By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Open-source intelligence (OSINT) is the collection of data from publicly available sources to be used in the context of intelligence. Within the intelligence world, the term “open” refers to overt, meaning sources available publicly, opposed to clandestine or covert sources.
OSINT is not a new concept. It has been in use for decades. However, with the arrival of instant communication and fast information transmission, a significant amount of predictive and actionable intelligence can now be obtained from unclassified public sources.
OSINT should not be confused with public intelligence or open-source software.
The U.S. Director of National Intelligence and the U.S. Department of Defense (DOD) define OSINT as information produced from publicly available information collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
In short, open source acquisition involves procuring written, verbal or electronically transmitted material that can be obtained legally without any type of clandestine collection techniques.
Background of OSINT
OSINT’s originates with the pre-Central Intelligence Agency (CIA). The formation of the 1941 Foreign Broadcast Monitoring Service (FBMS) was born during World War II and evolved into the 1967 Foreign Broadcast Intelligence Service (FBIS), the predecessor of the Open Source Center of today.
Acquired by the CIA in 1947, FBIS emerged as the only recognized service organization trained and equipped to monitor and process foreign broadcasts for the benefit of all government agencies needing the service.
Coverage worldwide, to the extent it exists today, was beyond the dreams of those who lived in that era.
In 2005, following the 9/11 attacks, the Director of National Intelligence Agency, Porter J. Goss, announced the creation of the DNI Open Source Center. The Center is designed to collect information available from databases, radio, television, video, geospatial data, photographs and commercial imagery.
OSINT Information Flow Categories
Media to include newspapers, obituaries, magazines, television, and radio worldwide.
Internet includes, but not limited to, online publications, discussion groups, blogs, citizen video (user created content and video), Facebook, YouTube, Twitter and other social media websites.
Commercial Data includes commercial imagery, industrial and financial assessments and databases.
Grey Literature: patents, working papers, business and corporate documents, newsletters, technical papers, and unpublished works.
Professional and Academic publications obtained through journals, symposia, academic papers, journals, theses, and dissertations.
Public Government Data: telephone directories, press conferences, websites, speeches, budgets, hearings and other public government reports.
There are various disciplines of OSINT and the methods and applications are almost endless.
The New OSINT
Ten years ago, open source information was scarce; however, in recent years OSINT has taken on an entirely new meaning.
Back in the day, people were primarily found by searching a phone book. Today, people are increasingly comfortable with sharing their personal information and a treasure trove of information for those who want it.
According to Statistica, it is estimated there will be 2.77 billion social network users around the globe in 2019. Social media has become an excellent and consistent source of information.
While, decades ago the problem was shortage of open source information, the biggest difficulty now, is filtering through an overabundance of information.
Some examples of OSINT resources are:
Internet directories containing personal information, residences, relatives, demographics, employment, contact information.
Social networkingsites provide personal information, friends, family members, interests, photographs, videos, and activities.
Online reviews provide interests, purchases, activities and lifestyle.
User contributed information could be a blog, hobbies, opinions, and expertise.
Academic sites provide information related to education, business conferences, associations, and academic papers.
Company websites have personnel listings, backgrounds, location, duties, services, and contact information.
News sources provide topical information, reports, events, personal history, obituaries, and contact information.
Government sources provide personal information, criminal background, court activity, minutes, locations, demographics, tax records and other financial data.
Social Media Monitoring and Geofencing
Companies like Echosec, based in Victoria B.C., offers a web platform to draw what is called a “Geofence” allowing users to pinpoint a location of interest on a map and obtain information within selected parameters, then filter searches by keyword, hashtag, or username within the geofence.
Echosec’s real-time social media mapping connects virtual communities to real-world locations and gives new meaning to Geographic Information System Mapping (GIS). A powerful research tool combining GIS and OSINT.
This is becoming a popular method of analysis for retail, branding, journalism, private investigation, and finance, collecting what Echosec calls “hyperlocal insights” for better business and breaking news stories.
Google, Yahoo, Bing and other traditional link-crawling search engines do not typically access the information professionals using OSINT research techniques and resources can provide.
Embracing Geolocation
Geolocation is one of the most valuable resources used today. For example, videos and photographs shared publicly often contain information where the photographs originated.
Most of us post pictures of ourselves and our friends, tagging each other during a vacation at the beach or out on the town. A geotagged picture is a post that attaches a “geotag” which is the physical location to the post. It allows users insight to their followers, where they are, and what they are doing.
Social media and Geo-location monitoring of open-source information has been more frequently used by law enforcement and private investigators to conduct investigations. Whether a missing person investigation or background check, basic and even critical investigations can benefit from OSINT.
For example, a person is reported missing and frequently posts photographs on Snapchat, Instagram and Facebook. Investigators can access the geotags and see where the person was last and often see who they were with, allowing the investigating agency the ability to immediately expand their investigation.
Open Source Private Investigations
Many private investigators are now specializing in open-source intelligence and social media investigations, referred to as Social Media Intelligence (SOCMINT). While much of the information is available publicly, there are many reasons why an individual would choose to hire a private investigator.
Private investigators have become experts in the field of open-source intelligence investigations.
Simply, private investigators know how to search, where to search and what to search for, making hiring a private investigator a more efficient choice. Private investigators know if the information is online, in a state repository, library or the courthouse.
