In this blog, we explore how to overcome the challenges of Open-Source Intelligence (OSINT) while ensuring that the important benefits it delivers can be leveraged by the intelligence community.
Understanding the value of OSINT
OSINT has grown in importance over the last 15 years or so, not only because of advancements in OSINT technology but more notably due to the explosion in the use of digital technology amongst governments as well as the broader global community.
With more and more people living their lives online, the value of understanding this ecosystem including where and how threat actors communicate and operate online is as important as ever.
Open-source intelligence has its own unique value with the ability to uncover multiple and diverse data types online. This publicly available online data can uncover representations of people that may not exist in real life as people can now express their opinions and motivations and engage in conversations more freely online. If this data is overlooked, indicators and warnings that could be critical to protecting global communities may go unchecked.
To learn more about open-source intelligence best practices and hear from Fivecast experts and intelligence professionals from Janes*, listen to our podcast which was featured in the Janes World of Intelligence podcast series:
OSINT and traditional intelligence:
Intelligence practices have an entire new nexus online as not only are data volumes expanding exponentially, but so too are the methods for analyzing that data along with the online locations where data is accessible. Intelligence teams across both private organizations and government agencies ignore the huge volumes of publicly available data accessible across the Surface, Deep and Dark Web at their peril.
This has led to a meshing of signals intelligence (SIGINT), human intelligence (HUMINT), and imagery intelligence (IMINT) with open-source intelligence. Many aspects of these traditional intelligence practices are now mirrored online. We share imagery when we post images and videos online. And, one of the most salient examples, human intelligence, the gathering of information from recruited persons or assets, is replicated online in human networks and conversations across chat groups, boards and forums.
Although, in some cases, OSINT and other forms of intelligence overlap, OSINT can also be complementary to classified information and traditional intelligence. Expanding on the HUMINT example, OSINT can be deployed to help verify and validate agents or even just manage the risk associated with some of those operations. Publicly available data, especially online, is often communicated quickly which delivers rapid updates from people on the ground and invaluable situational awareness. The speed of OSINT data collection and the contextual background it provides is often not available from other intelligence sources. Consequently, OSINT shouldn’t replace existing forms of intelligence but it can be a very rich vein to tap.
Understanding OSINT CHallenges:
Open-source platforms including major social media platforms and niche platforms on the Surface and Deep Web and forums on the Dark Web have kept pace with the increased use and demand for online technologies. These platforms are growing organically and by constantly developing new capabilities to broaden their appeal, whether that be increased anonymity, the ability to post images and videos, ease of finding like-minded groups and narratives, and many other enticing features. These platforms are effectively servicing new communities and making it easier for people to chat with one another and connect online.
The amount of new social media platforms being developed to attract different communities and the data coming out of each platform is beyond imagination while the speed and diversity of data available presents many challenges for analysts, making it impossible to keep up with platforms and the vast amounts of data.
A well-known and increasing trend is for users to adopt multiple social media platforms and/or forums and switch between platforms at will if they have been banned from a site or to find other groups, narratives or opinions elsewhere. For example, with the current turmoil surrounding Twitter, users have been searching for alternate platforms that provide a similar experience. Options include both existing and emerging platforms like Reddit and Mastodon.
Read our blog on platform transitions to learn more about how to track threats as they move across open-source platforms:
The power of open-source intelligence
To fully leverage publicly available data, we must first overcome the velocity, variety, and volume of data available across a vast number of platforms which is beyond human scale for even the most well-resourced intelligence teams. This OSINT challenge demands an automated response that leverages the power of AI and machine learning. Manually trying to track threats across platforms is a very intimidating hurdle for government agencies and corporate security teams who are trying to protect communities and businesses.
Fivecast ONYX delivers unmatched access to Surface, Deep, and Dark Web data combined with AI-enabled risk analytics to rapidly collect, filter, and assess data to uncover actionable insights. A customizable risk detection framework helps analysts prioritize data for review and uncover threats in multi-media data, automating the challenging task of finding that important needle in the haystack.
*Janes is a trusted global agency for open-source defence intelligence, supplying their customers with timely, unbiased and relevant intelligence in a world crowded with increasingly unreliable information.