Use Cases

Just a few stories about how our Open Source Intelligence investigations have helped others

On social networks there was a video about a speech of a radical imam calling for violent action against unbelievers. The video went viral within a short period of them. Our client, a Law Enforcement Agency wanted to know from where the video was coming from, and how it got distributed on social networks.

As the video was mostly shared on Twitter, we were focusing on this social media platform. Having the URL of the video, we were using this as token to search Twitter for posts having this link. Based on the posts, we could reveal who were retweeting this URL building up the network of users in contact related to this video. By tracing back the discussions, we could see the user, who originally posted the video on Twitter, the one, who injected the video to Twitter, where the content got viral. Analyzing the network of the users sharing the content revealed who could possibly see the video. This posting the video on Twitter was a user not unknown to the client Law Enforcement Agency, as he was already a target person under surveillance.

Insikt Intelligence was asked to participate in an interesting and at the same time challenging project. The client, a Law Enforcement Agency’s antinarcotics department had a covert agent infiltrated into a private WhatsApp group. This group acted as a communication channel between drug dealers. Here they got the information about the timing, the whereabouts and other information of the drug handover, such as the type and colour of the car. However, these important information were cyphered, using special terms, which were changed frequently to guarantee the “safety” of the actors in the business. Our task was to decypher and understand the details of the next transaction.

For deciphering and understanding the dynamic corpus we have used our expertise in Natural Language Processing. Having revealed what the encoded messages were telling to the dealers, the forces at the antinarcotics department could raid the premises detaining the participants.

Our client, a VIP was based in a country, with high Twitter penetration wanted to understand whether attacks on this social media platform against our client were orchestrated in a top-down manner or instead, they were spontaneous.

The story started with our client making a self-admittedly rather unfortunate comment on someone, who has many fans. Our client was aware the comment was unnecessary, but did not imagine that it may have such a big echo, which after all it had. Because what has happened next was that the fans of the objects of our client’s critique launched a massive attack on our client on Twitter.

Using Social Network Analysis on the tweets related to our client, we found the handful of key actors in the discussion about our client based on network topologies and other factors. We had a look at what these users were talking about using Natural Language Processing, what topics they mentioned along with our client, and what other issues were raised. We have found that the very same topics were used by the identified key actors, and analyzing the follower network of these key actors it turned out that there were overlaps between them, suggesting that they belong to the same (maybe even artificial) circle – suggesting that the attack was indeed orchestrated.

Our client, a national Law Enforcement Agency had the suspicion that terrorist activity was financed by domestic banks in their respective country. They turned to Insikt Intelligence for validation. We received an anonymized dataset of the size of two terabytes, containing such information as the type of the transaction, the location where the transaction took place, if it was a purchase, in which store it took place, and most importantly the amount of the transaction – among many others.

We assumed that finding the fraudulent transactions we have to seek special anomalous demeanor, thus we were looking for two things in the dataset primarily: outliers and irregular patterns. Additionally, using the bank account holders’ anonymized IDs, we could included the tools of the network analysis into the model we have built.

Using Machine Learning algorithms we could differentiate and group the transactions. The weekend shoppings, the family eat-outs, the seasonalities such as Christmas or Valentine-day gift shoppings were clearly distinguishable, and also some unusual patterns. We detected a cluster of transactions, which were significantly different based on several features – one of them being network topology.