Information that can be obtained includes but is not limited to the following:
Voter registration
Bankruptcy records
Corporate records
Property records
Probate records
Divorce records
Marriage records
Court records
Criminal records
Due diligence
Business information
Financial information
Whether a private individual or a business, obtaining the right information often leads the investigation in a specific direction. Private investigators of today are the next-generation of private intelligence providing services such as:
Fraud Investigations
Competitive Intelligence
Counterintelligence
Intelligence Collection
Internet Investigations
Email Tracing
IP Investigations
Financial Investigations
Asset Investigations
Pre-investment Investigations
Difficult to locate
Missing Persons
Background Investigations
Knowing when to use a private investigation firm can help hasten an investigation. The service of these firms can make life easier because it requires more than just knowing how to use the Internet. And when all resources are exhausted, a good old “gum shoe” detective can investigate – boots on the ground.
Protecting Your Business with OSINT
Thomas Lauth of Lauth Investigations International uses his nearly 20 years experience working with both private and business sectors. “Open-souce Intelligence or OSINT isn’t a common term used in the business world; however, I can assure you it is a dynamic method of information gathering for businesses in this day and age,” said Lauth.
(Open-source intelligence is being used more frequently to protect company’s information.)
The importance of OSINT is business can’t be exaggerated. It is a matter of gathering intelligence from publicly available sources and analyzing that information for connections and actionable intelligence that would not be normally publicized. In fact, there may be information about your own company available publicly that can make it easier for someone who is considered an “insider threat” or conducting a social engineering campaign to obtain proprietary or damaging information.
“Conducting periodic OSINT for your business, assessing the risks, and addressing vulnerabilities can save a company from failure,” add Lauth. “It is a recommended and necessary action item for all successful businesses.”
OSINT is contained in company websites, reviews, Google searches, along with newspapers, geo-location data within images, company reports and other publicly available data. Often overlooked is social media. Companies and employees often provide more information to hackers or “insider threats” than realized.
Criminals can exploit easily obtained information to conduct scams or a social engineering campaign against a business. In fact, criminals use OSINT too – only for their own devious purposes.
To exploit weak links, criminals or “black hats” can spend weeks, even months researching employee email addresses, current projects, employees that manage money and monitor their social media. They will even study the way employees communicate with each other, gathering the information to create convincing phishing scams and social engineering attacks.
The information collected to conduct these criminal activities is not obtained by hacking into the company, it is obtained by gathering publicly available information.
“The trick is to stay one step ahead of the criminals,” said Lauth. “When working with clients, we ensure we identify vulnerabilities and the process is conducted effectively, efficiently and confidentially.”
The bottom line, by exercising due diligence, using OSINT, and reviewing your own publicly available information, you can protect yourself and your company.
By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Rita Gutierrez-Garcia missing since March 17, 2018 from Longmont, Colorado.
It was St. Patrick’s Day, March 17, 2018, a mother of three boys vanished into thin air in Longmont, Colorado. Rita Gutierrez-Garcia went out to celebrate with friends and family in the evening.
The group went bar hopping to the Speakeasy located at 301 West Main Street and the Breaker’s Grill located at 380 Main Street. Rita was last seen in an alley behind 3’s bar talking on her phone at approximately 2:30 a.m.
Deputy Chief Jeff Satur of Longmont Police Department said Rita was overheard telling someone on the phone she would get a ride from “someone else.” Authorities also say there were as many as seven or eight potential witnesses behind the bar that evening.
“Our old standby of tracking the phone is not working for us,” said Satur. “But we are working our very hardest to find Rita.”
Rita is a mother of three young boys, ages 9, 13, and 18, and described by family as a bubbly and busy mom, who is just one college semester away from becoming a paralegal. Something she has worked very hard for.
Satur told Fox 31, “As you can imagine, everybody is concerned,” he said. “This is unusual behavior.”
Police have asked for anyone who may have seen Rita that evening, to call them immediately.
Connection to Beating Victim Dismissed
Longmont Police Department was investigating the possible connection between a young man found with head trauma and the disappearance of Rita. Tyler Bullock was found at the same location eight days after Rita disappeared, at approximately 2:30 a.m.
Tyler Bullock was found unconscious five days after Rita Gutierrez-Garcia’s disappearance in the same area.
According to Tyler’s sister Kristal Beecher, Tyler was in the intensive care unit for head trauma due to bleeding on his brain. Tyler was found behind the bar unresponsive due to serious head injuries. He is now recovering.
“There is zero connection. I just need to stress there are no suspects in my case. It’s really just a matter of the specific block in Longmont needing better security systems, more cops on busy nights, and cameras, maybe undercovers,” said Tyler, still recovering from the traumatic experience.
The Search
On March 24, 2018, Longmont Police divers searched a pond at Golden Ponds Parks southwest of Hover Street and Third Avenue but did not find anything. Golden Ponds is a network of ponds and walking paths. Police, Longmont Emergency Unit, and Longmont Fire Department searched from approximately 9 a.m. to 4 p.m. Canines were also used in the search.
Police diverssearching area of Golden Ponds inLongmont, Colorado. Courtesy of Daily Camera.
Deputy Chief Satur declined to answer what they were searching for. “We were looking for evidence,” Satur said. “That’s all I can say.”
Police are treating the disappearance as a missing person case and “suspicious disappearance.”
“We will continue to work all leads and go from there,” Satur said. “We are going to continue working until we figure out what happened.”
