动,以应对已确定的威胁.
客户可以选择通过关注一个或几个领域来增强OSINT监控, increasing monitoring frequency, or expanding to include additional individuals, 事件, 位置或关键词. 根据威胁等级, 如果可以确定个人的身份和位置,他们也可以选择授权对个人进行实际监视或直接接触.
最后, 客户可以决定采取法律行动或让执法部门介入, especially if a prosecutable crime had occurred (e.g.、跟踪、非法侵入). 无论如何, OSINT提供了了解威胁环境的机会,并帮助对客户面临的任何威胁进行正式的风险评估.
We Have the Tools to Help Save Lives. 皇家88娱乐需要利用它们.
开源情报监控和分析并不是一根魔杖,你挥一挥就可以了! - the risk of workplace violence just disappears. 和任何调查一样, 规划, 技能, tools and expertise are required to be effective in assessing risk and threat. 然而, OSINT can inform and prevent workplace violence. 例如, 尽管在乌瓦尔德发生致命枪击事件之前,学校官员一直在监控学生的社交媒体, 德州, they failed to pick up on posts from the gunman, including those that reportedly stated his intent.
在理想的情况下, 作为审查的一部分, 官员们将确定监测项目中哪些地方不起作用,以便将来可以防止对他人的伤害. 然后,他们可以与更大的威胁评估人员社区和OSINT团队分享皇家88账户注册一发现. 皇家88娱乐知道,尤其是在学校,孩子们通过社交媒体平台交流.
重点应放在继续将OSINT作为分层预防暴力方法中的一项对策, ensuring it is supported by a logical, investigative plan and review and appropriately trained personnel. 皇家88账户注册种方法将确定未来进行干预和帮助挽救生命的机会.
