The Hunting Ground

Open source intelligence (OSINT) describe the techniques used to gather information online from publicly available sources. This methodology can be used to target specific individuals for nefarious purposes, or alternatively, provide direct evidence against perpetrators and bring them to justice.

Stephen Adams, Intelligence specialist with a focus in Internet Investigations and based in the UK, speaks with me about OSINT, SOCMINT, ethics and available tools. We also discuss “Intelligence With Steve”, an educational platform he created that provides comprehensive and relevant Criminal and Security Intelligence training content.

SYMLINKS
Intelligence with Steve
OSINT Explanation
SOCMINT Explanation
3i
Social Listening Explanation
LifeRaft Navigator
SCOPENOW
PIPL
OSINT TOOLS
Wayback Machine
OSINT effect on GDPR
Dont F*** with cats
Authy
LastPass
KeyPass
Dehashed
Signal
Session

DRINK INSTRUCTION
THE PAINKILLER
2 oz Rum
4 oz Pineapple Juice
1 oz Cream of Coconut
Mix components and pour over crushed ice.

CONNECT WITH US
http://www.barcodesecurity.com
Become a Sponsor
Follow us on LinkedIn
Tweet us at @BarCodeSecurity
Email us at info@barcodesecurity.com

Chris Glanden 01:17

At the bar for me today from the UK is Stephen Adams, an intelligence specialist with a focus in internet investigations using open-source intelligence for OSINT and social media intelligence. Stephen is a highly skilled criminal and security intelligence analyst and researcher experienced in operational, tactical and strategic intelligence. He’s certified in OSINT investigation and accredited Financial Intelligence administrator and has received training to work on NIAT and IPP standards. He is a trailblazer on the scene by setting up a service offering Intel training himself via intelligencewithSteve.com. Steve, thank you for joining me at the bar today.

 

Stephen Adams 02:02

Of course, thanks for having me and thanks for that great introduction.

 

Chris Glanden 02:05

Awesome. Well, let’s talk a little bit about you and your background. And sort of what made you focus in on OSINT or open-source intelligence?

 

Stephen Adams 02:14

Yeah, So, absolutely. As you were saying, a I’m a criminal and security intelligence specialist. So, I work specifically in the detection and prevention of crime and security incidents. So, my first role in the field really was as an intelligence analyst, and I was working for the police. That role didn’t particularly involve any OSINT work or internal investigation. So, I was primarily specializing in analyzing acquisitive and violent crime and doing a little bit of work in serious and organized crime and just sort of targeting those organized crime groups. So, my work really involves looking at large data sets, and identifying trends and patterns in that data that suggested that a crime series was occurring, or the specific vendors were involved. Intelligence really is the process of collecting and collating information, and then adding value to it through analysis and evaluation, to get into a point where it’s actionable, and decision makers can then do something about the information that you have. So, it’s really done to identify optimal allocation of resources, looking at how to predict, prevent and monitor activity and then sort of identifying opportunities to prepare or protect against future activity. 

 

So, that’s really what I was involved with on when I started out. It wasn’t until my current role that I side specializing in internet investigations. So, currently, I work in a private sector law enforcement team that’s responsible for protecting national infrastructure here in the UK. So, my role or job title is intelligence researcher and so, I’m involved in a number of different things. But my focus is in the field called three I, which stands for Internet Intelligence and Investigation. And most people listen to this podcast will probably refer to this as OSINT or open-source intelligence. And that’s because three I is primarily a UK law enforcement term. There’s only sort of really starting to appear as the primary term here. And there is a slight difference between what is and what three I’s. And that sort of boils down to two points. 

 

Firstly, it’s all internet based, whereas Open-Source Intelligence doesn’t have to be on the internet and then secondly, not everything that you look at within internet investigation is open-source data. I generally say that there’s as many as four different types of information that’s on the internet and you collect all of that through three I activity and those four times types are open-source information, quasi open-source information quasi closed source information and then closed source information. I guess as a three I specialist, I collect and I analyze all of those four types of information and ultimately, I specialize in what’s called “people searching”. So, I look for specific individuals over the Internet, and identify relevant information that pertains to them. That could be information, really into locations where they are particularly where they’re living or where their partners live, as well as just looking at their general lifestyle, who their family members are, who their associates are and just really building a great picture on who that person is and putting together anything that’s going to benefit law enforcement in either locating them or in prosecuting them for crimes that they are believed to have committed.

