A pointless digital jigsaw - Digital Threat Digest

Feeding the name of a new criminal to the online OSINT community is like waving a red rag to a bull. There’s an immediate scramble to be the first to find every piece of information out there on the target, and present it back in a nice network graph (bonus points if you’re using your own network graph product and the whole thing is a thinly veiled advert for why your Ghunt code wrap with its purple-backlit-round-edged-dynamic-element CSS is better than everyone else’s). This heap of information is then dumped somewhere (anywhere) and generally left at that.

It most often happens when there’s a prominent disclosure on someone from the cybercrime / IO world—it happened two months ago when the US Dept of Justice indicted Konstantin Kalashnikov for his efforts on behalf of the Russian state, it happened two weeks ago when the US charged five members of Scattered Spider, but, and this is where we vary from cybercrime, it also happened two days ago when we learned than the alleged shooter of the United Healthcare CEO was named Luigi Mangione.

The first problem that we run into is that information is now widely available on basically every person in the world, but that information is not intelligence. The second problem is that the resultant wall of information is increasingly ascribed significance by politically motivated individuals seeking to infer meaning from every event that takes place.

That means that for a good chunk of the political right, this guy has to be a radical leftist intent on instilling socialist healthcare provision in the US; that’s why he shot the healthcare CEO, and that’s why our datapoint of his Goodreads account shows he read Das Kapital. For a good chunk of the political left, this guy has to be a radical right-winger intent on inciting violence in the streets; that’s why he shot the healthcare CEO, and that’s why his Steam account shows he placed Wolfenstein for eleven hours in 2022. For the minority still in the political centre, he can be a tech accelerationist (he starred Peter Thiel’s Zero to One on his Amazon wishlist), an anti-industrialist lunatic (he made his book club read Ted Kaczynski’s manifesto), or an ideological eco-warrior seeking to counter human harm (he gave Dr Seuss’s The Lorax five stars on Goodreads).

Finding tens of disparate points of information and posting them in a thread where you conclude that Mangione’s motivation aligns with the opposite end of the political spectrum to you (and funnily enough, 80% of your YouTube audience), is not analysis. 352,938 people have left a rating for The Lorax on Goodreads since the site launched in 2007; only one of them seems to have shot a CEO in the last fortnight.

More about Protection Group International's Digital Investigations

Our Digital Investigations Analysts combine modern exploitative technology with deep human analytical expertise that covers the social media platforms themselves and the behaviours and the intents of those who use them. Our experienced analyst team have a deep understanding of how various threat groups use social media and follow a three-pronged approach focused on content, behaviour and infrastructure to assess and substantiate threat landscapes.

Disclaimer: Protection Group International does not endorse any of the linked content.