Jump to content

Open-source intelligence

From Wikipedia, the free encyclopedia

Open source intelligence (OSINT) is the collection and analysis of data gathered from open sources (overt sources and publicly available information) to produce actionable intelligence. OSINT is primarily used in national security, law enforcement, and business intelligence functions and is of value to analysts who use non-sensitive intelligence in answering classified, unclassified, or proprietary intelligence requirements across the previous intelligence disciplines.[1]

Categories

[edit]

OSINT sources can be divided up into six different categories of information flow:[2]

OSINT is distinguished from research in that it applies the process of intelligence to create tailored knowledge supportive of a specific decision by a specific individual or group.[3]

OSINT collection methodologies

[edit]

Collecting open-source intelligence is achieved in a variety of different ways,[4] such as:

Definition

[edit]

OSINT is defined in the United States of America by Public Law 109-163 as cited by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD), as intelligence "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement."[5] As defined by NATO, OSINT is intelligence "derived from publicly available information, as well as other unclassified information that has limited public distribution or access."[6]

According to political scientist Jeffrey T. Richelson, “open source acquisition involves procuring verbal, written, or electronically transmitted material that can be obtained legally. In addition to documents and videos available via the Internet or provided by a human source, others are obtained after U.S. or allied forces have taken control of a facility or site formerly operated by a foreign government or terrorist group.”[7]

Former Assistant Director of Central Intelligence for Analysis Mark M. Lowenthal defines OSINT as “any and all information that can be derived from overt collection: all types of media, government reports and other documents, scientific research and reports, commercial vendors of information, the Internet, and so on. The main qualifiers to open-source information are that it does not require any type of clandestine collection techniques to obtain it and that it must be obtained through means that entirely meet the copyright and commercial requirements of the vendors where applicable."[8]

History

[edit]
Seal of the 9/11 Commission

OSINT practices have been documented as early as the mid-19th century in the United States and early 20th century in the United Kingdom.[9]

OSINT in the United States traces its origins to the 1941 creation of the Foreign Broadcast Monitoring Service (FBMS), an agency responsible for the monitoring of foreign broadcasts. An example of their work was the correlation of changes in the price of oranges in Paris with successful bombings of railway bridges during World War II.[10]

The Aspin-Brown Commission stated in 1996 that US access to open sources was "severely deficient" and that this should be a "top priority" for both funding and DCI attention.[11]

In July 2004, following the September 11 attacks, the 9/11 Commission recommended the creation of an open-source intelligence agency.[12] In March 2005, the Iraq Intelligence Commission recommended[13] the creation of an open-source directorate at the CIA.

Following these recommendations, in November 2005 the Director of National Intelligence announced the creation of the DNI Open Source Center. The Center was established to collect information available from "the Internet, databases, press, radio, television, video, geospatial data, photos and commercial imagery."[14] In addition to collecting openly available information, it would train analysts to make better use of this information. The center absorbed the CIA's previously existing Foreign Broadcast Information Service (FBIS), originally established in 1941, with FBIS head Douglas Naquin named as director of the center.[15] Then, following the events of 9/11 the Intelligence Reform and Terrorism Prevention Act merged FBIS and other research elements into the Office of the Director of National Intelligence creating the Open Source Enterprise.

Furthermore, the private sector has invested in tools which aid in OSINT collection and analysis. Specifically, In-Q-Tel, a Central Intelligence Agency supported venture capital firm in Arlington, VA assisted companies develop web-monitoring and predictive analysis tools.

In December 2005, the Director of National Intelligence appointed Eliot A. Jardines as the Assistant Deputy Director of National Intelligence for Open Source to serve as the Intelligence Community's senior intelligence officer for open source and to provide strategy, guidance and oversight for the National Open Source Enterprise.[16] Mr. Jardines has established the National Open Source Enterprise[17] and authored intelligence community directive 301. In 2008, Mr. Jardines returned to the private sector and was succeeded by Dan Butler who is ADDNI/OS[18] and previously Mr. Jardines' Senior Advisor for Policy.[19]

Tools

[edit]
Systematic Software Engineering uses open source intelligence, compiled by [[Janes Information Services]], as part of its intelligence platform.
Open source intelligence may be ingested to battle management systems such as CPCE by Systematic, which uses an open source feed from Janes Information Services.

