Intelligence in Business (OSINT)

Intelligence in Business (OSINT)

By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations

Open-source intelligence (OSINT) is the collection of data from publicly available sources to be used in the context of intelligence. Within the intelligence world, the term “open” refers to overt, meaning sources available publicly, opposed to clandestine or covert sources.

OSINT is not a new concept. It has been in use for decades. However, with the arrival of instant communication and fast information transmission, a significant amount of predictive and actionable intelligence can now be obtained from unclassified public sources.

OSINT should not be confused with public intelligence or open-source software.

The U.S. Director of National Intelligence and the U.S. Department of Defense (DOD) define OSINT as information produced from publicly available information collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.

In short, open source acquisition involves procuring written, verbal or electronically transmitted material that can be obtained legally without any type of clandestine collection techniques.

Background of OSINT

OSINT’s originates with the pre-Central Intelligence Agency (CIA). The formation of the 1941 Foreign Broadcast Monitoring Service (FBMS) was born during World War II and evolved into the 1967 Foreign Broadcast Intelligence Service (FBIS), the predecessor of the Open Source Center of today.

Acquired by the CIA in 1947, FBIS emerged as the only recognized service organization trained and equipped to monitor and process foreign broadcasts for the benefit of all government agencies needing the service.

Coverage worldwide, to the extent it exists today, was beyond the dreams of those who lived in that era.

In 2005, following the 9/11 attacks, the Director of National Intelligence Agency, Porter J. Goss, announced the creation of the DNI Open Source Center. The Center is designed to collect information available from databases, radio, television, video, geospatial data, photographs and commercial imagery.

OSINT Information Flow Categories

  • Media to include newspapers, obituaries, magazines, television, and radio worldwide.
  • Internet includes, but not limited to, online publications, discussion groups, blogs, citizen video (user created content and video), Facebook, YouTube, Twitter and other social media websites.
  • Commercial Data includes commercial imagery, industrial and financial assessments and databases.
  • Grey Literature: patents, working papers, business and corporate documents, newsletters, technical papers, and unpublished works.
  • Professional and Academic publications obtained through journals, symposia, academic papers, journals, theses, and dissertations.
  • Public Government Data: telephone directories, press conferences, websites, speeches, budgets, hearings and other public government reports.

There are various disciplines of OSINT and the methods and applications are almost endless.

The New OSINT

Ten years ago, open source information was scarce; however, in recent years OSINT has taken on an entirely new meaning.

Back in the day, people were primarily found by searching a phone book. Today, people are increasingly comfortable with sharing their personal information and a treasure trove of information for those who want it.

social network flowchart

 

According to Statistica, it is estimated there will be 2.77 billion social network users around the globe in 2019. Social media has become an excellent and consistent source of information.

While, decades ago the problem was shortage of open source information, the biggest difficulty now, is filtering through an overabundance of information.

Some examples of OSINT resources are:

  • Internet directories containing personal information, residences, relatives, demographics, employment, contact information.
  • Social networking sites provide personal information, friends, family members, interests, photographs, videos, and activities.
  • Online reviews provide interests, purchases, activities and lifestyle.
  • User contributed information could be a blog, hobbies, opinions, and expertise.
  • Academic sites provide information related to education, business conferences, associations, and academic papers.
  • Company websites have personnel listings, backgrounds, location, duties, services, and contact information.
  • News sources provide topical information, reports, events, personal history, obituaries, and contact information.
  • Government sources provide personal information, criminal background, court activity, minutes, locations, demographics, tax records and other financial data.

Social Media Monitoring and Geofencing

Companies like Echosec, based in Victoria B.C., offers a web platform to draw what is called a “Geofence” allowing users to pinpoint a location of interest on a map and obtain information within selected parameters, then filter searches by keyword, hashtag, or username within the geofence.

Geofencing

Echosec’s real-time social media mapping connects virtual communities to real-world locations and gives new meaning to Geographic Information System Mapping (GIS). A powerful research tool combining GIS and OSINT.

 

This is becoming a popular method of analysis for retail, branding, journalism, private investigation, and finance, collecting what Echosec calls “hyperlocal insights” for better business and breaking news stories.

Google, Yahoo, Bing and other traditional link-crawling search engines do not typically access the information professionals using OSINT research techniques and resources can provide.

Embracing Geolocation

Geolocation is one of the most valuable resources used today. For example, videos and photographs shared publicly often contain information where the photographs originated.

Texting

Most of us post pictures of ourselves and our friends, tagging each other during a vacation at the beach or out on the town. A geotagged picture is a post that attaches a “geotag” which is the physical location to the post. It allows users insight to their followers, where they are, and what they are doing.

Social media and Geo-location monitoring of open-source information has been more frequently used by law enforcement and private investigators to conduct investigations. Whether a missing person investigation or background check, basic and even critical investigations can benefit from OSINT.

For example, a person is reported missing and frequently posts photographs on Snapchat, Instagram and Facebook. Investigators can access the geotags and see where the person was last and often see who they were with, allowing the investigating agency the ability to immediately expand their investigation.

Open Source Private Investigations

Many private investigators are now specializing in open-source intelligence and social media investigations, referred to as Social Media Intelligence (SOCMINT). While much of the information is available publicly, there are many reasons why an individual would choose to hire a private investigator.

Private investigators have become experts in the field of open-source intelligence investigations.

