I was reading an article in the most recent issue of Science News that focused on the need for analyzing cellular phone communications by criminals. The article mentioned a case in Italy where investigators were able to analyze mobile phone call data records obtained from an organized crime group. The police noticed that before and after significant robberies there was an excess of communication. However, there was a dramatic drop to near zero in the phone calls made during the actual times of the robbery. Hence, the times of complete silence were even more revealing than the other phone communications. Notwithstanding this revelation, the article concluded that despite discovering this evidence in cell phone communications “Smart criminals will have more ways to communicate — Skype, Facebook. These data would not be captured.”
Is this a true statement? Is law enforcement ignoring and/or missing valuable information from additional forms of digital communication such as the web mail, Internet chat, text messages, video messages or open forums?
I would argue that most savvy investigators these days are well aware that there are numerous forms of message exchange that are very much on law enforcement and intelligence units’ radars. OSINT, or open source intelligence, has become a critical component in any investigation and is now ubiquitous in the intelligence and law enforcement communities. However, being aware of it and doing something about it are two different things.
Despite the abundance of OSINT, we must ask ourselves how this information is being collected, preserved and presented when needed. Is this digital information gathered, stored and maintained with a methodology that adheres to legal chain of evidence requirements? Are investigators able to present this data in future court proceedings or other judicial venues without fear of the integrity of their evidence being impugned? And probably the most important question, are investigators and analysts able to make sense of the captured data, correlate it to specific crimes/persons and illustrate it to appropriate audiences?
In order to answer the above questions, I would suggest that each agency member dig a little deeper. Ask yourself:
- Have I gone beyond simply using screen captures to preserve significant communications that I locate on the Internet, over cellular phones or other digital communications mediums?
- Am I capturing that actual raw data from Internet communications using packet capture programs such as Wireshark and others?
- Am I able to capture and preserve cellular phone communications using programs such as Cellebrite and Lantern?
- Do I have a secure repository for communications files that adhere to chain of evidence rules?
- Can I reconstruct all these digital communications and visualize them as if I was seeing them during the actual time of transmission?
- Do I have the appropriate tools to make sense of these communications? Do I have the ability to do:
- Key word and string searches to cut through the “noise” to what matters
- Voice fingerprinting and gender identity
- Visualize the communications in different contexts such as timelines, hotspotting, or statistical graphing and pie charting, and Link Analysis
- Geomapping to hone in on only the most relevant movements or locations
- Do I have a digital dossier or “crook file” that contains all relevant communication information on each participant including IP addresses, chat handles, email addresses, owned websites, phone numbers, etc. that can be transformed with each new piece of information?
- Can this dossier communicate with other repositories of relevant case information such as a records management system, computer aided dispatch system, or a local/state/federal database?
- Am I able to create meaningful reports that help me to understand the large amounts of data that I have collected and more importantly, present it in an easy to comprehend format to my superiors, judicial bodies and even the public if needed?
- And most crucial of all, do all of my efforts result in bad people ending up where they belong?
If the answers to the above questions are less than satisfactory then I would submit that it is time to put on your digital mall walking shoes and go shopping.
Even in tight financial times, there are technological solutions in the marketplace that provide the ability to accomplish these goals and so much more. New tools provide more efficient methods to address existing crimes as well as keep up with evolving law-breaking in our digital age.
— Doug Grant
Law Enforcement Liaison, SS8
DOWNLOAD: Intellego Datasheet
About SS8 Networks
SS8 provides Lawful Intelligence platforms. They work closely with leading intelligence agencies, communication providers, law enforcement agencies and standards bodies and their technology incorporates the methodologies discussed in this blog. Xcipio® is already proven to meet the very high demands of 5G and provides the ability to transcode (convert) between lawful intercept handover versions and standard families. Intellego® XT natively supports ETSI, 3GPP and CALEA handovers, as well as national variants. Intellego XT’s MetaHub component is a best-in-class data analytics tool. Both product portfolios are used worldwide for the capture, analysis and delivery of data for the purposes of criminal investigations.