Police have been working long hours in the search for Rita, and rotating staff to ensure fresh eyes are involved in the investigation.
Mom and Sister Plead for Help at Press Conference
Prior to Rita’s disappearance, she was very active on Snapchat but has not posted since her disappearance. This worries her family.
Diane Romero and Jessica Romero please for the public’s help in the search for Rita Gutierrez-Garcia.
“I love you,” said Rita’s mother Diane Romero at a press conference organized by Longmont Police Department on March 22, 2018. Holding a picture of her daughter, “I need you here,” she said.
Rita’s sister Jessica Romero tearfully told reporters, “She’s my older sister and I’ve never had to go a day without her in my entire life,” said Romero.
Family and Friends Hold Vigil
Family and friends of Rita held a prayer vigil on March 25th at Longmont’s Thompson Park. There, they offered comfort to each other and covered a tree with ribbons of different colors and cards with prayers for her safe return.
“I know they are doing all they can do to help us,” Romero said about police investigators. “They are doing a lot to bring Rita home.”
Rita’s sister Jessica said, “I’m trying not to break down.” Rita’s three sons are staying with her and she is trying to be strong for them. “It’s been nerve-wracking just trying to remember to breathe.”
Pastor Choutka, the pastor at the Rocky Mountain Christian Church’s Niwot campus, asked people attending the vigil to gather around the family, asking God to give Rita’s mother strength and help the investigators.
“By the powerful name of Jesus, we do ask for a miracle, that she be found safe and sound,” Choutka said to those who gathered at the park to pray.
Rumors and speculation of what happened to Rita have circulated and the family is trying to protect the young boys and cousins. “We are trying to keep them strong,” Diane Romero said.
Rita was last seen wearing a black long-sleeved shirt with black leggings. She has tattoos on both arms, as well as on her shoulder and on her feet.
Sleeve tattoo with eye and wave design on Rita Gutierrez-Garcia’s arm.
Anyone with information about the disappearance of Rita Gutierrez-Garcia should contact the Longmont Police Department 303-651-8501.
Millions of people are visiting our beautiful national parks each year. They travel from one side of the continent to the other to see the breathtaking tall Sequoia trees on the west coast to the pristine beaches of South Carolina on the east coast.
Attendance numbers at national parks have set record highs in the last few years. According to Los Angeles Times, Death Valley, Joshua Tree, Sequoia and Yosemite national parks reported setting attendance records during 2016, with all parks reporting a 330.97 million people visiting our recreational parks – and hundreds, maybe thousands, of those people are now missing.
Shoshone National Forest: Amy Wroe Bechtel
It was 21-years ago, on the afternoon of July 24, 1997, Amy Wroe Bechtel, 24, began her run outside of Lander, Wyoming, training for the 2000 Olympic Marathon she had hoped to qualify for. She never returned.
Wyoming is called “America’s biggest small town” and Lander is an outdoor enthusiast hub, where climbers gravitate to the unique geological formations in Sinks Canyon within the Shoshone National Forest.
Shoshone National Forest in Wyoming is a climber’s paradise.
Sinks Canyon is part of a magnificent ecosystem stretching from sagebrush and juniper covered foothills, through conifer forests, aspen meadows to the alpine habitat in mid-central Wyoming.
Amy vanished while running along Loop Road, a route that includes Sinks Canyon Road and runs the Popo Agie River approximately 15 miles south of Lander. Her car was found by her neighbors, Todd Skinner and Amy Whisler, parked at Burnt Gulch where Amy was marking her 10K hill climb she was planning for the fall. When Amy had not returned by evening, her neighbors got into their car and headed for the gravel road of switchbacks ascending to Loop Road. At approximately 1:00 a.m., they find Amy’s white Toyota Tercel wagon parked on the side of the road where Loop Road splits to the pine-shrouded Burnt Gulch turnoff.
The weather during July is mild with days averaging 85 degrees and evenings about 54 degrees. There had been rain in the afternoon. Puddles of water surrounded the vehicle. Todd and Amy look for footprints or tire tracks but see nothing. Only Amy’s sunglasses, her keys in the driver’s seat and a to-do list were found in the car. Her green “Eagle” wallet was missing. Panicked, Todd calls Amy’s husband Steve Bechtel.
The search for Amy began early the following morning with her husband Steve and about a dozen of his friends. By day’s end, dogs, dirt bikes, ATVs, and over 100 volunteers had joined the search. The following day, horses and helicopters began searching the rugged terrain. By the third day, police expanded the search to a 30-mile radius.
As with most missing person cases, or missing wives, police turn toward the husband. In this case, Steve Bechtel. A move that, 20 years later, appears totally unwarranted and limited the search with tunnel vision, the enemy of any investigation.
Amy and Steve both graduated from the University of Wyoming with degrees in exercise physiology. They had been married a little over a year.
Steve was a climber. He and Amy both worked at Wild Iris, the local climbing shop. Amy taught a youth weightlifting class at Wind River Fitness Center and worked part-time at the Sweetwater Grill.
By all appearances, Amy and Steve were the bubbly, happy newlyweds and had just bought their first home in Lander, with a population of 7,000.
Police searched Steve’s journals and acquaintances gave conflicting statements about their relationship. Some described them as idyllic, while others stated Steve was often jealous and belittling.
The FBI would make accusations Steve killed his wife. A claim current detectives disagree.
