SOCMINT CHALLENGE
SOCMINT Challenge
SOCMINT is Social Media Intelligence. SOCMINT is the collection and analysis of data from social media platforms for various purposes, such as link analysis and digital footprints
SOCMINT is a sub-discipline of open source intelligence (OSINT). SOCMINT only obtains intelligence from social media, whereas OSINT gathers intelligence from various sources
Social Media Platform
Facebook
Twitter
Instagram
Youtube
Quora
Tik Tok
Reddit
Pinterest
VK
Skill Required
Text Intelligence
Geolocation
Documentary
Critical Thinking
Reading diligently
Next, it is important to know the types of information that can be collected from social media platforms. We can divide this information into three general categories:
Profile Information: Static information provided about a particular user that can be observed by those accessing the profile. On LinkedIn, for example, this might include the user's job title, current and previous employers, skills, and contact information. Interaction: Users on social media platforms can interact with the platform or other users in various ways. These forms of interaction include posting/commenting, replying to others' content, posting images or videos, and liking or reacting to existing content. Metadata: Information found on social media platforms is not limited to text and images. Metadata can also include contextual information about the content. Metadata can include the location marked in a post, the time the post was made, or even the type of device used to take the picture
What is should collected?
Profile information
Post and activity
Professional information
Interaction
Connection or follower
Interest
Location
Communication
Media consumed
Opinion or sentiment
Photos and videos (media)
Mention
Hashtag
Online activity
Username
Email address
Phone number
Challeinging in SOCMINT
As we know, social media is a large and very useful information land but there are things that you encounter if you do SOCMINT, and need to be aware of them:
Overhelming Volume
Social media platforms like Facebook and Twitter have billions of users every month. With so much data available, it can be difficult to find information relevant to a particular investigation. Many platforms operate with the goal of keeping the identities of their users confidential, which poses a challenge for investigators. Additionally, the increasing prevalence of fake accounts and bots on these platforms can make it very difficult to know which data is accurate, available and useful
Disinformation
Be careful of social media posts, there are so many that I often find such as cases of propaganda, fake news (hoax), politics of divide and conquer, AI generated, brainwashing, opinion deflection, opposition and very disturbing buzzer posts such as bots. You must review and dig up the information such as checking on fact check sites, research such as doing reverse images, text intelligence, as well as its activity whether there are bots and check the time or latency of the post
Ethic & Privacy
Social media is very vulnerable to privacy and ethics. As investigators, we must apply ethics on the internet and risk violating privacy and authority. For example, governments, data brokers and platforms have logs and spy on activities
Firewall & Captcha
If you don't have the money to do automation or scrapping on social media sites, they have crawl detectors and WAF to protect against scrapper bots. You need an understanding of pentesting or IT security to bypass this access, there are many free scrapper tools that you can use in this repo. But if you have more money I recommend buying a specialized tool, or subscribing to the API
Identity Masking
An investigator requires anonymity, budget and time to create a fake account (Sockuppupet) If you are in an investigative position such as OPSEC, analyzing a case such as opposition etc. it is necessary to use a fake account. So as much as possible make your account authentic and have an audience this requires time and money to create
Bot Comment & Post or Bot Account
In social media, you will definitely find pros and cons. In Indonesia, there are bot (Buzzer) accounts that are very disturbing and can distort the truth by making junk posts and using auto comment automation, posts etc. This behavior can be seen in the latency of each post, content, interaction, profile or usrname, followers and other things. You need to do scrapping and do text intelligence to make it easier for you to manage data such as clustering
Propaganda
Propaganda is the dissemination of information aimed at influencing public opinion and behavior. Propaganda can be facts, arguments, rumors, half-truths or lies. Propaganda can be done using symbols that have meaning, such as gestures, words, banners, music, clothing, hairstyles, and designs.
Tools
You can also check on this repo
Twint
Drone Emprit
Maltego
Twitter API or Platform API
Data Broker (scrapper site)
Data Visualization
Technique
Example attack surface
Profile Identification. Analysts can identify profiles or accounts associated with known threat actors or suspicious activity
Communication Patterns By monitoring conversations and interactions, analysts can understand communication patterns, helping to identify networks of malicious actors
Sentiment Analysis. Analyzing sentiment can provide insight into the motivations, intentions, or potential targets of threat actors
Content Analysis: Reviewing shared content, such as images, videos, or links, can provide clues to a threat actor's capabilities, tools, or methodologies
Analzying trend
Conclusion
So far this is a problem that is often found in SOCMINT, if I find something new I will add it here. SOCMINT is something very extraordinary but there are weaknesses. Like the mass media, opposition and other things
Last updated