Search & Rescue and Missing Persons’ investigations often come to a standstill due to lack of information. How can technology change that? Robert Sell will explore the answer. We will hear how crowdsourced OSINT can be successfully used by emergency services and law enforcement, providing lifesaving information to fill the gaps and bring loved ones back to their families. Robert Sell, OSINT expert and Founder, Trace Labs

1. Open Source Intelligence (OSINT)
for Emergency Services
& Missing People
Presented by: Robert Sell
robert.sell@tracelabs.org
1

2. 2
Introductions
Founder/President of Trace Labs
• Over a decade in Search Rescue
• Team Leader
• Marine Rescue Technician
• Tracker
• Over two decades in Information Technology/Security
• CISSP, CISM certified
• Critical Incident Response Team/Operations
• Global teams
Email: robert.sell@tracelabs.org
Twitter: @robertesell
Search and Rescue Operations
National Missing Persons Hackathon
Australian News

3. 3
Disclaimer
• None of the opinions or details presented here are in any way representative of any employers
(or any other entity I might participate in) from my past, present or future.
• All details presented here are for lawful use only.
• All information presented here is categorized as Public – TLP: White
• Only 30 minutes – Available to chat after on details of interest.

4. Terms
4
• Open Source Intelligence (OSINT): is the practice of collecting information from publicly available
sources (aka passive reconnaissance or zero touch recon).
• Capture the Flag (CTF): contests where hundreds of hackers and security professionals compete to
get the most “flags” for points through technical challenges. CTFs are typically hosted at large
information security conferences.
• Search & Rescue (SAR): First responders who act as an extension of paramedics once the subjects
are determined “off road” (aka back country). Tasked by law enforcement.

5. What is Trace Labs?
5
• Started in 2018, Trace Labs is a Not for Profit (NFP) organization.
• Mission is to crowd source the collection of Open Source Intelligence (OSINT) to aid in the
generation of new leads on missing persons cases.
• Trace Labs hosts Capture the Flag contests where hundreds of participants from around the
world perform OSINT on missing persons.
• These events generate huge amounts of data which is then refined into an actionable intelligence
report and given to the respective law enforcement agency to help locate those missing persons.

6. Existing CTF Environment
6
• There are hundreds of Information Security conferences around the world.
• Most of these events have a theoretical CTF with hundreds of contestants.
• All effort goes to waste once the event is over.
• Trace Labs allows the utilization of this effort to be captured for law enforcement.
• Non theoretical content is more realistic for contestants – higher value experience.

7. Trace Labs Beginnings
7
• Minimal viable product: limited prizes, rudimentary platform, untested at scale.
• First event on July, 2018 in Toronto, Canada at a hacker conference.
• 150 hackers / information security professionals showed up to participate.
• Toronto Police Services provided some cases.
• Results: 2 missing persons case reopened.
• Immediate demand from the industry for more.
• Proof of concept was a success.

8. Trace Labs Public Discovery
8
• In July, 2019 the media discovered Trace Labs.
• Free Think publishes YouTube video instantly climbs to 3 million hits. Now over 13 million.
• Interest in Trace Labs, crashed our website overnight.
• Interest by public and media continues.
• Community quickly grew to 20,000 members.
• Growth rate is approximately 15%/month.
https://youtu.be/2puBmXfi9Z0

9. Trace Labs Metrics
9
• 38 Search Party CTF events (Virtual & Onsite) from July 2018 – Present.
• 7,000+ Contestants have contributed OSINT to CTFs.
• 70,000+ unique OSINT submissions.
• 1,500+ Volunteer Judges have assisted with verification of OSINT.
• 360+ Missing Persons cases investigated.
• 25+ Law Enforcement Agencies assisted.

10. OSINT Search Party CTF
10
• Tickets for events sell out in a few hours through Eventbrite.
• Pre event training for both contestants and judges.
• Max 650 contestants.
• Teams of 1 to 4.
• 6 hour duration (flexible).
• Thousands of submissions.
• Real time leaderboard.
• Half time check in.

