Liferaft Blog | Resources for Corporate Security

9 Ways to Use OSINT Tools for Sports Security

Written by Liferaft | May 24, 2023

If you work in sports security, then you might have noticed a disturbing rise of unruly fan behavior at recent events.

Police needed tear gas to disperse rioters after the Montreal Canadiens clinched their conference playoff series. Online trolls taunted black English soccer players following Britain’s defeat at the Euro Cup. And a fan interrupted the Super Bowl by running onto the field in a bright pink one-piece.

Packed arenas and stadiums signal a return to normalcy after the pandemic shutdown. But as crowds increase, so do instances of misbehavior. And rowdy fans present a serious problem for sports security teams.

Obviously, any violence jeopardizes the safety of players and fans. And interruptions to play come with costly fines from TV broadcasters. But unruly fans also damage the reputation of a league as a whole.

If there’s a chance of a riot or fight breaking out in the stands, families won’t bring their children to an event. It’s also hard to market a game to new communities when fans see racist or homophobic attacks against players.

But while rowdy fans are not necessarily a new problem, sport security teams are turning to a distinctly modern solution: open source intelligence, or OSINT.

Simply put, OSINT refers to the use of free, public sources to monitor for, identify, and investigate security threats. Such open sources include blogs, forms, and social media. And with so much content now posted online, OSINT has emerged as an increasingly important piece in a security detail’s toolkit.

After all, everyone nowadays has a smartphone in their pockets. OSINT allows you to turn fans into a second set of eyes to help safeguard a venue. All of which is essential when developing a living, up-to-date threat assessment.

In the context of sports security, OSINT can help your team spot and proactively address risks such as violent threats against players, identify accidental data security breaches, stop fraudulent ticket sales, and more.

Of course, the internet is a big place.

It’s not practical for a small detail to keep tabs on everything that happens online. Nor would many organizations have the in-house expertise needed to conduct a thorough OSINT investigation after an incident occurs.

Thankfully, a growing number of vendors have introduced OSINT tools to help in this process.

These technologies can instantly scour the web for threatening posts. And increasing levels of automation allow analysts and managers to monitor for threats even when they’re away from their desktop.

 

The takeaway for you?

Obviously, these technologies can’t replace having a physical presence in your venue. But they can allow your team to proactively anticipate threats rather than always reacting to them.

And that can go a long way towards stretching limited department budgets while keeping everyone in your organization safe.

But how can you start applying this technology in your daily operations? Let’s look at nine ways to use OSINT tools for sports security.

Learn More: 5 Cognitive Biases That Could Affect Your OSINT Investigations

1) Get Ahead of Violent Threats With Live Intelligence

The old cliche in medicine goes: an ounce of prevention is worth a pound of cure.

Of course, the same thing applies to event security. It’s far easier to proactively address a threat before an incident occurs than to respond afterwards.

Savvy security leaders, therefore, want to put themselves in the position where they never have to react to incidents at all. The gold standard is to spot and address violent threats before they represent a serious safety risk.

A violent threat against the Staples Center posted to social media, discovered by Navigator.

The NFL Minnesota Vikings provide a perfect example.

In 2013, the team was preparing for their final game at Metrodome Stadium. On social media, however, some fans had started planning to storm the field at the end of the fourth quarter.

Thankfully, officials spotted such discussions ahead of time. In response, security staffers increased the number of personnel they had on hand that evening.

This swatted the efforts by some fans to disrupt the game. And it ensured a safe event for everyone in attendance.

Elaborating on this idea, it’s not hard to imagine other scenarios that could potentially cause problems.

For instance:

  • A fan starts sending a barrage of racist messages to a visiting team’s star player on social media.
  • On an online form, hooligans from opposing teams have started planning the site of an altercation.
  • A staff member posts a picture on Facebook of a suspicious package left near the concession stands.
 

These scenarios don’t represent large security risks. At least not yet. But all of them have the potential to escalate.

If a security analyst can spot a threat early, it’s easy to direct personnel on the ground before it evolves into something more serious.

 

2) Use Geofencing to Safeguard Physical Facilities

One of the first steps required when conducting effective event security? Marking a perimeter around your venue.

You want to see everything that occurs within this area. And you need to be able to act inside this space. A geofence can help during this process. 

Simply put, a geofence represents a virtual perimeter around a real-world geographic area. And many threat intelligence tools will allow your team to monitor geo-tagged social media posts from inside these boundaries.

A geofence perimeter monitoring live social media activity on gameday around Wrigley Field in Chicago, created by Navigator.

This presents a useful feature to analysts for two reasons.

First, it allows teams to broadly monitor for a wide variety of threats in a relevant geographic area. That limits the number of irrelevant social media posts teams members have to shift through.

