Have you ever heard about the Bellingcat investigative journalism website and their notable reports on the Syrian Civil War, the MH17 shoot-down incident, the killing of civilians by the Cameroonian Armed Forces, and other hot-button cases? Surely, you have, as their investigations have been hitting the headlines of both traditional and online media since 2014. So, if you have read at least one of them, you are no stranger to open-source intelligence because Bellingcat’s journalists primarily use this methodology to identify people and locations, find evidence, and check facts.
In fact, the collection and analysis of publicly available data with the aim to meet intelligence needs, which is actually OSINT, were carried out long before the start of the digital era. And as you might have guessed, the methodology was initially associated with military intelligence, which used foreign broadcasts to derive valuable information from quite innocent news as far back as the early 1940s. While the USA had set the trend, many government intelligence agencies in other countries incorporated this tool during WWII and the Cold War.
However, the concept was too good to leave it to the governmental intelligence community only. The more so that technological innovations, growing Internet penetration, and social media development resulted in a wealth of digital data generated by the public and made it much more accessible for all kinds of users. It is no wonder that open-source intelligence was taken on board by a wide variety of organizations ranging from law enforcement agencies to corporations and nonprofit institutions. The emergence of specialized services and online platforms like Shodan, SpiderFoot, or Social Links, which address various OSINT goals, has only spurred the interest towards the knowledge that can be obtained from open-source data.
For a start, let’s figure out what sources can be accessed nowadays to gather specific information. Contrary to confidential or classified files, OSINT sources must be legally available to the public to avoid violating any copyright, privacy, or other laws. This is exactly the distinction that makes it possible to receive data without being a member of a governmental body and having much of another hassle. There can be both offline and online sources:
Although not completely exhaustive, this list proves that there is quite a bunch of data scattered across multiple sources and just waiting for someone to put all the pieces together. The knowledge obtained from this information brings various benefits to many organizations:
Obviously, we can continue the list since almost any person might find themselves in a situation when they need to collect certain information, for example, on a person missed or a would-be business partner.
However, open-source intelligence is different from ordinary web-surfing done by amateurs, as it deals with specific information collected and structured in a special way to answer specific questions, which requires a much deeper approach complemented with some skills and tools. On the other hand, it does not involve any hacking or authorized access to data used in other intelligence fields, which is a great advantage.
A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums…
A critical vulnerability has been identified in Siemens' User Management Component (UMC), which could allow…
Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF…
Microsoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could…
A Romanian man has been sentenced to 20 years in prison for his involvement in…
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical vulnerability…