11. OSINT Search Party CTF
11
• Multiple categories ranging from easy to difficult with respective points.
• Volunteer judges verify team submissions in real time.
• 50 to 100 judges.
• Judges are trained prior.
• Open coms channels.
• Escalations.
• Quality control.
• System monitoring.

12. OSINT Search Party CTF
12
Category Examples
Friends Relevant friends, IDs, aliases, contact details and social media.
Employment Employer, details of employment, dates, IDs and social media.
Family Relevant family members, aliases, criminal activity and social media.
Home Address, landlord, risks in the immediate area, behaviors (ie couch surfing).
Basic Subject Info Name, alias, pictures, IDs, blog posts, dating profiles, craigslist, socials media.
Advanced Subject Info Unique identifiers (scars and tattoos), medical, hangouts, IP address, handles.
Day Last Seen Details or pictures on day last seen, intent, persons last seen with, direction.
Dark Web Any dark web activity. Often associated with human trafficking.
Location Relevant and timely information pertaining to current location.

13. Value Offering: Law Enforcement
13
• Provides a new scalable resource.
• Low risk, proven model (passive reconnaissance) to utilize convergent volunteers.
• Actionable intelligence report allows LEA to immediately know if new leads are available.
• If no new leads are found, verifies that everything that could be done, was done.
• Event provides LEA opportunity to learn OSINT and meet OSINT experts.
• Raises public awareness in the local community.

14. Value Offering: Community
14
• Low barriers to entry allow almost anyone to participate.
• Community rallies together for common goal of assisting law enforcement.
• Non theoretical means realistic experience for OSINT practitioners .
• Effort is directly helping local community, law enforcement and families of the missing persons.
• Supportive OSINT community for learning through mentoring.

15. 15
Gamification
• Gamification allows long term sustainment of interest.
• Gamers will spend unlimited time in pursuit of next level.
• Shared achievements promote effort.
• Reward multiple priorities.
• Train the trainers.
• Collectors editions for special operations.

16. Success Stories: Case Study 1
16
• Subject: 35 year old male - Toronto, Canada – Missing over 2 years.
• Friend of subject posted a YouTube video with subject in it.
• Video shows subject getting into a truck. License plate is readable.
• Law enforcement ran the plate during the CTF and received an address.
• Dispatched to address and confirmed missing person was living there.

17. Success Stories: Case Study 2
17
• Subject: Teenage girl - Florida, USA – Missing 2 months.
• Username reuse allowed discovery of account on classifieds site.
• Selling her cat to move away from Florida. Account tracked to New York area.
• Posts looking for personal driver “risky work.”
• Hidden social media account owned by subject discovered. Posts 3 weeks after missing.
• Coordinates gathered from photos. Location narrowed to 5 mile radius.

18. Success Stories: Case Study 3
18
• Subject: 21 year old girl - California, USA – Missing 6 months.
• Amazon wish list discovered from username reuse.
• Items on Amazon wish list suggest involvement in adult entertainment industry.
• Username reuse also identifies profiles on adult services websites.
• Advertisements on site are recent and after she went missing.
• The site can offer law enforcement with email, IP address, Internet provider, etc.

19. Conclusion
19
Technology has allowed us to better utilize convergent volunteers (crowdsourcing) which
can allow very cost effective scaling on demand.
However, you must:
• Set delimitators on mission borders.
• Clearly articulate delimitators, in all communications.
• Utilize community to self govern.
• Utilize gamification to power the crowdsourcing engine.
Trace Labs is a minimal viable product that proves the model has high potential.
While our focus has been on missing persons, yours could be a different area of interest.

20. Partnering with Trace Labs
20
• Start with Introductory Meeting with us to discuss process.
• Submit cold cases (or recent) for our Global Search Party event.
• Provide us with a liaison who we will send the intelligence report.
• Provide us with feedback on how to increase value.
• Regional events available (i.e. Australian Hackathon).
• Contact: robert.sell@tracelabs.org

21. Questions
&
Answers
Email: robert.sell@tracelabs.org Twitter: @robertesell
21