@effectgroupEffect Group – Sam Tilston
Bringing the power of open source research to the masses. www.effectgroup.io
Open-Source Intelligence (OSINT) has become increasingly popular over recent years. OSINT provides value to growing corporations and government agencies alike.
In 2020, the market size of open-source intelligence (OSINT) exceeded USD $5 billion. The growth is due to escalated demand for data from publicly available sources.
OSINT is often considered alongside private businesses that are driving growth. However, the information is also used by government agencies for several reasons. Uses include cybersecurity and managing misinformation.
In the 1980s, the US military first coined the term ‘OSINT’. Since then, the dynamic reform of intelligence has been beneficial in many different scenarios.
What is OSINT?
The term open-source intelligence, commonly known as OSINT, refers to the process of legally collecting information that can be accessed and gathered from free, public sources online.
The process of gathering information includes various techniques. These include data mining, different crawling techniques, data extraction, data washing, and analysis.
In this instance, open source refers to the public and accessible nature of analysing data. It’s not to be confused with open-source software which includes OSINT tools.
OSINT operations have countless benefits. During a time where data is king and cybercrime continues rising, these benefits are especially useful.
The benefits have inspired both IT security professionals and state-sanctioned intelligence operatives to use various OSINT technologies.
History of OSINT
The earliest references of OSINT can be found in the creation of the Foreign Broadcast Monitoring Service (FBMS) in 1941. The agency had the important task of monitoring foreign broadcasts for any suspect action.
The term OSINT was first used in the late 1980s by the US military. It described the dynamic nature of information sources to find tactical success on the battlefield.
By 2004, the United States had experienced the horror of the September 11 attacks. The government commissioned an open-source intelligence agency in response. This development would inspire future OSINT use in both government and private spaces.
Today, open-source intelligence is available in six main categories;
Media such as magazines, radio and television
- Internet such as online publications, social media and discussion groups
- Public government data such as reports, budgets, and hearings
- Professional and academic publications such as journals and academic papers
- Commercial data such as commercial imagery and databases
- Grey literature such as technical reports and patents
How Does OSINT Work?
In January 2021, there were an estimated 4.66 billion active internet users across the globe. A large percentage of these users have online accounts and submit information online.
Monitoring all this information manually is not only time-consuming but also near-impossible. The framework of OSINT processes and tools works to gather and collect data through various methods.
These methods include data mining, various crawling techniques, and data extraction.
Leveraging the benefits of OSINT allows a cyber-security team to achieve the following;
- Identify public-facing assets that could be vulnerable
- Learn about relevant information beyond the organisation’s immediate access
- Take action based on information attained
- Reduce security risks by identifying vulnerabilities
- Deal with crises and misinformation
While OSINT has developed to serve private and corporate purposes, its use in government organisations is also prolific.
Popular OSINT Technologies and Uses
In the current business landscape, OSINT technologies have the power to impact the business environment. Organisations are encouraged to be open and transparent about their goods and services.
There are several OSINT technologies that make access to data easy and convenient.
Here are a few examples of the various technologies available. Note the value that they offer in the private space.
- Maltego – graphical link analysis tool that outlines various online relationships
- Shodan – a search engine for internet-connected devices
- theHarvester – a tool used to get email and domain-related information outside of an organisation
- Check usernames – a tool to search for particular usernames or domains
- Tineye – a tool used to identify whether an image is freely available online
As you can see, entities use OSINT tools for a range of activities, helping a wide range of industries. One group of operatives that benefit greatly from OSINT are government agencies.
Ways that Governments Can Apply Open Source Intelligence
The government has the critical role of protecting a nation. Various departments work to protect citizens and national assets.
With the rapid development of technology and the interconnectedness of online resources, the internet offers many uses. It also introduces the risk of cyber threats and vulnerabilities to infrastructure.
Making use of OSINT offers many benefits for governments (and government agencies), such as the following.
The threat of terrorism can be both domestic and international, stemming from both large and small groups.