 

Chris Glanden 05:55

Interesting. Is there a reason why its only internet focused and you’re not using any other open-source tool? Is it because of legal restrictions or is it mainly because that’s where the information you’re looking for resides?

 

Stephen Adams 06:10

Yeah, So, I mean, it’s the latter really that’s where sort of everyone puts everything about themselves these days and So, anything you can find in physical form you can find on the internet and it’s probably much easier to find on the internet. So, that’s really why we specialize in finding it through that sort of medium. 

 

Chris Glanden 06:29

Do you ever have to engage with specific individuals or is it always one sided recon?

 

Stephen Adams 06:35

So generally, most internet investigation is sort of passive non-contact. And when you’re looking to make contact, it still falls on the internet investigation, and isn’t the investigator. But there are a lot of sort of legal requirements that you have to hit before you can get to that stage and you need undercover training, at least in the UK, because there is legislation that says you have to be doing this in the appropriate way. You just have to give them the respect and the openness that they have their right to privacy and we can’t be going about them and trying to entice them to commit crime or pushing them to tell us something that we’re not, we wouldn’t be able to ask them in an interview situation. So, you need that training, and you need the permissions and that has to be authorized by the appropriate individuals and So, as an incident investigator, I can’t make contacts unless I have approval from a very senior member in my organization, that can risk assess and tell me, you can’t be doing this, or you can’t be doing this.

 

Chris Glanden 07:44

Gosh, I’m sure it could raise red flags on their end especially if they’re being investigated for something or they’re on the run or whatever the situation is. I’m not sure that could be a delicate situation.

 

Stephen Adams 07:57

Yeah, absolutely and when you were making contacts, you’re burning your open source account and So, it’s a big risk on your side on their size. So, it really just doesn’t need that assessment taking place to make sure that, ultimately, it’s the best thing that you can do in that situation.

 

Chris Glanden 08:15

Gotcha. Now, from an organizational standpoint, in terms of large banks or healthcare, are you able to explain a little bit about how open-source intelligence could assist those types of organizations, since they’re not online looking for potential criminals but is there any way that open-source intelligence could help them in terms of locating adversaries or protecting against cyber-attacks?

 

Stephen Adams 08:48

Yeah, I generally break down OSINT into three areas. So, that will be your cyber security and cyber threat intelligence area, which is probably the area you’re talking about there and then the law enforcement, national security sides and then the final one would be sort of the investigative journalism sides. So, in terms of the first one, cyber security, which is what you’re asking about there, you will know better than I do. The IT systems are continuously being attacked by criminal actors looking to disrupt services and do damage. So, in response to this threat, private companies do have staff members conducting OSINT activity and this is something that any company really can bring on and regardless of where you sit and what your role is, in cyber security, or just security of a company, you’re using the same sort of techniques, So, it doesn’t necessarily matter what your job title is. 

 

So, it can sort of break down into proactive OSINT activity, and more of a defensive OSINT activity. So, in terms of proactive, you’d be looking to identify how actors could exploit your business and their systems using the OSINT and So, the criminal actors themselves will use OSINT against your organization. So, you are using OSINT against your organization and sort of a penetration testing way to identify how they could use those techniques to explore you and something could be looking at the company website and looking at LinkedIn, and establishing the internal hierarchy of your organization because offenders might use this as part of a social engineering attack against you, by sending an email from your boss asking you to do something. 

 

So, if you can establish all the members of an organization through LinkedIn and the website, that’s a risk to your business, and you need to risk assess against that. A lot of businesses also tell you what I see it systems, they use it on their website, which again, that means that there’s attackers and they know what to sort of look for. So, again, it’s just minimizing everything that’s on the internet, or at least risk assessing against it, So, that you can then provide training to your team to minimize that damage.

 

Chris Glanden 11:05

If a company is posting a job req and they’re posting certain technology they use and actually names of solutions, names of vendors, it could be detrimental because if there’s a vulnerability for that specific system that they’re looking for someone to come in and manage. That’s putting them at a level of exposure as well.

 

Stephen Adams 11:27

Yeah, absolutely.

 

Chris Glanden 11:29

Now, from a tooling standpoint, I know you’re particularly focused on the internet with your current role, but any other tools or any enterprise tools out there, that an organization would be able to leverage whether it’s OSINT or whether it’s a web-based tool using open source technology, that would that would help them or benefit them?