Private investigators have become experts in the field of open-source intelligence investigations.

Simply, private investigators know how to search, where to search and what to search for, making hiring a private investigator a more efficient choice. Private investigators know if the information is online, in a state repository, library or the courthouse.

Information that can be obtained includes but is not limited to the following:

  • Voter registration
  • Bankruptcy records
  • Corporate records
  • Property records
  • Probate records
  • Divorce records
  • Marriage records
  • Court records
  • Criminal records
  • Due diligence
  • Business information
  • Financial information

Whether a private individual or a business, obtaining the right information often leads the investigation in a specific direction. Private investigators of today are the next-generation of private intelligence providing services such as:

  • Fraud Investigations
  • Competitive Intelligence
  • Counterintelligence
  • Intelligence Collection
  • Internet Investigations
  • Email Tracing
  • IP Investigations
  • Financial Investigations
  • Asset Investigations
  • Pre-investment Investigations
  • Difficult to locate
  • Missing Persons
  • Background Investigations

Knowing when to use a private investigation firm can help hasten an investigation. The service of these firms can make life easier because it requires more than just knowing how to use the Internet. And when all resources are exhausted, a good old “gum shoe” detective can investigate – boots on the ground.

Protecting Your Business with OSINT

Thomas Lauth of Lauth Investigations International uses his nearly 20 years experience working with both private and business sectors. “Open-souce Intelligence or OSINT isn’t a common term used in the business world; however, I can assure you it is a dynamic method of information gathering for businesses in this day and age,” said Lauth.

(Open-source intelligence is being used more frequently to protect company’s information.)

The importance of OSINT is business can’t be exaggerated. It is a matter of gathering intelligence from publicly available sources and analyzing that information for connections and actionable intelligence that would not be normally publicized. In fact, there may be information about your own company available publicly that can make it easier for someone who is considered an “insider threat” or conducting a social engineering campaign to obtain proprietary or damaging information.

“Conducting periodic OSINT for your business, assessing the risks, and addressing vulnerabilities can save a company from failure,” add Lauth. “It is a recommended and necessary action item for all successful businesses.”

OSINT is contained in company websites, reviews, Google searches, along with newspapers, geo-location data within images, company reports and other publicly available data. Often overlooked is social media. Companies and employees often provide more information to hackers or “insider threats” than realized.

Criminals can exploit easily obtained information to conduct scams or a social engineering campaign against a business. In fact, criminals use OSINT too – only for their own devious purposes.

To exploit weak links, criminals or “black hats” can spend weeks, even months researching employee email addresses, current projects, employees that manage money and monitor their social media. They will even study the way employees communicate with each other, gathering the information to create convincing phishing scams and social engineering attacks.

The information collected to conduct these criminal activities is not obtained by hacking into the company, it is obtained by gathering publicly available information.

“The trick is to stay one step ahead of the criminals,” said Lauth. “When working with clients, we ensure we identify vulnerabilities and the process is conducted effectively, efficiently and confidentially.”

The bottom line, by exercising due diligence, using OSINT, and reviewing your own publicly available information, you can protect yourself and your company.

 

CAN HACKING BE ETHICAL?

CAN HACKING BE ETHICAL?

Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations

(Penetration testing, intrusion testing and red teaming are some of the terms used for ethical hacking.

Penetration testing, intrusion testing and red teaming are some of the terms used for ethical hacking.

The word “hacking” almost always has negative connotations. It seems the mention of Chinese hacking, Russian hacking, or DNC hacking receives constant mention in our 24-hour news cycle.

Ethical hacking is also referred to as penetration testing, intrusion testing and red teaming, coined by the government during the 1970’s when they first hired ethical hackers to break into the United States government’s computer systems to test for vulnerabilities.

It is estimated “hackers” cost the United States more than $445 billion annually.

In a Fortune article “Data Breaches Now Cost $4 Million on Average,” according to IBM’s security division, the cost of a breach per incident has risen to $4 million, up 29% since 2013. “We’re now in a mode where these attacks are going to happen even to people that are well prepared,” said Caleb Barlow, a vice president at IBM Security.

Hackers cost the US government and corporations billions annually.

Hackers cost the US government and corporations billions annually.

According to Fortune, hackers and cybercriminals cause most breaches, and more than half of data exposures are caused by malicious attacks; the rest are caused by mistakes or glitches.

Ethical hacking is a growing profession utilized by the United States government, technology companies and other institutions.

In the field, experts refer to three major types of hackers:

  • White Hats: Security professionals or “ethical hackers” who use their expertise to strengthen a network and secure it from criminals.
  • Black Hats: Malicious hackers or “crackers” who use their skills for malevolent purposes. White hats work to protect computer structures from the Black Hats.
  • Gray Hats:Iindividuals who become white or black hats depending upon the circumstances and generally proclaim being an ethical hacker.

Many large corporations, such as IBM, employ teams of ethical hackers to keep their IT systems secure.

Why Ethical Hacking is Important

With every breach reported in the media, the need for more effective information security is becoming increasingly evident.

New technologies such as cloud computing, IT outsourcing, and enterprises must adjust their security practices and policies to combat the threat of malicious hacking. To combat threats, ethical hacking is rapidly gaining attention as an essential security practice to be performed on a regular basis.

