September’s OSINT News: Delhi Police Need Better Facial Recognition Tech, and Hackers Steal $6M in Counter-Strike Skins
With digital technologies becoming more advanced and integrated every year, the battle between cybercrime and law enforcement has never been so convoluted. While new technologies are becoming more effective in tracing crime and identifying culprits, innovative crooks are developing ever more ingenious ways to siphon funds away illegally. Yet at the same time, a significant answer to the problems of online fraud may just be provided by a surprising source.
Indian Law Enforcement Suffers from Inadequate Facial Recognition Tools
Like a lot of the western world, Indian law enforcement agencies have started actively employing facial recognition technologies to connect criminals to their unlawful activities. In a recent example, Delhi police made significant use of AI to identify violent rioters who had been on a rampage in the nation’s capital. However, it has been apparent for some time that the tools being used in the facial recognition process around the world are not reliably up to task. In the case of Indian law enforcement usage, the efficacy of these technologies are further hampered by low thresholds being set for match accuracy: an 80 percent correlation is considered a positive match, while identifications that fall short of that mark are treated as false positives that require further field investigation.
These guidelines have raised concerns for civil liberty advocates who feel that legal actions based on such unreliable data could lead to the harassment of innocents and even miscarriages of justice on a large scale. However, Indian authorities have stated that positive matches would be subject to further “empirical investigation” before prosecution. This however leads to further internal concerns since the police forces then become overloaded with field work pursuing false leads, which wastes a huge amount of law enforcement resources and time.
Indian officials have stated that the low accuracy threshold is justifiable on the basis that the police use verified photos from police and government databases rather than open sources. Despite this, experts are surprised by the exceptionally low precision rate: according to a 2021 study by the US National Institute of Standards and Technology, similar systems employed at border control yield a far higher accuracy rate of nearly 99.5 percent. Whatsmore, police digital archives may simply contain too few photos to deal with civic upheavals rather than repeat offenders. Put simply, despite the huge potential for these AI technologies, a combination of weak algorithms and insufficient input data are leading to inefficiency and squandered resources in important law enforcement work.
Faced with such difficulties, the Indian authorities could hugely benefit from a sophisticated OSINT system such as SL Professional. With individuals uploading entire libraries of high-quality, open sources can provide a wealth of visual data that simply can’t be matched by closed databases. Combined with advanced facial recognition models, such tools can cross check individuals through an expansive range of data to provide results which are reliable to a far higher degree of accuracy and greatly enhance the efficiency of police work.
A New Trend in Cybercrime: Hijacking In-Game Assets
While people are still getting used to news about stolen NFTs and emerging niches of crypto investigation, cybercriminals are exploring an even more bizarre way of getting rich quick – stealing in-game modifications.
CS.MONEY is among the largest platforms for trading Counter-Strike: Global Offensive skins – visual representations of weaponry, accessories, and avatars, which can be exclusive. However, this hugely popular site has recently been taken offline after hackers looted 20,000 items amounting to an astonishing $6 million! Most popular online games have developed sophisticated economies, complete with internal currencies as well as virtual arms, avatar and equipment trade, and much more. For highly popular games such as CS:GO, selling platforms represent huge marketplaces, subject to intense supply and demand among gaming enthusiasts, who are willing to fork out significant sums for these in-game commodities.
However, this sphere of digital trade has a murky underbelly, since these gaming commodities can be used as digital tokens for making illicit transactions in a manner that law enforcement bodies are hard-pushed to trace effectively. Such trade can include sizable drug or weapon sales, and even bribery payments can be made in game assets which go unsupervised by the regulators. With many assets possessing a high liquidity, they can simply be passed from one individual to another then resold on gaming marketplaces. In this climate, it is absolutely essential for law enforcement agencies to take game assets into consideration when investigating money laundering operations and other illicit transactions.
True Crime Shows May Be the Best Ways to Raise Awareness about Cybercrime and OSINT
Popular culture has long been a remarkably effective vehicle for popularizing scientific ideas and theories, from the TV shows of Neil deGrasse Tyson and Carl Sagan, through the theoretical physics underpinning the plot to Interstellar, to the books of pop science writers such as Michio Kaku. It stands to reason then, that films and series can raise awareness about some of the contemporary pitfalls lurking in the online realm.
According to a survey conducted on US and UK residents, it transpired that popular movies and series substantially influence people’s awareness of the dangers of the web, with two out of three respondents stating that popular true crime productions such as Inventing Anna and The Tinder Swindler have influenced their Internet behavior and made them more cognizant of potential scams.
Pop culture has even had a hand in helping casual audiences learn the basics of open-source intelligence. The Netflix documentary Don’t F**k with Cats has shown the power of OSINT in criminal investigations to millions. It seems that the more such content gets made, the more empowered average consumers will be to fact-check online information to avoid being taken in by misleading information and fraudulent set-ups. But in the meantime, people can always learn more about OSINT via the Social Links blog.
Fact of the Month
IBM’s yearly data breach report is usually a sobering read and 2022’s is no exception. In yet another record year of data breach costs across the board, the Middle East has seen the most dramatic jump, rising by 7.6 percent to $7.45 million.
With energy prices spiraling and increased volatility in the crypto market, there has been a spike in malicious cryptomining, aka ‘cryptojacking.’ Since the cost of mining has gone through the roof, threat actors are finding ways to mine cryptos with mining resources being run by others.
In a report by Chainalysis, the American blockchain analysis firm reported that the first seven months of 2022 saw a shocking rise in cryptocurrency theft via hacks compared to the previous year. With a jaw-dropping total of $1.9 billion in cryptos being stolen, representing a 60% rise.
The U.S. Federal Reserve has issued guidance for banks intending to handle cryptocurrency transactions, stating that firms are now obliged to inform the Fed in advance, so that the planned activities are actually above board and don’t jeopardize consumer protections.
According to the Identity Theft Resource Center (ITRC), 2021 saw an unprecedented number of identity fraud incidents, with Google Voice scams being the most common. The non-profit recorded a total of 14,947 consumer reports for the year, which amounts to a 26% increase from 2020.
And that rounds up the September digest! Keep an eye on our blog for all the latest news and insights for all things OSINT.