 

Stephen Adams 11:51

Yeah. So, one aspect that you can look at is sort of social listening. So, that’s like looking at social media, forums, blogs, all sorts of areas on the internet, where people are posting things, and scanning those posts for content that is relevant to you and your organization. So, options in that area are some that are designed specifically for security may be life raft navigator, but then you also have things like right, not live are sorry, Readily, So, Readily is a system that is developed for the marketing worlds. It works in a very similar way to life raft and you will put in your parameters, say you’re looking for these keywords between these time dates and then it will bring back and sort of all of the posts that are relevant to you and sort of do the collation and basic steps of analysis that you need to do within the system. So, that you can do a lot more of the focused analysis as the individual yourself and leave the collection to the system. And there’s also systems that are, I guess, more of an investigative tool. 

 

So, something like ScopeNow and that’s a tool that’s been developed by a guy called Rod Douglas, he’s got a great team working with him and that tool uses data from a lot of different sources, a big one being PIPL or people, some people pronounce it, which is, I guess, consented data, as well as social media profiles that belong to individuals and their phone numbers, their email addresses. So, you can type in the name of any person you’re looking for, and the location into ScopeNow and it will put together a sort of an automated profile on the best matches of data you can find for that individual online. So, this is really good for people that don’t have the internet investigations train and like myself. So, it probably isn’t going to bring back everything that I was. But if you don’t have anyone that has that training in your organization, that’s a really good way for you to have that basic intelligence collection taking place So, that you can sort of risk assess those people and find out everything about them online and So, that you can then use that to action a sort of a more physical investigation where you would have investigators working on that data.

 

Chris Glanden 14:15

When you’re referring to entering parameters in and keywords and it’s bringing back these posts. Is there any way that you can verify the authenticity of those posts without having to do some legwork? I’m sure when you enter these parameters, you may have a flood of information that comes in, is there an easy way to kind of weed out what may not be legitimate or is that still a manual process at this point?

 

Stephen Adams 14:43

I think ultimately, it’s still a manual process. I mean, these systems that are being developed are trying to incorporate AI and the probably some of them doing that to a certain extent. I personally am not comfortable enough trusting those systems yet. So, I will always manually go through that and sort of do that scanning for misinformation or disinformation myself.

 

Chris Glanden 15:08

Got it. And for listeners out there that have shared confidential information online or exposed information on various platforms this is definitely a concern for them just knowing that that technology exists, and not from the triple I standpoint, or from an investigative standpoint but just from a malicious standpoint. If a stalker is trying to hunt them down, it could be scary if they have these tools at their disposal. A lot of people I know that have taken some of these posts down or their own social media, people I talk to,  I try to always explain the dangers of sharing too much information. Should they still be concerned if information that resided on a website is no longer available and are there ways for attackers or investigators to still access that information. If they were to know what that specific website or URL was?

 

Stephen Adams 16:08

Yeah, So, absolutely. I mean, I think that you’re absolutely right, that is a concern for people. And I’m an individual as well as an as an incident investigator and sort of concerns me as well, there are ways that you can still get hold of information that has been deleted. A big thing that is involved in that is it’s the sort of Internet Archive, or sort of the Wayback Machine as is also known. So, anyone in the world can use this tool to archive any page on the internet on any day at any time and the Internet Archive records that age as it looks, and will store it. So, if I deleted something, well, if I captured something on my website today, if I delete it tomorrow, the webpage still exists how he did yesterday in the Internet Archive. 

 

So, you need to be aware of that, that everything you’re putting on the internet can still be there, even if you’ve deleted it, you know, week later and even in terms of social media, you can’t you might delete a post. But there are So, ways that you can other people can get see that post. 

 

So, if someone’s replied to it, and you might be able to find it that way, even if you’ve deleted it, or even some systems are sort of capturing the posts that are being made and storing them themselves. So, I mean, even you know, life raft navigator, I think I believe that’s one of them that for a limited time period. If it is captured your post onto those key words, even if you delete it, it will maintain it for a certain period of time.

 

Chris Glanden 17:38

Yes, it’s like a snapshot, right?

 

Stephen Adams 17:40

Yeah, exactly.