In a public white paper entitled, “The Importance of Ethical Hacking: Emerging Threats Emphasize the Need for Holistic Treatment,” by Frost & Sullivan, it discusses top technical concerns and the role of ethical hacking in an enterprise architecture.

“The increased sophistication and success rate for recent cyber-attacks is directly related to the shift in the attacker profile, indicating that nation-states and large criminal organizations are funding well organized, highly motivated, and well-trained teams of programmers,” said Chris Rodriguez, Analyst for Frost and Sullivan. “The elevated threat landscape therefor, urgently dictates the need for a comprehensive, real-world assessment of an organization’s security posture,” said Rodriguez.

Ethical hacking provides objective analysis of an organization’s security stance for organizations of any size. Ethical hacking has become a mainstream service, as companies of all sizes pursue expert, objective, third -party analysis.

What is an Ethical Hacker?

Ethical hacking is an ambiguous term used to describe hacking performed by an individual or organization to help penetrate or gain access to identifying potential threats on a computer or a network infrastructure. In short, ethical hackers are simply computer programmers who use their skills in a constructive manner.

Ethical hackers can attempt to bypass security systems to isolate weak points malicious hackers could exploit. In the effort to eliminate or reduce potential criminal hacks, the information gained by the ethical hacker is then used by the company to make improvements to security.

Hacking LockSome may say there is no such thing as an “ethical” hacker. Simply “hacking is hacking” but the most notable hackers are known publicly as cybercriminals or computer criminals because of the damage they inflict on companies and individuals nationwide.

A highly publicized hacking incident where personal information is compromised can damage a company or organization for years.

A cybersecurity professional can have a range of expertise, anywhere from maintenance, administration, architecture, forensic investigation of secure networked systems that are increasingly necessary for the sake of operation of businesses, nonprofits, governments and medical, and educational institutions.

Even training is offered by the International Council for E-Commerce Consultants (EC-Council). The Certified Ethical Hacker (CEH) exam is made up of approximately 125 multiple choice questions and costs about $500 with additional IT certifications available. Training is entirely voluntary.

Ethics

For hacking to be ethical, a hacker must abide by the following informal rules:

  • Permission to access the network to identify potential security threats.
  • Respect individual’s right to privacy.
  • Treat all data, material, and findings as confidential.

Ethics play a vital role in hacking and differentiating innocent activities from computer crimes. Hacking is ethical if the skills are used to enhance a network system. But the issue of ethics can be very risky when one does not know a person’s motivations. With no formal code of ethics or code of honor, this void creates external forces to determine how to respond when ethical predicaments arise.

An ethical hacker will ensure the client’s IT system is properly evaluated for security issues and vulnerabilities, while protecting sensitive, personal and confidential or proprietary information. While accessing an organization’s system, the respected ethical hacker’s integrity will guide the actions of the ethical hacker.

Security Risks

While ethical hacking presents advantages to increase security to protect IT systems and assets, any organization implementing ethical hacking must consider any negative impacts that may arise from the practice.

An ethical hacker is typically contracted to hack the organization’s system. Hiring outside is usually preferred to start from scratch and simulate potential external hacks.

While there is an advantage of ethical hacking because it supports the organization’s efforts to gain more knowledge about the IT Security by identifying vulnerabilities, the main disadvantage is it presents risks of information disclosure. An outsider could intentionally or unintentionally disclose a company’s proprietary information to outside parties.

A dark side always is present where dishonest people will attempt to exploit others. Some risks of working with ethical hackers include:

  • The ethical hacker using their skills to conduct malicious hacking activities.
  • Massive security breaches.
  • Potential the ethical hacker will place malicious code, malware, viruses or other potentially damaging things on a computer system.
  • Allowing company’s financial, banking, or other proprietary information will be accessed.

Working with an Ethical Hacker

Ethical Hacker

The benefits of working with an ethical hacker are obvious; however, many are overlooked, ranging from simply preventing malicious hacking to preventing national security breaches.

Before implementing any ethical hacking, an organization must ensure the ethical hacker understands the nature of the client’s business, computer or network system. This will help guide the ethical hacker in handling any sensitive confidential or proprietary information they may encounter.

The leadership in a company or organization must determine the sensitivity or confidentiality of the information involved. This will help ensure the ethical hacker does not violate laws, rules or regulations in handling sensitive personal, financial or proprietary information.

There are several guidelines to use when working with an ethical hacker:

  1. An ethical hacker should create a plan including: identifying all networks and components they will test; detail testing intervals; detail testing process.
  2. Require transparency while working with an ethical hacker, requiring all relevant information be reported while the system or network is being accessed. Transparency ensures the client to make immediate decisions and take necessary actions to maintain the security of the system or network.
  3. Establish target areas with written work agreements requiring the ethical hacker not to work beyond those parameters to minimize exposure of sensitive information. The ethical hacker should not access other areas on the computer or networks not specified in the agreement.
  4. Developing a non-disclosure agreement may be in order prior to contracting with an ethical hacker.

Legal Risks

There are legal risks to include lawsuits involving disclosure of personal and confidential information possibly leading to a legal battle involving the organization and the hacker if the work is not done properly. Also, if the hacker makes errors compromising the IT network or company security, it is possible to negatively impact the organization’s general operations and profitability.

