OSMOSIScon 2020 recap by French Connection Research agency owner Emmanuelle Welch
At Osmosis2020, 300 cyber investigators, including me, did not get to do some of what we usually do at the Open-Source Intelligence conference: talk social media searches excitedly over breakfast (while marveling how dorky we are), trade business cards in a frosty exhibit hall, enjoy the camaraderie at Happy Hour. Instead, from Australia to Namibia, we were in front of our computers, and most of us Americans were grounded at home due to the pandemic. Still, the essential functions of the conference were met in a virtual sphere, starting with substantial and inspiring training by top-notch presenters.
I liked that several of the topics were geared toward the more technical this year, including one using Python to acquire live OSINT from Geographic Hot Spots, by Chet Hosmer, founder of Python Forensics, Inc. Capturing live posts before some get deleted by the social media platform for various violations can be an amazing advantage.
Micah Hoffman (AKA @WebBreacher) shared simple and effective techniques for harvesting data in unconventional, unindexed places and non-Web systems (#IoT). We’ll never look at a robots.txt files the same way!
#OSINT Combine’s Chris Poulter from Down Under gave another favorite talk, showing how robust, visualized Social Network Analysis (SNA) can reveal stories that are otherwise cumbersome to process and understand. Another talk, by Nick Finnberg, helped demystify Dark Web investigations, including those involving cryptocurrencies. (He mentioned how school districts have become hot targets of #ransomware attacks in the Covid era of remote learning.) He also showed how common “Surface Web” reverse searches on Bitcoin transactions, numbers, and domain name info can help break a case.
Illicit online markets were a big topic: Brian Pate discussed investigating shadow pharmacies and how more direct tactics have become necessary in the Covid era — borrowed from black hat Search Engine Optimization, as more drugs and vaccine trials are being talked about. All this coronavirus research makes New Jersey “the center of the world,” said Chet Hosmer, with a wink to Cynthia Hetherington, Osmosis founder and proud New Jerseyan.
From a technical aspect, the Globalcast went smoothly overall, hosted by OSINT rock star Kirby Plessas. One advantage over the real-life conference is that attendees can watch recorded presentations through the end of the year. Same with the ten-minute “round table sessions,” Bits & Bytes. I already learned many good tips from Technisette, Ed Ajaeb, and Jan Mondale, who reminded me of a great query specific to Bing that helps you locate the websites a URL links to: [linkfromdomain:pursuitmag.com].
With OSINT, things always change — a trick that works today may be moot tomorrow. But I also find that you sometimes need to go back and revisit methods that you neglected amidst the overabundance of new ideas. Conferences are great for stirring up new material and reviving proven classics.
Another way I thought the virtual Osmosis succeeded was the interaction during each session, which gave the feel of a live event. Attendees engaged in live chat in real time, shared ideas, vouched for their favorite tool (the Hunch.ly love was real!), and praised speakers for their words of wisdom — such as this mantra by due diligence expert Dan Clemens, which elicited applause in the virtual conference room: “Stick to the facts. The data needs to speak for itself. You don’t need to be the hero.”
Check out these short interviews with OSMOSIS speakers, produced by PI-Perspectives.
About the Author:
Emmanuelle Welch, CFE, is a private investigator licensed in New York State and Washington DC, and is owner of French Connection Research, an investigative agency specializing in Open Source Investigation and transatlantic white collar crime. An OSMOSIS attendee since 2015, she presented on “Hacking the dating sites and hook-up apps” in 2017 and maintains a repository of dating sites here.