Have you ever heard about the Bellingcat investigative journalism website and their notable reports on the Syrian Civil War, the MH17 shoot-down incident, the killing of civilians by the Cameroonian Armed Forces, and other hot-button cases? Surely, you have, as their investigations have been hitting the headlines of both traditional and online media since 2014. So, if you have read at least one of them, you are no stranger to open-source intelligence because Bellingcat’s journalists primarily use this methodology to identify people and locations, find evidence, and check facts.
In fact, the collection and analysis of publicly available data with the aim to meet intelligence needs, which is actually OSINT, were carried out long before the start of the digital era. And as you might have guessed, the methodology was initially associated with military intelligence, which used foreign broadcasts to derive valuable information from quite innocent news as far back as the early 1940s. While the USA had set the trend, many government intelligence agencies in other countries incorporated this tool during WWII and the Cold War.
However, the concept was too good to leave it to the governmental intelligence community only. The more so that technological innovations, growing Internet penetration, and social media development resulted in a wealth of digital data generated by the public and made it much more accessible for all kinds of users. It is no wonder that open-source intelligence was taken on board by a wide variety of organizations ranging from law enforcement agencies to corporations and nonprofit institutions. The emergence of specialized services and online platforms like Shodan, SpiderFoot, or Social Links, which address various OSINT goals, has only spurred the interest towards the knowledge that can be obtained from open-source data.
How Does It Work?
For a start, let’s figure out what sources can be accessed nowadays to gather specific information. Contrary to confidential or classified files, OSINT sources must be legally available to the public to avoid violating any copyright, privacy, or other laws. This is exactly the distinction that makes it possible to receive data without being a member of a governmental body and having much of another hassle. There can be both offline and online sources:
- the Internet, including message boards, blogs, social networking sites, video hosting services, wiki pages, domain names, metadata, digital files, dark net resources, geolocation data, IP addresses, search engines, and any other content found online;
- traditional media, such as television, radio, newspapers, books, or magazines;
- designated journals, scientific publications, conference proceedings, academic papers, and other professional sources;
- company profiles and news, annual reports, employee profiles and CVs, client databases, etc.;
- public government reports, various public statements, official data on taxes, budgets, unemployment, health, and other statistics;
- geospatial information like maps or satellite imagery.
Although not completely exhaustive, this list proves that there is quite a bunch of data scattered across multiple sources and just waiting for someone to put all the pieces together. The knowledge obtained from this information brings various benefits to many organizations:
- Governments, especially military and intelligence establishments, leverage OSINT sources for multiple purposes, such as national security, anti-terrorism effort, mass surveillance, insights into domestic and foreign public attitudes, etc.
- International organizations and aid agencies like the United Nations or the International Committee of the Red Cross embrace OSINT to support peace missions and relief efforts during crises or disasters, for example, by protecting their people and logistics from possible terrorist activities.
- Law enforcement authorities can achieve better success in protecting citizens from many kinds of crime through monitoring social media for specific keywords and images or tracking criminals with the help of geotagging and IP addresses.
- Corporations turn to OSINT when they need to research new markets, monitor competitors, plan promotional campaigns, and predict any events that may affect their business operations.
- Companies also use open-source intelligence for non-financial purposes, including data breach prevention and cyber risk management based on revealing vulnerabilities of their networks.
- Journalists draw information from the above sources within their investigations (yes, as Bellingcat does) to provide us with verified facts and tell vivid stories complemented with meaningful details.
- HR managers and corporate security teams conduct OSINT-based checks when hiring new employees or carrying out internal investigations.
Obviously, we can continue the list since almost any person might find themselves in a situation when they need to collect certain information, for example, on a person missed or a would-be business partner.
However, open-source intelligence is different from ordinary web-surfing done by amateurs, as it deals with specific information collected and structured in a special way to answer specific questions, which requires a much deeper approach complemented with some skills and tools. On the other hand, it does not involve any hacking or authorized access to data used in other intelligence fields, which is a great advantage.