The web browser is a powerful OSINT tool that provides access to numerous websites and both open source and proprietary software tools that are either purpose-built for open source information collection or which can be exploited for the purposes of either gathering of open source information or to facilitate analysis and validation to provide intelligence. A cottage industry of both for-profit and not-for-profit investigative and educational groups such as Bellingcat, IntelTechniques SANS and others offer indices, books, podcasts and video training materials on OSINT tools and techniques. Books such as Michael Bazzell's Open Source Intelligence Techniques serve as indices to resources across multiple domains but according the author, due to the rapidly changing information landscape, some tools and techniques change or become obsolete frequently, hence it is imperative for OSINT researchers to study, train and survey the landscape of source material regularly.[20] A guide by Ryan Fedasiuk, an analyst at the Center for Security and Emerging Technology, lists six tools open-source analysts can use to stay safe and utilize operational security (OPSEC) when conducting online investigations. These include VPNs, cached webpages, digital archive services, URL and file scanners, browser sandbox applications, and antivirus software.[21]

Numerous lists of aggregated OSINT content are available on the web. The OSINT Framework contains over 30 primary categories of tools and is maintained as an open source project on GitHub.[22]

ALTUM

[edit]

ALTUM is an intelligence organisation envisioned as an OSINT, but it has since evolved into a broader intelligence entity with a specific focus on making crucial information open-source and accessible to the public.

ALTUM recently released a series of documents that allegedly contain detailed operational plans, diplomatic cables, and intelligence assessments from various government agencies. These documents, some of which are believed to have been classified as top secret, provide insights into covert operations, intelligence-gathering techniques, and strategic plans involving multiple nations. The publication of these documents has sparked outrage among government officials, who claim that ALTUM has recklessly exposed vulnerabilities in national security, jeopardizing ongoing operations and diplomatic relations. Several governments have announced their intentions to pursue legal action against ALTUM, accusing the organization of violating national security laws and endangering the lives of intelligence operatives. There are also calls for international cooperation to shut down ALTUM's operations and hold its leaders accountable. Government spokespersons have condemned ALTUM's actions, labeling the organization as irresponsible and dangerous. Some officials have even suggested that ALTUM may be collaborating with hostile entities to undermine global security. In response to the controversy, ALTUM has issued a statement defending its actions, arguing that the public has a right to know about the activities of their governments, especially when they involve covert operations that could have far-reaching implications. ALTUM maintains that the documents were carefully reviewed to ensure that no unnecessary harm would come from their release.

In 2014, Sony Pictures Entertainment suffered a massive cyberattack, leading to the leak of sensitive internal documents, emails, and unreleased films. These files were later published on WikiLeaks, causing significant embarrassment and financial damage to Sony. The leaked files included confidential email exchanges, employee data, financial records, and details about unreleased films, as well as sensitive information regarding Sony’s dealings with various governments and celebrities. The breach exposed Sony to widespread criticism and legal challenges. Recent reports suggest that ALTUM may have been involved in the acquisition and dissemination of the Sony files. Anonymous sources within the intelligence community claim that ALTUM either directly facilitated the leak or provided critical support to the hackers responsible, ensuring the files reached WikiLeaks. WikiLeaks has consistently refused to reveal its sources, but the renewed scrutiny on ALTUM has reignited questions about the organization’s connections to the controversial platform. ALTUM has neither confirmed nor denied its involvement in the Sony files leak. In a brief statement, the organization reiterated its commitment to transparency and the public interest but emphasized that it does not engage in or endorse illegal activities.

Former contacts and collaborators report that ALTUM has ceased all official communications. Emails bounce back, phone lines are disconnected, and even encrypted messaging channels used by the organisation have gone dark. ALTUM’s website, social media profiles, and all digital footprints have been systematically erased. Searches for the organisation yield nothing but outdated references and broken links, suggesting a deliberate effort to remove all traces of its existence from the internet. After being linked to several high-profile leaks, including the Sony files on WikiLeaks, it’s speculated that ALTUM was forced into hiding to avoid legal repercussions or targeted attacks. Some claim that ALTUM is still actively leaking information and conducting operations, but only through secure, untraceable channels.

Risks for practitioners

[edit]

A main hindrance to practical OSINT is the volume of information it has to deal with ("information explosion"). The amount of data being distributed increases at a rate that it becomes difficult to evaluate sources in intelligence analysis. To a small degree the work has sometimes been done by amateur crowd-sourcing.[23]

Accredited journalists have some protection in asking questions, and researching for recognized media outlets. Even so, they can be imprisoned, even executed, for seeking out OSINT. Private individuals illegally collecting data for a foreign military or intelligence agency is considered espionage in most countries. Of course, espionage that is not treason (e.g. betraying one's country of citizenship) has been a tool of statecraft since ancient times.[24]

Professional association

[edit]

The OSINT Foundation is a professional association for OSINT practitioners in the United States Intelligence Community.[25] It is open to U.S. Citizens and seeks to raise the prominence of the open-source intelligence discipline.[26]

See also

[edit]