With cyberspace growing exponentially over the last decade, complex legal issues have led to the birth of a highly specialized branch of law.  Cyber Law or Internet Law pertains to Internet and computer technology related offenses, especially copyright infringement and fraud that involve computers, software, hardware, and information systems (IS).

The Information and Technology Act, 2000 (IT Act) covers all types of cyber-crime, including hacking as provided under sections 43 and 66 which covers negligence and computer-related offenses.

Cyber Law prevents or reduces large-scale damage from cybercriminal activities by protecting information access, communications, privacy and intellectual property.

Ethical hacking is rapidly gaining attention as an essential business practice. Regardless of risks, companies large and small benefit from the work of ethical hackers by protecting a company’s most valuable data and protecting their bottom line.

 

 

MOLES IN THE WORKPLACE

MOLES IN THE WORKPLACE

Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations

When we think of a spy, given the national news cycle, it may conjure up thoughts of Russians or the Chinese who have been long known for hacking and espionage. However, even more common, but much less talked about, is the business mole, and almost every business in America is susceptible.

Every business sector is vulnerable to Corporate Espionage and cost American businesses billions of dollars per year.

Every business sector is vulnerable to Corporate Espionage costing businesses billions of dollars per year.

April 10, 2011, Joseph Muto was hired to work for the top-rated “O’Reilly Factor” but within 3 days, he was discovered by Fox employees to be anonymously writing for Gawker. In the span of 72 hours, Muto wrote a series of articles detailing the internal workings of the network, along with stealing and selling raw video clips. In 2013, he pled guilty to two misdemeanor charges and was dubbed the “Fox Mole.” He was fined $1000 and sentenced to over 200 hours community service. At sentencing, he said he wished he had never betrayed his former employer.

United States industries spend more on research and development of unique products and processes than any other country in the world. The key to success is having an “edge” in the business world. Whether a media company, software developing company or bakery, keeping an edge is key.

When someone steals those “trade secrets”, it is called economic espionage and costs American businesses billions annually. Damages can severely destabilize the victim company to include lost revenue, lost employment, lost investments, interruption in production, damaged reputation, and can even result in a company going out of business.

Corporate espionage conducted by spies or moles believe computers are irrelevant. It is about what data they want, what form they take, and how they can steal it.

The Company Man

The Federal Bureau of Investigation (FBI) states no business, large or small, is immune to the threat of moles and/or spies. Any proprietary process, product, or idea can be a target.

To raise awareness, the FBI in collaboration with the National Counterintelligence and Security Center has launched a nationwide campaign and released a short film called “The Company Man: Protecting America’s Secrets,” based on a true story. Mr. Moore is both unappreciated and unhappy with his career as an engineer at a glass insulation and fire-retardant firm. He is targeted on LinkedIn by a competitor who offers him a position in a rival firm. At first, Moore declines because he signed a non-compete. He is then offered $200,000 to obtain plans for equipment and formula for the glass insulation produced at his firm, RIS.

The FBI states many things drive a person to betray the company where they work.

The FBI states many things drive a person to betray the company where they work.

Moore makes the decision to go to his current boss who then contacts the FBI who initiates a sting. A true story, there was an arrest in the case. However, this may not be the decision every employee would make – which makes every employee a liability in a 400 billion, in the dark. underbelly of America’s global economy.

Spotting Insider Threats

What drives a mole? The FBI states company moles are often “overwhelmed by life-crisis or career disappointment” driving them to leak information.

With email, cell phones, and jump drives, stealing information is far easier than in the past. Greed and financial need, unhappiness at work, the promise of a better job, drug or alcohol abuse, and/or vulnerability to blackmail, can all be contributors, says the FBI.

listener

The FBI says employees who leak trade secrets, such as plans, customer databases, etc. will exhibit behaviors other employees can often identify to help prevent breaches.

Your employees may be the first line of protection when combatting the insider threat.

 

 

Potential Indicators:

  • Drastic changes in behavior, demeanor, or work habits.
  • Unexplained affluence.
  • Financial hardship.
  • Substance abuse.
  • Attempts to circumvent security procedures.
  • Long hours at the office without authorization.
  • Taking home proprietary information.
  • Unnecessarily copying materials.
  • Using an unauthorized USB drive.
  • Unusual use of cell phone during business hours.
  • Asking inappropriate questions.
  • Suspicious relationships with competitors.
  • Leaving traps to detect searches of their office.

Based on FBI’s studies, additionally, there are more subtle things to look for:

  • Someone hired to steal company information will be experienced in the operation of a business and will be able to identify the value of your company’s trade secrets.
  • Corporate spies are everyone’s friend. To gain access to a company in order to steal information, a mole will be socially adept with the ability to manipulate people to gain their trust.
  • Individuals who are frequently wandering or talking in locations they do not need to be to complete their job. Someone who reflects a pattern will always have a reasonable excuse as to why they are not in the correct area or talking to specific employees.
  • Employees who keep trying to re-open decisions already settled and question advisability of decisions.
  • They act envious.

Vulnerabilities – Getting Access

Once inside, a mole has a lot of ways to access sensitive information. Spies can even work in pairs, possibly one as a consultant and the other an employee. When you have valuable information, never underestimate the methods others will use to gain access to it.

Spying can be as easy as photocopying papers found on unattended desks or at printers. Walking into an empty meeting room with a laptop and pulling data off the network.