 

Chris Glanden 17:42

So where do you draw the line for what is legal and what is unethical, and I understand with your role, there may not be a line really because you’re trying to get as much information as you can for law enforcement but if you’re an organization and you hear these stories about HR going out there and part of their candidate selection process may be looking at potential candidates social media footprint or seeing what they do offline and I know that may be a bad example but what’s the legal limitation?

 

Stephen Adams 18:21

Yeah, absolutely. And I think it’s, it’s actually something that’s really interesting to talk about and I guess I’m really glad you brought it up because you were saying, working in law enforcement, it’s probably the I don’t have those promises in place. But I’d actually say, we work to them a lot more strongly than a lot of private organizations do and I think a lot of people don’t necessarily factor in that and do the risk assessment of what they should and shouldn’t be doing a lot of OSINT these days is very much what can you do and not what should you do? I think there is a major problem. I mean, just on your question as the initial response. There’s a big problem with legislation and legislating OSINT because of the global nature of the internet and So, it’s really hard to legislate out because you might have an incident investigator in San Francisco that’s doing work on a subject in Belarus. So, does US law apply here does Belarusian law, the both country’s laws apply? And then, sort of, there’s no global agreement on what the war should be in terms of protection of people’s rights on the internet. 

 

You know, it’s really hard for anyone that’s doing internet investigation to sort of know where the line is, I guess, because in the UK, in law enforcement, I know, we went to like five or six different pieces of legislation to restrict what we can do. A lot of organizations here are working to those same requirements. So, something that you we have to do is we can’t look into someone unless we have reason and some believe that they are a criminal actor. Or they are a threat to national security and that falls in on the GDPR and the Data Protection Act and the ECHR that says that you have a right to privacy. So, we just can’t look at you unless we have absolute reason to do that. And then even when we do, we have to use our activity in certain ways. So, it has to be non-contact, unless we have authorization to make on the cover activity. And, generally, you know, you only have one engagement on a social media profile. 

So, you can’t actively monitor someone on the internet without authorization to do that, again, and I know a lot of people that are doing OSINT in the private sector, are sort of continually monitoring people who they believe are bad actors. And, you know, ultimately, you know, in the UK, you just can’t do that. And yet, they’re still doing it, because they don’t really, they’ve never been given the training that says, this is how you should do it legally. Because you know, a big part of I think it’s something like 85% of CTI specialists are potentially not have any OSINT training and yet, they’re being tasked with doing OSINT collection. And I think that’s a big failing of the employers rather than the individuals, because they’re the ones ultimately responsible for the activity that’s taking place and they’re failing to properly prepare their staff for the work they’re asking them to do. 

 

Chris Glanden 21:27

And again, this is noninvasive, this is not hacking someone’s account and reading their private messages. This is all freely available publicly available information online.

 

Stephen Adams 21:38

Yeah, you’re right and I think the problem is a lot of people think something’s on the internet, and they put it there themselves. So, it’s free for everyone to use and ultimately, it’s not. People still have rights to privacy and a lot of people either don’t realize or just ignore that.

 

Chris Glanden 21:56

Very interesting and then again you have the GDPR and you have these other regulatory requirements that could vary per state or per country. I’m sure that gets interesting as well. If you have a potential suspect, or someone you’re watching, and they relocate to another country. Does that change the scope of your engagement?

 

Stephen Adams 22:20

Well, yeah, absolutely. So, I mean, GDPR, in your example, it applies to the EU, really. So, if you’re looking for an American in America, and you’re out even if you’re sort of living sort of in Africa, you know, you might be doing that work and really, there is no legislation that’s overarching that. So, people sort of treat it as a free for all. And you get people in the EU that are like, oh, they’re outside of the EU. So, does GDPR even apply here and So, they’re still doing that same activity again where they’re looking for people and something I’d say is, you see individuals in the private sector, or journalists that are using measures to locate people that are of public interest and potentially, if they’re looking for someone, that’s a criminal, they are sometimes interfering with police investigations, and doing it in the you know, the name of public interest. And but I’m not sure they’re necessarily always considering that, ultimately, they could be charged with interfering with a police investigation and So, when private companies are looking into criminals, they do need to risk assess against that and go. Should we be doing a service for law enforcement today?