Steve had an alibi backed up by a fellow climber. At the time, he had been about 75 miles from his home in Lander. He met with his friend Sam Lightner and Bechtel’s yellow lab Jonz and rode north to Cartridge Creek area of Shoshone National Forest to scout for a climbing location.
According to a Runner’s World article, “Long Gone Girl,” Fremont County Sheriff’s cold case detective Sergeant John Zerga disagrees with the way the case was handled in 1997. “Nowadays everything is viewed as a homicide. Back then it wasn’t viewed that way. She was just a missing runner. For three days,” Zerga said. “We didn’t close off any routes out of here,” Zerga continues. “We didn’t close off any vehicles. All we had was a bunch of people up here looking for a missing runner. We actually ruined the investigation with the vehicle because we allowed the Skinners to drive it home. [The investigation] was not good for at least the first three days. There was a lot of stuff lost.”
While all eyes had been on Steve, it wouldn’t be until over a decade later when the brother of Dale Wayne Eaton, 57, would talk to police. He had tried to contact law enforcement earlier but no response.
“I think our detectives who were working the case were so adamant it was Steve, they weren’t looking in other directions.” said Sergeant Zerga. Fifteen years after Amy vanished, Zerga spoke to Eaton’s brother who told him Eaton would often camp in the area Amy had vanished. “Few camped in the area, and few outside of Lander even knew about the area” Zerga added. “If we could prove Dale was in the area, that puts him as the number one lead.”
Eaton had tried to abduct a family pulled over with car trouble. After his arrest for the attempted kidnapping, he escaped and was later found by authorities in the Shoshone National Forest. He was incarcerated and required to submit a DNA sample.
In 1988 Lisa Marie Kimmel vanished on a trip from Colorado to Billings, Montana. Fourteen years later DNA would be linked to Eaton. An autopsy would determine Kimmel had been beaten, bound and raped for at least six days, then taken to the Old Government Bridge where she was hit on the head with a blunt object, stabbed six times in the chest and abdomen, then thrown into the river.
Police searched Eaton’s property about one hour away from where Kimmel was last seen alive. They excavated a spot on the property and unearthed Kimmel’s Honda CRX bearing her license plate “LIL MISS.”
Eaton was sentenced to death on March 20, 2004, for Kimmel’s kidnapping, rape, and murder. As for Amy, Eaton had remained tight-lipped but as with everything, justice has a way of coming around.
Anyone with information should call the Fremont County Sheriff’s Office at 307-332-5611.
Coconino National Forest: David Barclay Miller
The Red Rock-Secret Mountain Wilderness is a collection of buttes, cliff, and canyons known as one of the most magnificent places on the planet. The red rock cliffs of the Mogollon Rim mark the edge of the Colorado Plateau in the Coconino National Forest. Sycamore Canyon Wilderness borders on the east, the high mesas of Secret Mountain and Wilson Mountain jut out into lower canyons as deep as 1,500 feet draining out into Oak Creek and the Verde River.
Sedona Red Rocks is one of the most popular traveler’s destinations in the world.
Red is the predominant hue in the 43,950 acres. It is a 360-degree view of wind and water sculpted pinnacles, arches, windows and slot canyons. It is a place where sound bounces back and forth, almost in a musical chorus.
Trails crisscross the area taking one from the deepest gorges to protuberant panoramas overlooking the beauty. There is rock art on the walls from the area’s early inhabitants, along with abandoned dwellings high in the canyon walls.
The area draws hikers, photographers, backpackers, and horseback riders from around the world to wander among the manzanitas and red rocks.
An experienced hiker, David Miller, 22, was last seen at the Beaver Creek Ranger Station preparing to leave on a two-day hike on May 19, 1998, in the Red Rock/Secret Mountain Wilderness area.
At the time of his disappearance, David was employed by the Sedona Forest Service. The weather would have been mild with days reaching 83 degrees and nights about 51 degrees.
David was last seen wearing a T-shirt, black hiking boots, and carrying a forest green Gregory backpack.
It is thought David may have fallen on slippery terrain or became lost. Anyone with information should call Yavapai County Sheriff’s Office at 520-771-3260.
Salmon-Challis National Forest: DeOrr Kunz
It has been nearly two years since 2-year old DeOrr Kunz vanished on July 10, 2015, while on a camping trip at the Timber Creek Campground in the beautiful mountains of Idaho.
DeOrr’s father, Vernal DeOrr Kunz, mother Jessica Mitchell and grandfather Robert Walton, along with Isaac Reinwand, Walton’s friend and fishing buddy, had set up camp in the remote wilderness of the Salmon-Challis National forest.
The Salmon-Challis National Forest contains over 4.3 million acres in east-central Idaho. The Frank Church River of No Return Wilderness area takes up 1.3 million acres, the largest contiguous wilderness area in the Continental United States.
Salmon-Challis National Park is not only breathtaking, it is a rugged and remote area in the state of Idaho.
The area is remote, rugged and draws those seeking adventure, solitude and breathtaking scenery. The scenic Salmon River area is popular for fishing, hunting, and white-water rafting.
The winter weather in Salmon-Challis can be brutal, but in July averages 85 degrees during the day and 52 overnight.
The day of DeOrr’s disappearance, Kunz and Mitchell said they took their son to the general store for snacks and supplies. Upon their return, they walked down an embankment to scout a place to fish. Within minutes, they found minnows and quickly turned back to get DeOrr so he could see them and found he was not in his chair and was not with his grandfather. There has been about a 7 to 10-minute gap where DeOrr was not supervised. Panicked, they searched the surrounding campsite and could not find the little boy. They called the police.