Online spaces and social media platforms offer a platform for extremist movements. Often, these groups communicate and spread hateful messages online.
Consider how excitement was generated for the attack on the Capitol building in January 2021.
Regulating networks with various OSINT tools can flag these concerns. They can also offer a better understanding of how these groups work and the risk that they present.
It’s not only physical attacks that present a threat to the nation. Modern technology and the viral spread of information makes it easy to produce online propaganda. Online platforms often feed citizens misinformation (or disinformation).
Misinformation can present itself in several ways. For example, impersonation, spreading fake news, reposting illegitimate information and sharing misleading information.
Being alerted to misinformation allows government security agencies to deal with the problem swiftly. As well as counter the misinformation with the truth.
Consider how misinformation spread about COVID-19 and how it affected public opinion. Election teams were able to address this information and build support.
Hackers can work as solo criminals or in groups. Regardless of the setup, hackers present a financial and political threat. Governments use OSINT tools to detect agile cyber-attacks on data, infrastructure, and citizens.
Government intelligence agencies use OSINT technology in conjunction with other cybersecurity feeds. The systems protect against breaches and cyber espionage, network attacks and take-downs, and botnets.
These resources were particularly useful following the months of the pandemic. During this time, the number of malicious attacks and misinformation increased.
Transportation hubs, such as airports, seaports and highways are the gateway for tourism and business. When compromised, the infrastructure becomes vulnerable. In turn, this puts added pressure on security teams protecting assets, data and human life.
Government intelligence teams working security in transportation use OSINT. Using open-source intelligence, it’s possible to secure and plan an incident response.
Accessing public information can help to warn against threats near transportation hubs. As well as stay alert to vulnerable data.
Dealing with National Crises
National (and global) disasters happen in a variety of ways. Intelligence teams need data to combat the likes of natural disasters, terrorist attacks, and public health crises.
Online spaces that offer knowledge can highlight hotspots of a crisis. The knowledge also offers the location of resources and how other destinations are responding to the same situation.
Open Source Intelligence Used by Governments
Governments (and government agencies) rely on OSINT for various purposes.
For example, OSINT plays a pivotal role in;
- National security
- Cyber tracking terrorists
- Supplying policymakers with necessary information
- …And more
Although the information is available in the public domain, government agencies have certain restrictions on the way that OSINT tools are used in relation to sensitivity and legal protocol.
There are several different government agencies leveraging OSINT around the world.
Here are a few examples of theory in practice.
US Homeland Security
America’s Department of Homeland Security has an open-source intelligence unit. In 2007, the Domestic Open Source Enterprise was established to support the department’s needs for information. Open sources are used to develop homeland security intelligence.
US Armed Forces
OSINT has assisted various departments of the United States’s armed forces with strategic communication and the management of hostile threats. These military offices include the likes of the National Geospatial-Intelligence Agency and the Defense Intelligence Agency.
UK Law Enforcement
UK law enforcement is another government sector that uses OSINT to protect the public and do their work effectively. For example, the metropolitan police use open source intelligence, such as social media, as an investigative tool.
UK Intelligence Corps
The British Intelligence Corp uses open-source intelligence to react quickly to incidents. As well as work together with other military groups and various government departments. The organisation handles gathering information and using intelligent analysis techniques. OSINT helps this process.
Open Source Center (OSC)
The OSC has its headquarters in the Central Intelligence Agency (CIA). It involves a global network of multilingual analysts. The network works for the US government and handles various pieces of information. For example, military and local law enforcement issues found in the public space.
OSINT Continues to Offer Value
Open-source intelligence plays a crucial role in the daily happenings of various government organisations. The value offered by OSINT is forecasted to continually rise.
There’s no denying the benefits that OSINT offers in exposing national security threats and vulnerabilities. As online data continues to be exponentially available, so will the role of OSINT technologies continue to be used.
Join Hacker Noon
Create your free account to unlock your custom reading experience.