 

 

Chris Glanden 23:38

Gotcha. And if that word gets out other people that may be involved or closely involved with the defendant in the case or within the court system, once they find out that all of this information is public, then you have a whole bunch of people trying to get in on it and I’m sure there’s a level there where a lot of that can’t get disclosed out to the public when you’re doing these investigations.

 

Stephen Adams 24:05

Yeah, absolutely. I mean, if we look back to say, Gizlein Maxwell, not that long ago, a lot of people online were trying to find that and ultimately that was the job for law enforcement and whether they potentially knew where she was and there was a reason it wasn’t publicly available, and they hadn’t called her or they were still looking for, but ultimately, it was their job to find her and people trying to find her and putting online, compromises the word that the police are doing, and ultimately, it can affect your investigation So, much that they might get thrown out in court and he’s unlikely in that case that people find our online was going to result in no action being taken but I mean, that’s just an example of people doing that. But the reason that we were to sort of strict parameters and incident investigation and law enforcement is because, you know, courts and particularly judges Just throw out cases or the evidence gathered via the internet if it’s done slightly incorrectly. So, you don’t want people that don’t know what they’re doing, you know, throwing their weight around and trying to get involved and then risking compromising that intelligence.

 

Chris Glanden 25:15

Yeah, I saw a show on Netflix not long ago called “Don’t F with cats”. It’s essentially about a group of these online vigilantes who try to hunt down this guy who posted a video online of himself killing kittens and this guy ultimately became one of Canada’s most infamous murderers. They hosted this Facebook group, and performed their own open-source intelligence that led them on this insane international virtual manhunt. And what’s scary is that the killer found out about this group, joined it under a false alias and was able to evade police by using his own Open-Source Intelligence he obtained from the group and it actually became real when he threatened one of the group’s leaders personally. So, the point of this is to understand the potential level of danger involved when you have people pursuing criminals in high profile cases in parallel with law enforcement.

 

Stephen Adams 26:23

Yeah, exactly. I mean, if people want to get involved in OSINT, there are opportunities where they can get involved in demos and for goods, there’s organizations that are working in that area and I guess that’s a much better way for people to get involved because those organizations ultimately are responsible for managing that. So, they will be doing a lot more risk assessment in case of is the offender going to be getting involved here and making sure that doesn’t happen rather than a random person setting it up?

 

 

 

Chris Glanden 26:54

Yeah, they’re, I’m sure they have good intention but they could ultimately be a distraction to relog enforcement in pending cases.

 

Stephen Adams 27:02

Yeah, exactly. Whereas there’s organizations like locate, trace labs, the innocent lives Foundation, that’s just a few organizations they use an OSINT system to assist law enforcement, rather than trying to do the work themselves and they work specifically with law enforcement and directly with them, sort of open source work out into the community to do some good work, and then pass it through law enforcement, rather than going out and doing a witch hunt themselves, that is trying to replace the part of law enforcement in that role.

 

Chris Glanden 27:36

Yeah, definitely makes sense. So, there are many different platforms that are coming out. Now. I mean, you’ve always had your Facebook, your Twitter, your Instagram and now you have tictoc was recently in the news and there’s always something where you’re able to share information. So, I think all of the data sources are just continuing to grow with what investigators or adversaries can look at and find online about a certain individual and I’m thinking from a cybersecurity standpoint CEO or CISO of a company, just sharing too much online, even about their personal life gives these attackers ammo to attack them with either a phishing campaign or something to grab their interest. As an OSINT and social media intelligence expert, could you kind of define some of the ways that are best to protect our information online, whether it’s an organization or whether it’s an everyday user that just likes to post a lot online. What would you say is a reasonable amount or what is the best way to really protect information and not become a target?

 

Stephen Adams 28:50

Yeah, So, I mean, I guess, the security point of view, there’s tools that you’ll want to put in place in terms of using tools like Authy, that are going to be sort of multi factor authentication, to make sure that your accounts are restricted, because a big thing really is the fact that criminal actors can take hold of your account and use it themselves. So, if you’re the CEO of an organization, you’re ultimately at big risk of someone trying to hack into your account and saying things that you wouldn’t say, which could, you know, massively impacts the value of your organization. 