DeOrr Kunz
Within three hours, authorities from the Lemhi County Sheriff’s Office quickly responded and began swarming a two-mile radius with search and rescue crews using ATVs to search the landscape and divers scouring the nearby reservoir.
For two-days, approximately two hundred volunteers responded, searching the wilderness for a tiny toddler to no avail.
“At this point, I have kind of accepted I might not see him, I might not bring him home like I want to,” Mitchell said. “Any answers are better than what we have now.”
Two years later, there is little else to go on. In a KTVB interview, Mitchell says she believes her son is still alive but admits she is losing hope.
Impossible to move on without answers, Mitchell and her husband are named suspects in the disappearance of their son by former Lemhi County sheriff, Lynn Bowerman. A common response for law enforcement is to look closely at all family members. They both maintain their innocence. No arrests or charges have ever been filed.
There is no evidence DeOrr was attacked by an animal. Investigators remain baffled.
Mitchell and her family believe someone abducted DeOrr. She has returned to the campground several times to search but to her frustration has not found anything. “Every time I leave there, and there is still nothing, it just goes back to I think someone has him,” Mitchell said.
Trina Clegg, Mitchell’s mother has spearheaded the search for little DeOrr handing out business cards and flyers with age-progression photos of what DeOrr would look like today.
“In my opinion, he could be anywhere,” Clegg said. “We just want you to care about baby DeOrr. We want you at night to say your prayers for baby DeOrr. We want you to wake up in the morning and hope he’s there,” she added.
Anyone with information about DeOrr’s disappearance should contact Lemhi County Sheriff’s Office at 208-756-8980.
Rio Grande National Forest: Joe Keller
Joseph Keller, 19, was an adventurous young man from Cleveland, Tennessee. He was spending his summer with friends Collin Gwaltney and Christian Fetzner exploring the west between his freshman and sophomore years at Cleveland State Community College. They had visited San Francisco, Las Vegas, and the Grand Canyon on their way to Joe’s aunt and uncles dude ranch, The Rainbow Trout Ranch, in the San Juan Mountains of Colorado.
Rated as one of the top fly-fishing ranches in the country, it is based in southwestern Colorado, with private angling along the Conejos River, a tributary to the Rio Grande flowing right through the property.
Rainbow Trout Ranch is nestled in the San Juan Mountains with the Rio Grande running through the property.
The young men were in for a treat visiting a place that combines the splendor of the Rocky Mountains with the enchantment of New Mexico.
About four hours south of Denver, the Rio Grande National Forest surrounds the ranch with 1.83 million acres and is considered a jewel of Colorado. The Continental Divide runs 236 miles along most of the forest and the tops of the Sangre de Christo Mountains form the eastern border. In between, sits the spectacular San Luis Valley which is a large agricultural alpine valley. This majestic sprawling land is the last place you want to get lost.
Joe was a competitive runner and obstacle course racer. His friend Collin, a varsity cross-country runner. They had been spending time running together during their travels.
Neither was used to the high elevations, the ranch sitting at approximately 9,000 feet.
It was July 23, 2015, they had planned an hourlong run along Forest Road 250 that crosses the ranch into the national forest, following the Conejos River upstream.
Joe left shirtless, wearing only red running shorts, blue trail shoes, and his Ironman watch. At 4:30 p.m., the friends started out together, but Joe soon fell behind as he was the slower runner.
Collin’s GPS watch shows him turning off Forest Road 250 onto the ranch drive that snakes up behind the lodge. The run became a scramble, so Collin headed back toward the road and upstream. A fly-fisherman spotted Collin about 2.5 miles up the road but never saw Joe. Collin finished his run and began puking due to the high altitude.
Joe never returned.
When Joe didn’t show up for dinner, Collin and Christian drove up the road honking, while ranch hands and guests hiked up the rocks toward a mountain formation called “Faith” towering above the valley. By 9:30 p.m., there were 35 people out searching for Joe.
Sheriff Howard Galvez of the Conejos County Sheriff Department, along with two deputies, arrived about midnight and began assisting the other searchers.
Joe’s parents were notified, leaving their home in Tennessee, along with their 17-year old daughter to travel to the ranch; they were there in less than 24 hours. It was now Joe’s birthday.
Search efforts were upgraded with about 200 people on foot, horseback and ATVs and about 15 canines. The family posted a $10,000 reward for information. Dressed only in shorts, Joe was not prepared for the evenings in the San Juan Mountains, where it is about 62 degrees during the day, down to only 30 degrees at night.
Helicopters and even an infrared-equipped plane was used to search for Joe.
The response to Joe’s disappearance was swift, the resources used in the search for Joe are unmatched by most searches for missing persons, but after a week most volunteers had gone home and after 13 days, the official search stopped. The family left with questions and desperation.
Following is a roller-coaster of emotions, anger, and theories.
May 2016, the search resumed with approximately 30 volunteers, drones and 11 dogs from Colorado Forensic Canines. The search was organized by the Jon Francis Foundation, a Minnesota nonprofit specializing in wilderness search and support. Still no sign of Joe.
An Outside Online article, “How 1,600 People Went Missing from Our Public Lands Without a Trace,” talked to Neal Keller, Joe’s father. “For a lost person, the response is limited to five days on average. There needs to be a plan for applying resources for a little bit longer.”