Second, analysts can often pinpoint the exact location of an event to within a few yards. In the event of a crisis, that makes it easier to deploy personnel to exactly where they’re needed. 

At LifeRaft, we’ve helped teams and leagues exploit geofencing techniques in a number of ways. For example:

  • Spot violent threats made against staff, fans, or players at a stadium on game day.
  • Detect trespassers lurking around your team’s training or practice facilities.
  • Identify emergency situations, such as shootings, extreme weather, or other disruptions, around the team’s hotel accommodations. 
  • Remotely monitor public events where high-profile players or staff members might be attending, such as speeches, autograph signings, or charity galas. 

 

3) Prevent Trespassing With Social Media Monitoring

Individuals trespassing at a venue has long posed a headache for security leaders.

During a game, streakers on the field or court can disrupt play. Not only do these individuals ruin the event experience for other fans. It can also cost teams dearly in fines and penalties from television broadcasters.

Off hours, anyone breaking into a venue could steal or damage equipment. They also represent a legal liability in the event a trespasser injures themselves on your organization’s property.

But here too, OSINT tools can help in addressing this problem.

Surprisingly, bad actors often broadcast their intentions and activities online. It’s not uncommon to see a potential streaker promise to disrupt an event if their post reaches a certain number of likes on social media.

A fan discussing plans to disrupt an event on social media, discovered by Navigator.


Alternatively, trespassers sometimes live stream their activities to YouTube or Facebook. It’s a popular ploy to get views and gain more subscribers.

OSINT tools allow teams to monitor for this behavior.

Such information can be useful after the fact when collecting evidence for an investigation. Or even better, anticipate and prevent a disruption before it happens.

 

 4) Survey Social Media to Prevent Accidental Security Breaches

When security pros picture a threat actor, they tend to imagine violent or malicious individuals: gunmen, rioters, trespassers.

But increasingly, the biggest threat to venue security often turns out to be ordinary fans and staffers.

People share more about their lives than ever on social media. Unfortunately, this may mean accidentally disclosing sensitive information that could compromise your organization’s security.

For instance, a journalist may publish a picture of their press credentials. That image could be used by bad actors to print a fake ID badge — thereby allowing them to gain access to secured facilities.

A journalist posting an image of their press credentials to social media, discovered by Navigator.

Fans can be a source of such headaches, too.

During the NCAA March Madness basketball tournament, for instance, people in attendance often published pictures of their tickets to social media. Those photos could be exploited by criminals to produce fraudulent passes.

To prevent this issue, the NCAA’s social media team will kindly ask fans to remove such images. Most people are happy to comply.

Unfortunately, scanning for such breaches manually represents a big time suck. 

Even worse, the responsibility of detecting and responding to such posts often falls on the marketing department. They are, after all, the employees conducting much of the social media listening activities in most organizations.

But OSINT tools allow you to automate this process. Often this is as simple as setting up a search query looking for keywords such as ‘got my tickets’ or ‘first day at work.’

After this initial setup, your team members can quickly spot and address such posts.

 

5) Stop Illegal Streaming with Deep and Dark Web Monitoring

Each year, millions of people cancel their cable subscriptions and switch to online streaming services. COVID has accelerated this trend.

Unfortunately, online services have fewer live sport options than their cable counterparts. So as digital audiences grow, so does the use of illegal streams and torrents.

A recent survey conducted by Ampere Analysis found 51% of sport fans use illegal sites to stream games. And over a quarter of those that use illegal services pay pirates to access this content.

As you might have guessed, every dollar that goes to criminals comes straight out of the pockets of the leagues and teams that produce this content. Thankfully, OSINT tools help sport security teams combat piracy online.

As in the case with accidental breaches, this is often accomplished by setting up a keyword search query. Users might scan for phrases like ‘streaming,’ ‘download,’ or ‘free,’ alongside the name of their league and team.

A list of illegal streaming services and torrents, discovered by Navigator.

During live events, these queries will frequently detect links to illegal streaming services on sites like Reddit, Twitch, YouTube, and Telegram.

More advanced vendor software may reveal similar pirate content hosts on the dark web or paste sites.

 

6) Protect Players Even When They’re Away From Your Venue

Sport security teams do a great job at ensuring a star player’s safety while they are inside the team’s main venues. But once a player leaves the facility, they’re left pretty much on their own.

Now multiply this challenge across a roster of perhaps several dozen athletes. It’s tough for a resource-strapped security detail to ensure player safety when they’re on the road or at their personal residence.

In this respect, OSINT tools can represent a real force multiplier.

After setting up an initial keyword query, most OSINT tools will automatically scan for threats posted to social media against players.

