The tool allows FBI analysts a birds-eye view of Twitter, Facebook, and more.
Photo: A N Suresh Kumar/Flickr
Whether it's terrorists spouting propaganda, or hackers spreading dumped files, social media has become a busy arena for criminals. In response, law enforcement bodies now constantly monitor social networks for leads.
Now, by examining public records, Motherboard has found one of the pieces of software that the Federal Bureau of Investigation (FBI) has purchased for gleaning information from sites such as Facebook, Twitter, YouTube and Google+. Motherboard also found public LinkedIn profiles for intelligence analysts which seem to reaffirm the agency's use of the tool.
"SocioSpyder," as the product is called, "can be configured to collect posts, tweets, videos and chats on-demand or autonomously into a relational, searchable and graphable database," according to the product's website. SocioSpyder is made by Allied Associates International, a US-based contractor for government and military clients as well as other private companies, and which sells, amongst other things, software.
This particular piece of kit, which is only sold to law enforcement or intelligence agencies, allows an analyst to not only keep tabs on many different targets across various social networks at once, but easily download all of the data and store it. In short, it's pretty much a pre-configured web scraper for social media.
"With over 900 million Facebook users and 400 million daily tweets, finding incriminating data is sometimes overwhelming"
Where SocioSpyder gets a bit more interesting is how it can map out user-to-user relationships and graph its collected data, letting an analyst get a much deeper understanding of all the tweets, images, and profiles they might be pooling together.
"With over 900 million Facebook users and 400 million daily tweets, finding incriminating data is sometimes overwhelming. But, mining and organizing data collected from these massive sources is paramount to the success of the 21st century investigative agency. SocioSpyder is the key to solving the complexities of this multifaceted problem," the product site claims.
Last week, a Missouri woman was charged with making violent threats towards the FBI, military, and President Obama on Twitter. Jihadis have also infamously used the network to spread propaganda, although Twitter's recent wave of suspensions has apparently muted some of the Islamic State's outreach. And earlier this month, a hacker dumped the contact and job details of 20,000 FBI and 9,000 DHS employees on Twitter.
Of course, tools that leverage open-source intelligence are nothing new. Maltego is used by penetration testers for scoping out target networks, or by journalists to map digital breadcrumbs left by internet scammers. And all of SocioSpyder's functionality can probably be whipped up with a few elegant Python scripts. Nevertheless, it's interesting to see what specific products the FBI has spent money on as crime has spilled over into social media.
Motherboard found public records detailing the FBI's orders with Allied Associates International dating from August 2014 up to September 2015. The majority of these explicitly relate to the purchase or upkeep of SocioSpyder, with $14,994 being spent on "SocioSpyder with 1 year service support agreement," or $2,499 on an "user license for the installation of sociospyder on a stanalone [sic] PC."
In all, the FBI seems to have spent around $78,000 on SocioSpyder software and licenses within those 13 months. The US Marshals has also purchased SocioSpyder, albeit to a lesser degree: $22,500 worth of orders are listed.
The FBI and Allied Associates International did not respond to a request for comment. When asked about SocioSpyder, the US Marshals said it "routinely pursues and arrests violent offenders based on pre-established probable cause in arrest warrants issued for crimes such as murder, sex offenses, robbery, drug offenses, kidnapping, escape and other criminal activities which negatively impact public safety. It is the position of the Marshals Service not to discuss or disclose any investigative techniques."