The Keller family hired two private investigators whose efforts were fruitless.
Nearly a year later, Neal Keller was traveling back and forth from Tennessee to Conejos County, searching for his son every minute he could.
On July 6th, John Reinstra, 54, a former offensive lineman for the Pittsburgh Steelers, an endurance runner and search and rescue hobbyist, located Joe’s body in a boulder field below a cliff. His body 1.7 miles northwest of the ranch.
Rio Grande and Rainbow Trout area of Colorado. Courtesy Jon Billman Outside Online.
Soon after Joe’s disappearance, Gwaltney told Tennessee’s WTVC-TV , “We went running on a forestry road that was pretty well maintained,” he said. “It was gravel and pretty flat, with a few curves. But if you ran off the road, there were pretty steep places.”
Joe is found, and his family now has answers. He is no longer a missing person in a gray area of estimates with limited resources and minimal government attention.
Extensive searches failed to find him 1.7 miles away. The initial search didn’t last long enough.
Government doesn’t keep track of missing on federalland
Experts believe the public would be concerned and alarmed if they knew how many people simply vanish, never to be seen again, while visiting national parks.
According to the FBI National Crime Information Center, there are currently 86,190 active missing person cases in the United States.
The federal government does not track the number of missing persons in national parks, but experts believe about 1,600 individuals mysteriously vanish each year while visiting parks throughout the United States. While many reported missing are found, it is estimated hundreds remain missing.
Many are found, but many are never to be seen again, leaving families suffering the trauma of ambiguous loss – not knowing. Families who have experienced this say knowing your loved one is dead is easier than the “not knowing” what happened.
Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Penetration testing, intrusion testing and red teaming are some of the terms used for ethical hacking.
The word “hacking” almost always has negative connotations. It seems the mention of Chinese hacking, Russian hacking, or DNC hacking receives constant mention in our 24-hour news cycle.
Ethical hacking is also referred to as penetration testing, intrusion testing and red teaming, coined by the government during the 1970’s when they first hired ethical hackers to break into the United States government’s computer systems to test for vulnerabilities.
It is estimated “hackers” cost the United States more than $445 billion annually.
In a Fortune article “Data Breaches Now Cost $4 Million on Average,” according to IBM’s security division, the cost of a breach per incident has risen to $4 million, up 29% since 2013. “We’re now in a mode where these attacks are going to happen even to people that are well prepared,” said Caleb Barlow, a vice president at IBM Security.
Hackers cost the US government and corporations billions annually.
According to Fortune, hackers and cybercriminals cause most breaches, and more than half of data exposures are caused by malicious attacks; the rest are caused by mistakes or glitches.
Ethical hacking is a growing profession utilized by the United States government, technology companies and other institutions.
In the field, experts refer to three major types of hackers:
White Hats: Security professionals or “ethical hackers” who use their expertise to strengthen a network and secure it from criminals.
Black Hats: Malicious hackers or “crackers” who use their skills for malevolent purposes. White hats work to protect computer structures from the Black Hats.
Gray Hats:Iindividuals who become white or black hats depending upon the circumstances and generally proclaim being an ethical hacker.
Many large corporations, such as IBM, employ teams of ethical hackers to keep their IT systems secure.
Why Ethical Hacking is Important
With every breach reported in the media, the need for more effective information security is becoming increasingly evident.
New technologies such as cloud computing, IT outsourcing, and enterprises must adjust their security practices and policies to combat the threat of malicious hacking. To combat threats, ethical hacking is rapidly gaining attention as an essential security practice to be performed on a regular basis.
“The increased sophistication and success rate for recent cyber-attacks is directly related to the shift in the attacker profile, indicating that nation-states and large criminal organizations are funding well organized, highly motivated, and well-trained teams of programmers,” said Chris Rodriguez, Analyst for Frost and Sullivan. “The elevated threat landscape therefor, urgently dictates the need for a comprehensive, real-world assessment of an organization’s security posture,” said Rodriguez.
Ethical hacking provides objective analysis of an organization’s security stance for organizations of any size. Ethical hacking has become a mainstream service, as companies of all sizes pursue expert, objective, third -party analysis.
What is an Ethical Hacker?
Ethical hacking is an ambiguous term used to describe hacking performed by an individual or organization to help penetrate or gain access to identifying potential threats on a computer or a network infrastructure. In short, ethical hackers are simply computer programmers who use their skills in a constructive manner.
Ethical hackers can attempt to bypass security systems to isolate weak points malicious hackers could exploit. In the effort to eliminate or reduce potential criminal hacks, the information gained by the ethical hacker is then used by the company to make improvements to security.
Some may say there is no such thing as an “ethical” hacker. Simply “hacking is hacking” but the most notable hackers are known publicly as cybercriminals or computer criminals because of the damage they inflict on companies and individuals nationwide.
A highly publicized hacking incident where personal information is compromised can damage a company or organization for years.
A cybersecurity professional can have a range of expertise, anywhere from maintenance, administration, architecture, forensic investigation of secure networked systems that are increasingly necessary for the sake of operation of businesses, nonprofits, governments and medical, and educational institutions.
Even training is offered by the International Council for E-Commerce Consultants (EC-Council). The Certified Ethical Hacker (CEH) exam is made up of approximately 125 multiple choice questions and costs about $500 with additional IT certifications available. Training is entirely voluntary.