As a best practice, it makes sense to create queries for star players and the most high-profile members of your organization. But OSINT tools make it easy to extend this practice to any player on the roster.

For sport security teams, this is useful when looking out for stalkers, violent threats, or other overzealous fans. And by spotting threats quickly, you can start taking proactive measures to ensure player safety.

 

7) Avoid Overlooking Threats with ‘Alt-Tech’ Coverage

As mentioned above, most sport security teams already monitor social media by piggybacking off of listening tools employed by their advertising departments.

Unfortunately, services designed for marketers often only survey the largest platforms: Twitter, Facebook, Reddit, TikTok, etc. And in recent years, millions of users have migrated to a growing collection of ‘alt-tech’ websites.

That means many security teams are overlooking a large chunk of the web. And if you’re not paying attention to these platforms, you could miss a relevant threat to your organization.

The riots at the U.S. Capitol Building provide a famous case in point. Much of the planning for the event occurred in public view on emerging platforms like Gab and Parler. But because few followed these sites closely, the ensuing riots caught many in the intelligence community off guard.

But the same principle applies to sports security. And as these alt-tech platforms grow in popularity, they will become an increasingly valuable source of threat intelligence.

Most OSINT tools for sport security teams allow you to automatically monitor these sites. And as new platforms emerge, vendors usually add coverage to new communities.

That means you often don’t have to spend time keeping up with the constantly changing world of social media. Most managers have better things to do than follow the latest apps and social networks teens are using.

And more importantly, it reduces the chance you’ll overlook a threat.

 

8) Safeguard Teams on the Road With Basic Advanced Work

A savvy security team should conduct basic advanced work before arriving at a new venue on a road trip: reach out to the home team’s security leaders, research contact information for local emergency services, scope out the stadium ahead of time.

OSINT tools can help in a lot of this preliminary research.

Is your team traveling to a new city for an upcoming away game? At LifeRaft, we advise clients to follow and monitor local social media channels a few days ahead of when their team arrives.

From there, security teams should be asking themselves:

  • Have there been any shootings or violence near the venue?
  • Do opposing fans have animosity for a particular player on your team?
  • Are there any upcoming events in the area, such as parades or festivals, that might complicate your security program?
  • Are there any extreme weather events occurring on the route between the airport and your team’s hotel?

Additionally, it’s often helpful to scan social media for mentions of team names, players, and relevant hashtags. It’s also useful to follow local Reddit forms and the accounts of nearby emergency services.

Following these queries for a few days can give you and your colleagues some insights as to what’s happening on the ground in these areas.

And the information you can glean from forums and social media is often far more valuable than what you usually find in “official” media outlets.

Just like venue security for a home game, your ability to forecast problems allows you to sidestep issues before they occur. OSINT tools make this process easier.

 

9) Save Time and Money by Automating Routine Tasks

At LifeRaft, we know from talking to hundreds of security professionals that none of them want to be chained to their desktop all day.


Managers and personnel often have to perform duties around the venue or on the road. Not to mention conducting routine tasks like supervising employees, attending meetings, or handling a crisis situation.

Unfortunately, social media monitoring represents a 24/7-type activity.

An important piece of information could pop up at any moment. If you’re not at your desk, a threat could slip past undetected.

Thankfully, most OSINT tools for sports security teams provide some sort of alert notification. If a pre-set query detects a relevant post, the software will send out a notice.

At LifeRaft, we took this a step further and created our own mobile app.

If a query you have set up in our Navigator software detects a threatening post online, you can set up internal settings to automatically receive an alert on your smartphone. So even if you’re on the go, you’ll never miss any relevant information.

Beyond convenience, automation can also save security departments time and money.

Gathering open source intelligence manually often requires a lot of effort. And even then, an individual trying to monitor social media (let alone the entire internet) on their own will likely overlook something important.

Automation technologies eliminate this hassle. That allows security leaders to run their operations with a leaner team or redirect personnel to other assignments.   

 

The Bottom line on OSINT tools for sports security

Nobody can call OSINT tools for sports security some kind of magic bullet.

If a threat doesn’t materialize online first, software won’t provide any advance warning. Time-tested physical security measures are still needed on the ground.

That said, OSINT tools allow sports security teams to better forecast and proactively respond to threats. It also allows leaders to create a living threat assessment that adapts in real-time.

That can go a long way towards keeping your fans, staff, and players safe.

5 Investigation Mistakes You Don’t Know You’re Making

We’re all ‘hard wired’ with cognitive biases to simplify complex decisions. But these mental heuristics can lead to faulty decisions, sabotaging OSINT investigations. In our free guide, we list the five most common cognitive biases that plague open-source analysts and outline practical strategies for how to deal with them.

LEARN MORE HERE >