A common ploy is pretending to be an employee. Another ploy often used, posing as IT personnel because it enables the individual to look legitimate while accessing network access points and sitting at someone’s computer. In other cases, spies have posed as cleaning staff, gaining access after-hours.

Criminals capitalize on the common assumption if you are in the building, you must be okay. Investing in your company’s staff to raise awareness is the best investment a company can make.

According to InfoWorld, Peter Wood, Chief of Operations at First Base Technologies, a U.K. based consultant firm performing ethical hacking services, “Spies are interested in anything from financial data to intellectual property and customer data. They might steal information for blackmail purposes, but the most common motive for physical intrusion is industrial espionage.”

Wood says the most common way to intrude upon a company is posing as an employee or a visitor, even creating convincing costumes to pose as a legitimate visitor such as telephone, electrical or maintenance person, a burglar alarm inspector, even someone from the fire department.

Protecting Your Trade Secrets

The FBI lists several ways to protect your workplace from insider threats.

  • Recognize the threat.
  • Identify and value trade secrets.
  • Implement a definable plan for safeguarding trade secrets.
  • Secure physical trade secrets and limit access to trade secrets.
  • Provide ongoing security training to employees.
  • Use protective tools such as screensavers with password controls.
  • Classify information and store accordingly.
  • Secure the workplace so visitors do not have access without security screening.
  • Encrypt data and require strong passwords for employees with liberal access rights.
  • Develop an insider threat program.
  • Proactively report suspicious incidents to the FBI before your proprietary information is irreversibly compromised.
  • Ask the FBI or other security professionals for additional awareness training.

At times, companies are hesitant to report such activity for fear they will risk their trade secrets being disclosed in court or compromised in any way. The FBI will do all it can to minimize business disruption, safeguard data and privacy, and will seek protective orders to preserve business confidentiality and sensitive information. The Department of Justice also has a variety of protections in place to ensure information is protected during a criminal prosecution.

 

TITLE IX INVESTIGATIONS AND SEXUAL MISCONDUCT

TITLE IX INVESTIGATIONS AND SEXUAL MISCONDUCT

By: Kym Pasqualini, Feature Writer for Lauth Investigations

Scandals can arise anywhere, especially in the workplace, and schools are especially vulnerable. Allegations of sexual misconduct, assault and other accusations violating workplace compliance and law, have severe civil and criminal liability.

We have all heard about sports-related and college scandals, and the newly and highly publicized accusations against Harvey Weinstein that seemingly were permitted to go on for years without anyone acting. These situations can create not only a media frenzy, social media ubiquity and significant liability within a company.  How complaints are handled can affect an institution’s reputation for years.

Institutional leadership has a moral, ethical and legal obligation to protect students and employees.

Institutional leadership has a moral, ethical and legal obligation to protect students and employees.

Most importantly, it is the responsibility of an institution to protect their students and employees, and the leadership has a legal, moral and ethical obligation to do so.

An institution’s investigative process, in response to sexual assault or misconduct, needs to be geared toward determining what happened without having preconceived notions of the outcome. The process should be consistently applied, clearly documented, and show the steps followed in achieving the conclusion.

Maintaining a record of this process and the findings is critical to minimizing risk should there be a consequent lawsuit or investigation by an outside entity.

Title IX

President Richard M. Nixon signed Title IX Educational Amendments of 1972 as a comprehensive federal law prohibiting discrimination on the basis of sex in any federally funded education program or activity. In addition, protecting employees and students from sexual misconduct.

Sexual assault and misconduct investigations not meeting legal standards are increasingly resulting in very costly claims. Ensuring Title IX compliance is the best way to minimize risk.

In a 2011, “Dear Colleague” letter (DCL) was issued by the U.S. Department of Education’s Office for Civil Rights (OCR). According to the letter, investigations must be:

  1. Prompt – The DCL defines the meaning of “prompt” as conducting an investigation within 60 days, acknowledging more complex cases may require more time. 
  1. Thorough – OCR mandates a case must be “thorough” and the investigation must be conducted in good faith. The employer must have legal grounds to believe the employee participated in misconduct before any disciplinary action is taken.
Courts expect a thorough and adequate investigation in all sexual assault and misconduct cases.

Courts expect a thorough and adequate investigation in all sexual assault and misconduct cases.

Courts do not focus on whether the employer made the right conclusion but instead, examine the determining process used to ensure the investigation was adequately thorough. For example, analyzing the type and number of interviews conducted, confidentially of the interviews, were they handwritten or recorded and how. The court also notes if the investigator asked non-leading, open-ended questions; encouraged witnesses to clarify or correct testimony; or challenged information provided by witnesses.

Small mistakes may not damage an investigation; however, a case could be considered inadequate simply on the pretense an individual lacked prior experience investigating sexual harassment cases or failed to adequately explore the allegations.

  1. Impartial – It is necessary to remain impartial. For example, the person who made the complaint should not be a supervisor over the individual investigating the complaint. A qualified investigator should always be used to investigate sexual assault and harassment complaints, one who can remain objective and has no stake in the outcome of the case.

There are two recommended models of investigation to be conducted by a trained investigator understanding of the evidence needed to sustain or disprove allegations.

What Are The Numbers?

The Chronicle of Higher Education (CHE) tracks federal investigations of colleges for potential violations of the gender-equity law Title IX involving alleged sexual violence. According to CHE, as of January 10, 2018, there were 337 sexual violence cases under investigation at 243 postsecondary institutions.