Ethics
For hacking to be ethical, a hacker must abide by the following informal rules:
Permission to access the network to identify potential security threats.
Respect individual’s right to privacy.
Treat all data, material, and findings as confidential.
Ethics play a vital role in hacking and differentiating innocent activities from computer crimes. Hacking is ethical if the skills are used to enhance a network system. But the issue of ethics can be very risky when one does not know a person’s motivations. With no formal code of ethics or code of honor, this void creates external forces to determine how to respond when ethical predicaments arise.
An ethical hacker will ensure the client’s IT system is properly evaluated for security issues and vulnerabilities, while protecting sensitive, personal and confidential or proprietary information. While accessing an organization’s system, the respected ethical hacker’s integrity will guide the actions of the ethical hacker.
Security Risks
While ethical hacking presents advantages to increase security to protect IT systems and assets, any organization implementing ethical hacking must consider any negative impacts that may arise from the practice.
An ethical hacker is typically contracted to hack the organization’s system. Hiring outside is usually preferred to start from scratch and simulate potential external hacks.
While there is an advantage of ethical hacking because it supports the organization’s efforts to gain more knowledge about the IT Security by identifying vulnerabilities, the main disadvantage is it presents risks of information disclosure. An outsider could intentionally or unintentionally disclose a company’s proprietary information to outside parties.
A dark side always is present where dishonest people will attempt to exploit others. Some risks of working with ethical hackers include:
The ethical hacker using their skills to conduct malicious hacking activities.
Massive security breaches.
Potential the ethical hacker will place malicious code, malware, viruses or other potentially damaging things on a computer system.
Allowing company’s financial, banking, or other proprietary information will be accessed.
Working with an Ethical Hacker
The benefits of working with an ethical hacker are obvious; however, many are overlooked, ranging from simply preventing malicious hacking to preventing national security breaches.
Before implementing any ethical hacking, an organization must ensure the ethical hacker understands the nature of the client’s business, computer or network system. This will help guide the ethical hacker in handling any sensitive confidential or proprietary information they may encounter.
The leadership in a company or organization must determine the sensitivity or confidentiality of the information involved. This will help ensure the ethical hacker does not violate laws, rules or regulations in handling sensitive personal, financial or proprietary information.
There are several guidelines to use when working with an ethical hacker:
An ethical hacker should create a plan including: identifying all networks and components they will test; detail testing intervals; detail testing process.
Require transparency while working with an ethical hacker, requiring all relevant information be reported while the system or network is being accessed. Transparency ensures the client to make immediate decisions and take necessary actions to maintain the security of the system or network.
Establish target areas with written work agreements requiring the ethical hacker not to work beyond those parameters to minimize exposure of sensitive information. The ethical hacker should not access other areas on the computer or networks not specified in the agreement.
Developing a non-disclosure agreement may be in order prior to contracting with an ethical hacker.
Legal Risks
There are legal risks to include lawsuits involving disclosure of personal and confidential information possibly leading to a legal battle involving the organization and the hacker if the work is not done properly. Also, if the hacker makes errors compromising the IT network or company security, it is possible to negatively impact the organization’s general operations and profitability.
With cyberspace growing exponentially over the last decade, complex legal issues have led to the birth of a highly specialized branch of law. Cyber Law or Internet Law pertains to Internet and computer technology related offenses, especially copyright infringement and fraud that involve computers, software, hardware, and information systems (IS).
The Information and Technology Act, 2000 (IT Act) covers all types of cyber-crime, including hacking as provided under sections 43 and 66 which covers negligence and computer-related offenses.
Cyber Law prevents or reduces large-scale damage from cybercriminal activities by protecting information access, communications, privacy and intellectual property.
Ethical hacking is rapidly gaining attention as an essential business practice. Regardless of risks, companies large and small benefit from the work of ethical hackers by protecting a company’s most valuable data and protecting their bottom line.
Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
When we think of a spy, given the national news cycle, it may conjure up thoughts of Russians or the Chinese who have been long known for hacking and espionage. However, even more common, but much less talked about, is the business mole, and almost every business in America is susceptible.
Every business sector is vulnerable to Corporate Espionage costing businesses billions of dollars per year.
April 10, 2011, Joseph Muto was hired to work for the top-rated “O’Reilly Factor” but within 3 days, he was discovered by Fox employees to be anonymously writing for Gawker. In the span of 72 hours, Muto wrote a series of articles detailing the internal workings of the network, along with stealing and selling raw video clips. In 2013, he pled guilty to two misdemeanor charges and was dubbed the “Fox Mole.” He was fined $1000 and sentenced to over 200 hours community service. At sentencing, he said he wished he had never betrayed his former employer.
United States industries spend more on research and development of unique products and processes than any other country in the world. The key to success is having an “edge” in the business world. Whether a media company, software developing company or bakery, keeping an edge is key.
When someone steals those “trade secrets”, it is called economic espionage and costs American businesses billions annually. Damages can severely destabilize the victim company to include lost revenue, lost employment, lost investments, interruption in production, damaged reputation, and can even result in a company going out of business.
Corporate espionage conducted by spies or moles believe computers are irrelevant. It is about what data they want, what form they take, and how they can steal it.
The Company Man
The Federal Bureau of Investigation (FBI) states no business, large or small, is immune to the threat of moles and/or spies. Any proprietary process, product, or idea can be a target.