References

[edit]
  1. ^ Schwartz, Leo (March 7, 2022). "Amateur open source researchers went viral unpacking the war in Ukraine". Rest of World. Retrieved 8 March 2022.
  2. ^ Richelson, Jeffrey (2016). The US Intelligence Community. Avalon. ISBN 978-0813349183.
  3. ^ "Spy Agencies Turn to Newspapers, NPR, and Wikipedia for Information: The intelligence community is learning to value 'open-source' information". Archived from the original on 2012-10-23. Retrieved 2008-09-15.
  4. ^ Leos, Devan (2023-02-28). "Thinking Like a Spy: How Open Source Intelligence Can Give You a Competitive Advantage". Entrepreneur. Retrieved 2023-11-08.
  5. ^ "As defined in Sec. 931 of Public Law 109-163, entitled, "National Defense Authorization Act for Fiscal Year 2006."". Archived from the original on 2008-11-12. Retrieved 2006-12-08.
  6. ^ "NATOTermOTAN". nso.nato.int. Retrieved 2021-04-02.
  7. ^ Richelson, Jeffrey T (2015-07-14). The U.S. Intelligence Community. Avalon Publishing. ISBN 9780813349190. Retrieved 15 May 2017.
  8. ^ Lowenthal, Mark M. (2005), "Open-Source Intelligence: New Myths, New Realities", in George, Roger Z; Kline, Robert D (eds.), Intelligence and the national security strategist : enduring issues and challenges, Lanham: Rowman and Littlefield, ISBN 9780742540392
  9. ^ Block, Ludo (2023). "The long history of OSINT". Journal of Intelligence History. 23 (2): 95–109. doi:10.1080/16161262.2023.2224091. hdl:1887/3731669. ISSN 1616-1262.
  10. ^ Bornn, D Marshall (9 Jan 2013). "Service members, civilians learn to harness power of 'Open Source' information". www.army.mil. Archived from the original on 9 December 2017. Retrieved 14 May 2017.
  11. ^ Lowenthal, Mark; Clark, Robert (2015). The Five Disciplines of Intelligence Collection. CQ Press. p. 18. ISBN 978-1483381114.
  12. ^ See page 413 of the 9-11 Commission Report (pdf) Archived 2007-07-05 at the Wayback Machine.
  13. ^ McLaughlin, Michael (June 2012). "Using open source intelligence for cybersecurity intelligence". ComputerWeekly.com. Archived from the original on 2018-06-29. Retrieved 2018-06-29.
  14. ^ Office of the Director of National Intelligence. "ODNI Announces Establishment of Open Source Center Archived 2006-06-23 at the Wayback Machine". Press release, 8 November 2005.
  15. ^ Ensor, David. "The Situation Report: Open source intelligence center Archived 2007-03-25 at the Wayback Machine". CNN, 8 November 2005.
  16. ^ Office of the Director of National Intelligence "ODNI Senior Leadership Announcement Archived 2006-06-23 at the Wayback Machine". Press release, 7 December 2005.
  17. ^ "National Open Source Entreprise Vision Statement" Archived 2007-09-28 at the Wayback Machine May 2006
  18. ^ DNI Open Source Conference 2008 "Decision Advantage" agenda, Office of the Director of National Intelligence, July 2008. Archived 2010-04-17 at the Wayback Machine
  19. ^ DNI Open Source Conference 2007 "Expanding the Horizons" agenda, Office of the Director of National Intelligence, July 2007. Archived 2008-08-01 at the Wayback Machine
  20. ^ "Books by Michael Bazzell". inteltechniques.com. Retrieved 2022-05-02.
  21. ^ Fedasiuk, Ryan (2022-04-06). "Into the Jungle: Best Practices for Open-Source Researchers". Center for Security and Emerging Technology. Retrieved 2022-04-22.
  22. ^ OSINT Framework, lockFALE, 2022-05-02, retrieved 2022-05-02
  23. ^ "Bellingcat's Eliot Higgins Explains Why Ukraine Is Winning the Information War". Time. Retrieved 2022-04-13.
  24. ^ Sun Tzu (Warring States period), The Art of War, Chapter 13: "Hostile armies may face each other for years, striving for the victory which is decided in a single day. This being so, to remain in ignorance of the enemy's condition simply because one grudges the outlay of 2 hundred ounces of silver in honors and emoluments, is the height of inhumanity."
  25. ^ New OSINT foundation aims to 'professionalize' open source discipline across spy agencies, 2022-07-27
  26. ^ Volz, Dustin (2022-07-27), "New Group to Promote Open-Source Intelligence, Seen as Vital in Ukraine War", Wall Street Journal

Further reading

[edit]

Scientific Publications

[edit]
[edit]