A campus investigation differs from a police investigation; however, both can occur at the same time. It just depends on where the victim reports the assault. A victim may feel more comfortable going to campus police than law enforcement for fear they may be doubted or blamed, especially in cases of rape by an acquaintance. Though advocates fear victims being discouraged from coming forward, in several states, lawmakers are now proposing colleges be required to notify law enforcement.

Pre-Investigation

In this model, the investigator meets individually with both parties and witnesses prior to any hearing and provides the information to a panel or hearing official. The goal is to maximize the information obtained during the interview process by questioning parties and witnesses privately to minimize stress for the participants, while also protecting testimony.

Prior-Hearing Investigative Process

The other common model, the investigation is part of the hearing process where an official panel or hearing official questions witnesses, hears testimony, reviews documents and evidence, and makes a conclusion.

While this model may work well for some institutions, it tends to be viewed as adversarial and may affect the overall reliability of the case.

According to United Education’s EduRisk program, while it is the institution’s responsibility to investigate alleged sexual assaults or harassment, and decide if discipline is warranted, this model can inappropriately burden the parties to present their cases by identifying witnesses and evidence for school officials to consider. In addition, most school officials are not trained investigators or private detectives with experience working with such sensitive circumstances.

Proper Documentation

Writing ImageThe institution has the responsibility to properly document its investigation of any sexual misconduct allegation to provide a reliable record of all evidence the findings are based. This is especially critical when an allegation may appear meritless on the surface.

Though courts do not favor one method of documenting interviews, ideally, in addition to a final report, an investigator should provide a summarization of evidence, assessment of credibility of witnesses interviewed, and contain only factual conclusions.

Policies and Procedures

Given the importance of sexual assault and other misconduct allegations, it is necessary to have the appropriate policy and procedures to demonstrate the institution’s commitment to the safety of its employees and students, help prevent avoidable crises and support an efficient and effective response.

It is vital to understand when an investigation is warranted, and the purpose of the investigations, to include planning and organizing.

Every institution or company should have policies in place specifically addressing suspected misconduct to help respond reasonably with guidance as to how staff should respond and recommended to utilize experts to help identify vulnerabilities that may exist in an institutions current policies and procedure.

What a Federal Investigation Entails

To most onlookers, the federal investigation process of an institution is opaque. The OCR informs a college it is under investigation and informs whether it is based upon a compliance review or complaint. When it is a complaint, typically, the complainant’s information is not made available.

Federal officials require a great deal of information, such as policies, training material, investigative reports, interviews, incident reports, hearing documents. They will visit the campus to meet with both students and employees as well.

Some OCR investigations can conclude quietly, with an “administrative closure,” “early complaint resolution,” or “insufficient evidence.” Other investigations can result is a letter of findings, not seen until the conclusion, along with a “negotiated resolution agreement” that details policies and procedures a college must change or adopt. To comply, these often require implementing or expanding training programs for faculty, students, and staff, along with modifying policy and procedure.

Investigations are getting tougher. The OCR will likely monitor the college’s progress for years to come.

The best way to avoid investigative, policy and procedure pitfalls is to respond appropriately the first time using a professional investigative agency or experienced private investigator.

Fair and Independent Investigations

Lauth Investigations Sexual Harassment Division is headed by founder Thomas Lauth who has extensive experience investigating sexual misconduct.

One thing has become abundantly clear, after watching the numerous news stories covering sexual assault and harassment, is remaining mindful of the sensitivities involved in such an investigation, making it necessary to address each client’s needs. In addition, a rapid response,  both thorough and professional, is necessary so as not to cause more harm.

Sexual assault and other misconduct has serious psychological consequences on the victim. Lauth Investigations professionally conducts sensitive internal investigations related to sexual assault and misconduct with utmost integrity. Our private investigators take great care to develop facts, determine credibility, and reach findings with objectivity and independence, while also exercising discretion and sensitivity.

During an investigation, Lauth Investigations expert private investigators will interview the complainant and witnesses, examine relevant documents, obtain written statements, medical records, email and other communication. At conclusion, a confidential report is delivered to include finding and recommendations that adhere to court and panel oversight.

Title IX investigations differ from a law enforcement investigation, and critical in the initial phase to ensure evidence is preserved, whether it be physical evidence, video surveillance or other important aspects of a proper investigation. Lauth investigators will ensure the investigation is treated with utmost integrity so as not to compromise the investigation.

Our experts can also evaluate and provide recommendations of current policies and procedures to help strengthen the response to sexual assault and misconduct.

 

 

OLYMPUS DIGITAL CAMERAThomas Lauth

Investigations Division

Email: tlauth.investigations@gmail.com

Tel: 317.951.1100

Snapchat Murders: Not a Cold Case

Snapchat Murders: Not a Cold Case

By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations

On February 13, 2017, best friends Abigail “Abby” Williams, 13, and Liberty “Libby” German, 14, planned to go hiking near the beautiful area of Monon High Bridge Trail, east of their small town of Delphi, Indiana.

Libby German and Abby Williams, Best Friends

Libby German and Abby Williams, Best Friends

At approximately 1:45 p.m. that afternoon, a family member dropped them off at the abandoned bridge where they planned to hike. It was agreed they would meet their family back in the same location later in the afternoon.  They both had the day off school, it was an unseasonably warm winter day, and Abby Abby and Libby shared a special friendship. They both loved hiking, taking photographs of flowers and trees, and adventuring the scenic trails about a mile east of their home.