 

So, you need to really put in place measures to stop box that’s taking place So, that multi factor authentication is a really great tool, as well as password managers. You know, we need different passwords for every different system that we’re using. So, if one is compromised, then the other ones are still protected and So, a tool like LastPass, there’s ones that you can download, So, just on your computer So, they’re not stored online as well. But I think LastPass is a great approachable system that everyone could use, and just sort of get those as possible as management systems there, I mean, I have so many passwords, there’s no way I could feasibly remember all of them and they’re random 32-character sequences, it would take me ages to type them out. So, having that tool there that manages that means that I don’t have to worry and the same thing goes, when you’re an incident investigation, you need to have a different password for every account you use because a password breach can then link all of your different fake accounts or your sock puppets together. 

 

So, if someone gets hold off of BeHahed, which is a tool, which is a website that you can sign up for, you just pay an amount of money, it’s sort of an add on, like haveIbeenpwnd. So, you can type in your email address, and it tells you all the breaches that you’ve been involved with and what your password was. But you can also search by passwords. So, if you put in one password, you can see all of the different breaches that that password has been involved in, which can then link you to a bunch of different social media accounts. So, whether or not you’re the CEO, or whether or not you’re an internet investigator, this one password then links you to you know, every different social media account has been breached without passwords, it’s really important to have a different password for every account, just to sort of put that protection in place but I mean, in terms of the actual content that you’re putting out, it’s sort of hard to protect against that. Ultimately, you’re looking at the restrictions on the social media sites themselves and 

 

 

So, making it so, that only your contacts can view that information because ultimately if you’re sharing it. and it’s going out to the whole world, that means everyone can see it and increase the criminal access that can use it against you. It’s sort of what we were talking about earlier, you sort of have to recognize that everything you put on the internet is there and it’s there forever. You don’t put it there at all or you do your best to protect how you’re putting out there.

 

Chris Glanden 31:56

Definitely. I totally agree. It’s funny you mentioned haveibeenpwned. I had Troy hunt on the show. He just ended up open sourcing that not long ago. So, I’m curious to see how that goes with the community maintaining that service. I just see that getting better and better and hopefully it’s already known in the security field, but reaching outside of that.

 

Stephen Adams 32:18

Yeah, absolutely because I mean, we use it in the inside investigation world and ultimately, it’s designed to protect people and yeah, we’re using it for an investigative reason. 

 

Chris Glanden 32:29

Yeah, absolutely. For the paranoid and that’s a large percentage of us cybersecurity professionals. We try to be very careful on what our digital footprint is but it’s very difficult and in today’s world, where so much communication is done, online, and in public view. Do you have any recommendations on ways to stay online and stay connected but still stay in stealth mode? Is it burner accounts? Are there things that people can do to not completely go off the grid but stay in tune with what’s going on be able to communicate without having a lot of that tracking turned on or is that even possible?

 

Stephen Adams 33:22

Yeah, So, it’s possible to certain degrees. So, in terms of messaging people most of the world is using WhatsApp and its end to end encrypted well it is owned by Facebook and you have to risk assess that, and go Facebook is potentially going to be accessing that data somehow. We look at Cambridge analytic as the scandal a while ago and all the analytics that Facebook is doing on its users and even in terms of just looking at who your network is by looking at the contacts you saw in your phone in WhatsApp, if you look for different messaging apps instead of WhatsApp and there’s some really great ones out there that are designed with a security focus in mind, Signal, I guess, is the major one, and signal is looking to expand even further. So, I think that’s really going to come up in the next year or a major rival to WhatsApp and OSINT as an open-source system developed in the US and it really exists to protect the individual rather than exploiting them how, what some might. So, again, everything is end to end and you can only message people that have signal. 

 

So, it’s I mean, that’s a great method and there’s another one called Session which is another messaging app that is developed on the signal infrastructure and but that essentially destroys your messages after you’ve sent them and creates what it call sessions. So, you will create one session So, you and I would message each other. We’d have our conversation and then at the end, we delete it and then the next time we chat, we would have to create a new session So, that data isn’t stored. It’s not on the app, no one has access to it, even yourselves. 

 

So, I think that, you know, that’s a great option and people should be considering things like Session and Signal rather than the apps that everyone uses like WhatsApp. The problem with these app servers you can only message people that have the same app. So, that’s why everyone is using WhatsApp because the whole world has it. So, it’s really is the problem is trying to convince the world that security should be a focus and ultimately, for the ease of using these systems, you’re selling your personal data and I think that’s the biggest issue we face in trying to protect ourselves because ultimately you and I have to decide. I was rather you signal because I think it protects me much better than WhatsApp, my family aren’t using signal. So, how do I then contact them? So, I have used WhatsApp and Facebook can read it or I use text messaging and the government can read it.