To raise awareness, the FBI in collaboration with the National Counterintelligence and Security Center has launched a nationwide campaign and released a short film called “The Company Man: Protecting America’s Secrets,” based on a true story. Mr. Moore is both unappreciated and unhappy with his career as an engineer at a glass insulation and fire-retardant firm. He is targeted on LinkedIn by a competitor who offers him a position in a rival firm. At first, Moore declines because he signed a non-compete. He is then offered $200,000 to obtain plans for equipment and formula for the glass insulation produced at his firm, RIS.
The FBI states many things drive a person to betray the company where they work.
Moore makes the decision to go to his current boss who then contacts the FBI who initiates a sting. A true story, there was an arrest in the case. However, this may not be the decision every employee would make – which makes every employee a liability in a 400 billion, in the dark. underbelly of America’s global economy.
Spotting Insider Threats
What drives a mole? The FBI states company moles are often “overwhelmed by life-crisis or career disappointment” driving them to leak information.
With email, cell phones, and jump drives, stealing information is far easier than in the past. Greed and financial need, unhappiness at work, the promise of a better job, drug or alcohol abuse, and/or vulnerability to blackmail, can all be contributors, says the FBI.
The FBI says employees who leak trade secrets, such as plans, customer databases, etc. will exhibit behaviors other employees can often identify to help prevent breaches.
Your employees may be the first line of protection when combatting the insider threat.
Potential Indicators:
Drastic changes in behavior, demeanor, or work habits.
Unexplained affluence.
Financial hardship.
Substance abuse.
Attempts to circumvent security procedures.
Long hours at the office without authorization.
Taking home proprietary information.
Unnecessarily copying materials.
Using an unauthorized USB drive.
Unusual use of cell phone during business hours.
Asking inappropriate questions.
Suspicious relationships with competitors.
Leaving traps to detect searches of their office.
Based on FBI’s studies, additionally, there are more subtle things to look for:
Someone hired to steal company information will be experienced in the operation of a business and will be able to identify the value of your company’s trade secrets.
Corporate spies are everyone’s friend. To gain access to a company in order to steal information, a mole will be socially adept with the ability to manipulate people to gain their trust.
Individuals who are frequently wandering or talking in locations they do not need to be to complete their job. Someone who reflects a pattern will always have a reasonable excuse as to why they are not in the correct area or talking to specific employees.
Employees who keep trying to re-open decisions already settled and question advisability of decisions.
They act envious.
Vulnerabilities – Getting Access
Once inside, a mole has a lot of ways to access sensitive information. Spies can even work in pairs, possibly one as a consultant and the other an employee. When you have valuable information, never underestimate the methods others will use to gain access to it.
Spying can be as easy as photocopying papers found on unattended desks or at printers. Walking into an empty meeting room with a laptop and pulling data off the network.
A common ploy is pretending to be an employee. Another ploy often used, posing as IT personnel because it enables the individual to look legitimate while accessing network access points and sitting at someone’s computer. In other cases, spies have posed as cleaning staff, gaining access after-hours.
Criminals capitalize on the common assumption if you are in the building, you must be okay. Investing in your company’s staff to raise awareness is the best investment a company can make.
According to InfoWorld, Peter Wood, Chief of Operations at First Base Technologies, a U.K. based consultant firm performing ethical hacking services, “Spies are interested in anything from financial data to intellectual property and customer data. They might steal information for blackmail purposes, but the most common motive for physical intrusion is industrial espionage.”
Wood says the most common way to intrude upon a company is posing as an employee or a visitor, even creating convincing costumes to pose as a legitimate visitor such as telephone, electrical or maintenance person, a burglar alarm inspector, even someone from the fire department.
Protecting Your Trade Secrets
The FBI lists several ways to protect your workplace from insider threats.
Recognize the threat.
Identify and value trade secrets.
Implement a definable plan for safeguarding trade secrets.
Secure physical trade secrets and limit access to trade secrets.
Provide ongoing security training to employees.
Use protective tools such as screensavers with password controls.
Classify information and store accordingly.
Secure the workplace so visitors do not have access without security screening.
Encrypt data and require strong passwords for employees with liberal access rights.
Develop an insider threat program.
Proactively report suspicious incidents to the FBI before your proprietary information is irreversibly compromised.
Ask the FBI or other security professionals for additional awareness training.
At times, companies are hesitant to report such activity for fear they will risk their trade secrets being disclosed in court or compromised in any way. The FBI will do all it can to minimize business disruption, safeguard data and privacy, and will seek protective orders to preserve business confidentiality and sensitive information. The Department of Justice also has a variety of protections in place to ensure information is protected during a criminal prosecution.
Amy and Steve both graduated from the University of Wyoming with degrees in exercise physiology. They had been married a little over a year.
An experienced hiker, David Miller, 22, was last seen at the Beaver Creek Ranger Station preparing to leave on a two-day hike on May 19, 1998, in the Red Rock/Secret Mountain Wilderness area.
Joe left shirtless, wearing only red running shorts, blue trail shoes, and his Ironman watch. At 4:30 p.m., the friends started out together, but Joe soon fell behind as he was the slower runner.
Some may say there is no such thing as an “ethical” hacker. Simply “hacking is hacking” but the most notable hackers are known publicly as cybercriminals or computer criminals because of the damage they inflict on companies and individuals nationwide.