Libby posted, this now haunting photo, while atop Indiana’s second highest bridge on her Snapchat at 2: 07 p.m. This was the last post anyone would see the two girls alive.

Photograph Libby German posted on Snapchat of Abby Williams walking on the Monon High Bridge, Dephi, IN.

Photograph Libby posted on Snapchat of Abby  walking on the Monon High Bridge, Dephi, IN.

When the girls did not show up at the agreed upon the location as planned, the family reported the girls missing to Delphi Police Department and the local sheriff. Immediately police and firefighters were dispatched to canvas the area.

Over 100 searchers responded to the area. Arial searches began utilizing the remaining daylight hours. Later the same evening, authorities began trying to “ping” the girl’s phones, with no success. The sheriff stated he felt the girl’s phones were either turned off or the batteries had gone dead.

Police searching for Abby and Libby in the area surrounding Monon High Bridge and Deer Creek trails.

Police searching for Abby and Libby in the area surrounding Monon High Bridge and Deer Creek trails.

At approximately midnight, the search was called off, though volunteers continued searching throughout the night. The search resumed the following morning along Deer Creek and farther out from the trail. Searchers prayed the girls had simply been lost but soon those hopes were dashed. Approximately one mile from where the two young girls vanished, searchers found two bodies on a piece of private property along Deer Creek, north of the bridge.

February 14, 2017, at approximately 1:50 p.m., Sheriff Leazenby, Delphi Police Chief Steve Mullins and Indiana State Police (ISP) representative Kim Riley held a joint press conference to announce two bodies were found during the search for Abby and Libby, stating the bodies had yet to be identified.

February 15, 2017, 2:33 p.m., authorities held another press conference and announced the bodies had been identified as Liberty German and Abigail Williams.

A community was heartbroken. Children were terrified, and parents held their children closer.

Haunting Images and Audio Found on Libby’s Phone

At the February 15th news conference, ISP proceeded to release a photo of an unidentified man walking along the Delphi Historic Trail found on the girl’s phone. Authorities announced they wanted to speak to anyone who had parked in the nearby lot or anywhere around the trail the day the girls had visited the park.

FBI names individual in photograph suspect in murder of Delphi girls.

FBI names individual in photograph suspect in murder of Delphi girls.

Five months into the investigation, ISP released a composite sketch of the man on the bridge hoping someone may recognize him and make a call.

Chilling audio of the killer’s voice Libby captured on her phone was also released generating thousands of leads.

Sketch

In an Indy Channel report, “Delphi Investigation: Why state police say Libby and Abby’s case isn’t cold,” Indiana State Police Superintendent Doug Carter says, “There’s a person out there that knows who did it. Not a hunch. They know who that person is,” said Carter. “They know that voice and they know those clothes. They know that posture. They know that stance and they know who murdered those two little girls in that quiet place.”

March 1, 2017, former Indianapolis Colts punter Pat McAfee and team owner Jim Irsay donate $97,000 to the reward fund. The reward is now $230,000 for information leading to the arrest and prosecution of the individual who murdered Abby and Libby.

In an ABC RTV6 report, “Delphi, Indiana: FBI seeks tips on behavioral changes to help catch Delphi killer,” the FBI makes a plea to the public to think back to Monday, February 13th, the day the Delphi teens went missing asking questions like, “Did someone you know make an excuse for missing an appointment?”

“Just think if you had an interaction with an individual who inexplicably canceled an appointment that you had together,” said Greg Massa of the FBI. “Or an individual called into work sick and canceled a social engagement. At the time, they gave what you thought would have been a plausible explanation. ‘My cell phone broke’ or ‘I had a flat tire on my car.’ In retrospect, (that) excuse no longer holds water,” Massa added.

Other behaviors might now be considered suspicious. It is often a seemingly inconsequential detail someone calls in that can break a case wide open.

“Did an individual travel unexpectedly?” Massa said. “Did they change their appearance? Did they shave their beard, cut their hair or change the color of their hair? Did they change the way they dress?”

Even behavioral changes occurring shortly after February 13, 2017:

  • Someone who developed a different sleep pattern
  • Started abusing drugs or alcohol
  • Has become anxious or irritable
  • Someone who has followed this case to an extreme
  • A person who has ongoing conversations about where they were February 13th
  • Someone who has visited the location where the girls were murdered
  • Someone who has taken photographs around the trail and bridge

Police say don’t ever feel bad about reporting odd behavior. It could have everything to do with finding justice for two little girls brutally murdered. It could save other children from a similar and tragic outcome. In addition, if the person is innocent, it will only take a couple minutes of their time and they will never know you were the one who made the report.

A Person of Interest Dismissed

Johnson County Sheriff’s Office sent officers to Colorado to retrieve a “person of interest” in the murders of Abby and Libby.

Daniel Nations

Daniel Nations had been arrested in Colorado for threatening hikers with a hatchet on a Colorado trail. Investigators traveled to Colorado to question Nations.

Nations was wanted on an outstanding warrant in Johnson County, Indiana for failing to register as a sex offender so authorities brought him back for further questioning in the Delphi murders.

