The news about a large group of rioters storming into the Capitol spread around the globe like wild fire on January 6th,2021, as the mob took over the building in order to stop the process of vote counting. The attack came as a surprise to many; thus, there was no way that it could have been prevented as hundreds of people set their eyes on the Capitol. Unfortunately, the whole event did result in people losing their lives, including staff members and police members, and many getting injured both physically and mentally. It is safe to assume that hundreds of people have taken part in this event, however, because of the lack of personnel and unpreparedness-not a lot of arrests were made at that moment. This is where Open-source intelligence (OSINT) comes into play. As of right now, almost 10months later, the number of people that are being charged and arrested is over700. But what helped to identify the participants? The answer consists of primarily two factors: tips from people and social media, which are both not mutually exclusive.
A story of an actor
As is the case in most large gatherings, a crucial part of it is the social media presence. A lot of rioters shared videos, photos, and statements on their accounts on Instagram, Twitter, and Facebook. From all the evidence presented, law enforcement used it to their advantage as many open sources can help with not only having a deeper understanding of the timeline but also the identification of the protestors, and thus, the hunt began. One of the examples is an actor, who breached the Capitol and was caught in a video, clearly revealing his face. Eventually, police were able to identify him as Aaron Carico.
Many others who participated posted the evidence on social media but then deleted the posts once they understood that the police were onto them. People tend to forget that once something is on the internet-it never truly disappears unless preventative measures are in place, digital trails are left to be discovered. This could be argued by saying that not all protestors even had social media and it is true, but there are other OSINT tools available including face recognition websites, and reverse image search engines which played a big role in the arrests. Since websites are open sources, they are available to anyone, and multiple communities, news magazines, and websites contribute to this investigation providing law enforcement with multiple identities of the rioters
Nothing stays hidden with OSINT
An interesting case of this is the case of Eric Munchel who was well disguised wearing all black gear, scarf, and gloves during the riot. It would seem nearly impossible to identify this person at that moment, however, the evidence was found. There were more pictures of this man (still in gear) earlier in the day where he was with a female wearing a shirt and military vest; thus, there was a lead to check and track if the female was with him earlier and she was. The video where the two were seen leaving the hotel earlier in the day surfaced, and to no surprise, Eric was not wearing a face cover leading the team of professionals uncovering his identity.
There are multiple lessons to be learned from the Capitol riot, but the main focus of this blog is to show that OSINT is a very useful tool in multiple investigations, and frankly, everyone can contribute. And that is the power of OSINT.
Have a look at Alisitas Acadamy, our online security academy.