 

Chris Glanden 36:03

Right! Like you said, its kind of goes back to really who owns the platform, who runs the platform, because when you look at VPNs, too, there are some VPNs out there that claim they don’t do logging, but you look into it a little bit more than they may do logging. I mean, you kind of have to do some legwork and lean on research that has been done with some of these platforms to actually confirm that they’re doing what they advertise.

 

Stephen Adams 36:28

Yeah, absolutely. I mean, some of the most popular ones are ones that potentially you can’t trust. So, you do have to do that research and trust those experts in the fields that are doing it for you but ultimately now, it’s your responsibility to protect yourself. So, I would always encourage people to do their own research where possible and just consider what matters to them So, that they’re risk assessing themselves rather than what that specialist thinks,

 

Chris Glanden 36:57

Exactly, yeah, It goes back to what I tell people that post on Facebook, that it may be limited to who can view that post, maybe the 20 people on your friends list or whatever that see that post but the mindset that you have to have is that everyone can see it because once that data is stored, down the road you don’t know what Facebook’s going to do, or you don’t know who’s going to even hack your account, then that’s why you set passwords and passwords are important because if someone hacks that account, they have those private messages that they can access, and then post on another public account for everyone to see. So, yeah, absolutely. Yeah. You’re never really 100% safe, even when you think you are.

 

Stephen Adams 37:41

No, and I guess, you can try to do that as you were saying, like with covert accounts but ultimately it becomes a hassle. Because do you connect to your friend’s main account? Do they have a covert account? How do you track who’s covert accounts is whose and you just get him into an area, it becomes so complicated trying to communicate with people?

 

Chris Glanden 38:02

Exactly. So, Steve, can you tell us a little bit about the training platform that you devised? What type of courses are offered? And what’s the website again? Can anyone register and do you have to have any prerequisite to be able to take advantage of some of the courses that you created?

 

Stephen Adams 38:19

Yeah, absolutely. So, it’s called intelligence with Steve, you can go to intelligencewithSteve.com. It is a business that primarily was focused on criminal and security, intelligence and once they have gone live. I’m seeing it expanding and people in other industries and disciplines typically cyber protection are sort of also really interested in the content that’s going out because it’s applicable outside of intelligence. So, ultimately, is sort of broken down into, you know, a few different areas. 

 

 

So, the first one being, an introduction to intelligence, this looks at what intelligence is as a concept as well as all the different products that you put together and all the different analytical theories that you might want to approach when you’re citing work and intelligence and then the sort of different ways that you can develop your training through intelligence with Steve beyond that and So, one is OSINT. So, there’s two OSINT’s courses. One way to say in legal theory and that’s particularly relevant for UK citizens because it’s based on the UK legislation and the EU legislation or as we were saying before legislation is so broad and sort of hard to navigate, that you can sort of use that legislation as a framework no matter where you are in the world, just to ensure that you’re using the techniques ethically. So, I think that that could be relevant to everyone really. 

 

And then there’s a course on Open-Source Intelligence techniques. And that sort of takes you through all of the different ways that you can use OSINT or internet investigation more broadly, to gather intelligence on purpose. Listen we’re talking about social media intelligence, which is, you know, all the different social media sites, as well as you know, collecting information through domains and how you store all that information in a profile and then ultimately, the new course I’m working on at the minute is intelligence analysis and that was intended to go live this month, there might be a little delay on that, because I’m looking at bringing on some other guys to assist me with that and put together a much better, more comprehensive course and initially plans is hopefully going to be a bit of a game changer in how intelligence analysis training works. 

 

 

And intelligence analysis, training, at least in the UK has always worked one way and you go on site, you do two weeks train, and then you go away and that’s all the training you’ll get and you generally get it two or three years into your job when you’ve already done all of that content and So, you sort of just getting a certificate that tells you what you already know. So, we want to look at delivering training, much earlier in people’s careers, and providing in a much more sort of structured way. When you go on these live training sessions on site, you’re working on different information on each project. And you sort of learned the individual technique but you don’t follow it through and So, we’re hopefully going to try and use the same information and data from the start all the way through to the end of the project. So, that you can really see how one piece of information and once that data can be used to go through the whole intelligence cycle. 

