Investigators comb social nets to look for bombing clues
Online forums, Twitter and Facebook could hold info about Boston Marathon bombers
Computerworld - With federal and state investigators searching for clues about the person or organization behind the Boston Marathon bombing, social networks could hold a treasure trove of information.
"I would imagine that the authorities are casting a wide net and will have certainly taken note of anyone celebrating what happened in Boston whether it's on Twitter or an online forum," said Dan Olds, an analyst with The Gabriel Consulting Group. "If they haven't already, I think social networks will become part of the default investigative method."
On Monday, two bombs went off at the finish line of the world-famous Boston Marathon as onlookers cheered and runners crossed the finish line. So far three people, including an eight-year-old boy, have been killed and more than 170 have been injured. As of Tuesday afternoon, doctors at various hospitals reported that 17 people remain in critical condition.
The FBI has taken over the investigation into the bombing, working with the Boston Police Department, the ATF and the DEA. They have asked people who were at the race to send them photos and video that could help in the investigation.
Both terrorism and digital forensic specialists say investigators certainly are searching social networks as they try to piece together what happened leading up to the explosions.
"There already have been people monitoring the typical online forums - like Jihadi forums or other extremist forums and old-school message boards," said Mila Johns, a special projects researcher with the National Consortium for the Study of Terrorism and Response to Terrorism. "They've been looking for claims of responsibility or claims of solidarity. People tell us all kinds of things."
However, she also noted that criminals aren't always masterminds.
People planning a coordinated event might think that no one is paying attention to what they say or do online. They also might think that there's too much information -- the digital equivalent of white noise -- online for investigators to catch. Social media users, for example, were expressing their sympathy and support for the city and the victims of the bombing with FaceBook pages and in Tweeter commentss
That assumption, though, might be a big mistake, said Keith Jones, an independent computer forensics examiner.
"I would look at social media if I was investigating this," said Jones. "The very, very first thing I would do is do some searches. You'll get a lot of white noise because you'll have CNN and all that crap in the way, but if you keep looking, you could find online discussions about planning the attack. I don't know what the searches would give me, but that's why you look. You might find a forum where someone didn't set the security permissions correctly and it's not as private as they thought it was."
- Social Media in Technology: A Unified Strategy for Success Find out how social media is sparking a new era of customer and industry-understanding in technology enterprises and how industry leaders are overcoming...
- Budd Van Lines Moves Data Closer to Home Shipping and logistics company Budd Van Lines uses Infinio to improve performance on their VDI environment. The company employs a virtualized datacenter based...
- Storage Performance with Cost Control As IT groups expand their server virtualization initiatives, central storage performance can become the bottleneck and create poor end user experience.
- Server-side Caching for the VMware Admin vExpert David Davis weights in on how best-in-class server-side caching solutions can drastically improve storage performance and reduce latency without the addition of...
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Social Media White Papers | Webcasts