Part 3: Setting up and securing your investigation device- OSINT Investigation
Open Source investigation, even though it sounds easy must always be done by a trained professional in a secure environment. Collecting electronic data, identifying different accounts and linking it to a criminal case or for intelligence gathering must be combined with traditional methods of investigations.
This article shows how you as an investigator would ideally follow basic precautionary measures to keep your identity secure as well as not contaminate your evidence.
Figure 3: Is your device secure?
According to the guidelines of INTERPOL, the collected electronic evidence must meet evidentiary standards set by the judiciary. The data must be consistent and represent your investigation, more often the investigator is found to perform personal searches which gets logged by the browser and when a clone of the device is called, all this data is also presented. It does get embarrassing for the investigator to find shopping lists, personal social media logins and television channels on the same device in his report (figure 3).
To avoid these conflicts, lets prepare your investigation device (figure 4). It must be routinely maintained. Make sure the host (your device and network) is secure, install efficient anti-virus and anti-malware software. Use password managers to keep a tab on all your passwords so they are safe and lastly use a Virtual Private Network (premium version preferred) before beginning your investigations.
Figure 4: Setting up your investigation device, keeping your evidence safe and secure.
Password managers Use password managers to keep all your passwords in one place, look for encryption settings (256-bit AES) some apps have unique two-factor authentication. Dashlane is popular, other than that: Keeper, Roboform, KeePassXC and One password.
Virtual Private Network A VPN enables the user to achieve online privacy and anonymity. It creates a private network from a public internet connection masking your IP address thereby making your online activities untraceable. It does not mean that there are no ways to retrieve the data, there is a possibility so do not use it for unethical practices. Amongst the VPN service providers, Nord VPN, Express VPN, Private Internet Access and Surfshark are the popular ones.
Anti-virus software Kaspersky Total Security, Bitdefender Antivirus Plus, Trend Micro Maximum Security, McAfee Internet Security, Quick heal are amongst the commonly used ones. They also have malware protection included, fast, heavy and full scans of the device, some come with inbuilt password managers and many other features.
Dr Malvika Mehta (ACSFS) (MSc) (BAMS) Forensic Investigator, Consultant, Trainer & Independent Expert Witness, OSINT specialist, Forensics course designer