On Friday the 11th of October I participated in the first ‘large scale’ crowdsourced open source intelligence gathering of its kind in Australia for missing persons. The AustCyber Canberra Innovation Node partnered with the Australian Federal Police, the National Missing Persons Coordination Centre and Trace Labs to conduct a missing person capture the flag (CTF) event (aka Hackathon). The event saw the gathering of ethical hackers and investigators using online investigative techniques within the bounds of the law to find new leads on real missing persons cases in Australia.
As a contestant I used my cyber skills to gather open source intelligence (OSINT) on long-term and current missing persons using only information that is publicly available on the internet. The goal of this is to generate new leads on cases that can provide assistance to the relevant Australian policing jurisdictions in their investigations.
The event has been modelled against 20 successful missing persons hackathons run by the not-for-profit organisation Trace Labs in partnership with various security conferences, universities, and community organisations within the USA, Canada, UK, and Australia. Over 300+ ethical hackers participated in 12 cities around Australia. To find leads on 12 actual missing people from all over Australia. My team comprised 4 people James, Michael, Hendrik and myself in team Adelaide-TBC.
Whilst we did not win, we did have a lot to offer and even though the competition ended we still offered up all the information that we did not get the opportunity to submit during the competition, on our 12 missing people. The winners “Team SaaB” from Adelaide, the table next to us. They did a fantastic effort as did all the teams.
On a personal note one of my submissions was voted “Most Creative” where using my programmer background I pulled apart website source code to reveal several paypal accounts that had previously been unknown to the police as a possible finance lead. Being my first ever Hackathon, well suffice it to say I was very chuffed with my efforts and the support and congrats from my team mates (who also did an Awesome job) and the InfoSec community in general.
For a noob the support has been amazing!