 

So, that’s sort of what we provide as a company but the reason that intelligence with Steve is potentially different from other intelligence training companies, is the way that we provide our information and our training packages. So, the thing that makes us sort of distinct is that it’s prerecorded online lectures and So, as I was saying, most intelligence training is delivered on site, you go there, you write down what they say, and you go away and that’s your law versus with our training, you get 12 months access to the content. So, you can watch it as you’re doing the work and that’s a great way from my point of view of learning, because you’re getting trained as you’re doing it. 

 

And then you can go back and watch it if you need help, again, later on when you’re doing the same task again, because you know, you’re not always using these techniques every day. So, if you’re not doing them every day, you forget how it works. So, I think that’s a really great way for people to sort of develop their expertise on the job. So, that’s another problem with the training, it’s that you work to someone else’s schedule. So, I can only go and get the training when the instructor tells him they have a spot because it’s on demands, if you want to get the training, it’s 2am on a Sunday, you can get that training then.

 

Chris Glanden 42:59

Right. And that’s important, and especially with the COVID era that we’re in now, you kind of need to have that flexibility. I think that is really great and I think it’s a topic that more individuals should get involved with and become aware of and just having that type of training on demand and at your fingertips is really a great thing that you’re doing.

 

Stephen Adams 43:20

Thank you very much. I’m glad it’s hitting the mark as intended. I do hope that people do start looking into this as an option and it doesn’t have to be with me. There are more and more companies are looking to try and sort of get that same sort of training online. But yeah, I think it is a much more approachable way to do training and it allows you to get the training when you need in most.

 

Chris Glanden 43:43

How can others find you online? What is your online footprint? What are some other ways that our listeners can keep in tune with what you’re doing?

 

Stephen Adams 43:52

I guess most actively, I’m on LinkedIn. I mean, the easiest way to find me on LinkedIn is through my website, on my website, there is a sort of a social media section. And that links straight through to my LinkedIn and my Twitter, which isn’t massive yet, It’s something that I’m sort of not using, I’m using whenever I post something online saying ultimately. So, if you have Twitter rather than like, then you can still follow me there, I just don’t have as big of a following. So, I probably don’t engage as much. In the next month or So, I’m looking to really ramp up our YouTube channel, currently in the process of day in a lot of my lectures and as I’m doing that, I’m going to then update what is held on YouTube So, that if you don’t want to pay for my course, and you just want to get a bit of an example of what I’m offering, you can watch those videos. see some of the concepts I’m covering on my courses.

 

Chris Glanden 44:43

Very good and I’ll get those links posted online So, our listeners can tune in and easily access where they can reach you. So, this is the BarCode podcast and its last call. So, I have one last question for you before you take off. If you opened a cybersecurity themed bar, what would the name be? And what would your signature drink be called?

 

Stephen Adams 45:07

So that will take a second because I guess I’m not at the dad joke stage of my life where I can quickly come up with those jokes, those puns. But ultimately, I know people sort of in joke to people, you know in incident investigation. You’re a bit of a bounty hunter, my team Trace Lab CTF is the Mandalorians. Let’s call the drink the Boba Fett and we’ll call the bar The Hunting Ground.

 

 

Chris Glanden 45:36

The Hunting Ground. I like that.

 

Stephen Adams 45:39

I might go into that, you know?

 

Chris Glanden 45:40

That’s a great idea.

 

Stephen Adams 45:42

Other than the retirement package

 

Chris Glanden 45:44

Yeah. Very good. I won’t take up any more your time. Steve, I appreciate you joining and open sourcing your intelligence with us. Everyone needs to go check out intelligencewithSteve.com, check out some of the courses and look forward to catching up again soon, possibly at a real bar.

 

Stephen Adams 46:02

Absolutely. Chris, thank you very much for having me. It’s been great talking to you. 

 

Chris Glanden 46:06

All right, Steve. Take care man.

 

Stephen Adams 46:07

You too. See you.

 

Chris Glanden 46:13

Barcode patrons. If you enjoyed this episode and want an easy way to support the podcast, please leave me a review on iTunes or Apple podcasts. If you’re not on a Mac or iPhone, just visit thebarcodepodcast.com/reviews. I appreciate all the support. Cheers. 

To top