Police have not formally named Nations as a suspect stating they have no information specifically including or excluding Nations in the killings. However, ISP has since said they are no longer actively investigating Nations as a person of interest in the case.

Memories Keep the Families Going

In “Delphi Daughters: The Untold Story of Abby and Libby”, a News 6 report, Mike Patty Libby’s grandfather states, “They didn’t leave each other’s side,” about the afternoon the two girls vanished. “I don’t know what happened out there that day, whether there was a chance or an opportunity for one to break off or split, or make a break for it or whatever but you know, I look at it as two young soldiers who covered each other’s backs, two best friends, I wouldn’t leave my best friend’s side. Neither did they.”

They both loved music. Both played the Alto Saxophone in their middle school band. They loved photography and painting, and both were signed up to play softball.

Life has changed for both families. Libby is remembered as the “baker” of the family. She loved making chocolate chips cookies. Becky Patty, Libby’s grandmother said, “She was a baker. She could throw a batch of cookies together like no other.”

Libby loved using sticky notes. She would leave sticky notes on her grandmother’s car visor. One read, “I love you! Thank you for everything you do for me and Kelsie – Libby.” She would leave sticky notes all over the house, even giving her teachers sticky notes, and always showing her appreciation for everyone around her.

Abby and Libby together

Libby German and best friend Abby Williams, loved and remembered by all who knew them.

In the aftermath of her murder, Libby’s class presented her grandparents with jars filled with “sticky note” messages from each child. A way of dealing with the loss for her classmates, and a reminder of how much she is missed.

Libby had dreamed of becoming a science teacher and loved finding cures and solving crimes, so much so, she took additional classes at Purdue University.

Like Libby, Arika Gibson, a friend of the pair said, “Abby also dreamed of doing something within forensics and police work.” For two amateur sleuths, clearly, the evidence the girls left on their cell phones was clues to their own murders.

Abby Williams’ grandparents, whom she called Mee-maw and Papaw, keep her belongings right where they were the day she disappeared. “We just can’t erase her from our lives, we just don’t want to.”  She added, “We treasure her coat hanging on the coat hook, her shoes on the shoe rack and her bedroom just the way she left it – she may have walked out the door, but she is here with us,” said Diane Erskin, Abby’s grandmother. With tears in Abby’s mother’s eyes, Anna Williams added, “Abby smiled all the time.” Her voice to a whisper, “All the time.”

Abby’s favorite thing to say was, “Is there anything I can do to help?” Always with a joyful spirit. Anna and her daughter Abby both shared a love of photography. She loved arts and crafts even knitting hat for newborns with her Aunt Maggie. She was especially good at volleyball and had planned on starting softball with Libby in the new year. Her grandfather Cliff was so excited he drove down from Michigan to take Abby out shopping to buy all new gear.

Investigation Continues at God Speed

The search for a killer has reached national proportions. Approximately 6,000 electronic billboards in 46 states have been utilized to solicit information from the public.

Billboards with information about the Delphi murders have been placed throughout the country.

Billboards with information about the Delphi murders have been placed throughout the country.

A year later, investigators have received over 30,000 tips and interviewed thousands of potential suspects.

ISP, FBI, Carroll County Sheriff and the Delphi Police Department still follow up leads and vow to solve this murder case.

Investigators have a motto, “Today is the day,” and each day at the department, the day starts out with a prayer. “As we gather together today for our work we have been assigned to, let’s pray,” as each investigator bows their head.

“Today’s the day, today is the day we are going to get closer to the end, today is the day we are going to get closer to getting justice for Abby and Libby,” said ISP First Sergeant Jerry Holeman. “We have all worked tragic cases. Nothing like this. I can’t put anything close to this case.”

Police continue to work 20 hours days, with sleepless nights, with one goal in mind. A team of hundreds of investigators continue to work the case, tracking down thousands of leads. Holeman admits it has been rough on everyone involved. Investigations can become a roller coaster ride with hopeful leads and dashed hopes when those leads are eliminated. When it gets tough, Holeman goes back to the saying, “Today is the day.”

Indiana State Police Sgt. Holeman interviewed by Alexis McAdams. Photo courtesy Alexis McAdams TV.

Indiana State Police Sgt. Holeman interviewed by Alexis McAdams. Photo courtesy Alexis McAdams TV.

“I need to be here for Abby and Libby,” says Holeman, “Because I am going to find who did this and we are going to hold them responsible for their actions.”

When Anna Williams was asked what justice will look like for her, “Justice will be that deep breath we get to take when my friend’s children are sleeping in their beds again. When people don’t worry about their children playing outside.” Williams continued, “Justice is in law enforcement. We believe in law enforcement. We believe in the FBI and everyone else that has worked on this case. That’s where justice will come from.”

Unsolved homicide posters still hang in local company’s windows. The community stands united behind Libby and Abby’s families and law enforcement still working the case.

Orange bulbs dot Delphi until the murderer of Abby and Libby is found. Source: Facebook Light Up for Abby and Libby.

Source: Facebook Light Up for Abby and Libby.

Orange bulbs light up the entire town of Delphi. The community has committed to ensuring the golden glow lights the town until the killer of Abby and Libby is caught and brought to justice.

If you have any information about the murders of Abby Williams and Libby German, please call 844-459-5786 or ABBYANDLIBBYTIP@CACOSHRF.COM.