Stay up-to-date with the most relevant OSINT news all in one place.
Introducing our new blog series, the OSINT news roundup! In each post, we will highlight recent news stories where open source intelligence (OSINT) played a critical role and that show real-world impacts of OSINT practices. Keep up with quick article summaries and key insights to the critical role OSINT plays in today’s world.
To kick off the series this week, we highlight how OSINT is helping to shed light on the drug war in Tamaulipas; evacuate vulnerable groups as the Taliban swept to power; understand the political impacts of China’s tech decoupling; and protect the unemployed from cybercriminals.
As drug wars rage in Tamaulipas, Mexico between competing criminal organizations and cartels, Twitter played a key rolein helping inhabitants and citizen journalists spread information about risks and news in the area. Anonymous profiles were created to spread information without the potential of retaliation.
As time went on, the same practices being used to keep citizens of the disputed territories safe and spread information were eventually utilized by the organized crime members from which they sought safety. Profiles associated closely with government agencies have also been found, sometimes in connection to reports of violence that seem unbiased but may be used as fodder for powerful militarized responses.
“Eventually, a greater number of ‘anonymous’ social media (mainly Twitter) users reporting on violence and organized crime in Tamaulipas started to appear in the cyberspace. They were not necessarily ‘citizen journalists,’ but placed or introduced themselves as part of that category.”- Koizumi, Baxter, et al. Small Wars Journal
The social network analysis shed light on the goals and agendas of certain actors using the practice of anonymized accounts to report via social media. Monitoring this activity has helped highlight the different ways these practices can be used and who benefits from the who-is-who confusion.
United States intelligence professionals and veterans volunteered to aid Digital Dunkirk, assisting in the mass evacuation of civilians, foreign citizens and at-risk Afghans during the precipitous fall of Afghanistan to Taliban forces. The operation efforts began when a veteran was contacted by a former military colleague for assistance in finding critical information that could help extract people from the country. When the veteran, Dahvid Schloss, attempted to take paid time off in order to help out, the CEO of the company told him to do it on the clock instead and recruit his team to help in the operation.
The team utilized OSINT in order to use photos to identify Taliban checkpoints to warn contacts in the country about where to avoid. They were also able to gather personal information on the parties they were trying to extract in order to fill out critical paperwork on their behalf, since many did not have access to the internet to do it themselves.
“There also was a big effort on our part to help out other people in the group that weren't directly employed by us, to protect their identity as well. We did that by creating what's known as a sock puppet – which is a fake online identity – and providing them with VMs. They’d have a phone number without actually having a phone number, so that they had a safe way of communicating.”- Dahvid Schloss, SC Media interview
The volunteers at Echelon Risk Cyber who took part in the Digital Dunkirk operation proved that the same OSINT practices that can be used for misinformation campaigns (e.g., creating sock puppets) or for doxxing and identity theft (e.g., gathering personal information) can also be used for critical life-saving efforts on behalf of citizens and refugees.
China is gearing up for a tech warwith the United States, as the U.S. begins to tighten access and scale back tech collaborations. The Chinese plan to address their weaknesses in critical technologies by partnering with multinational corporations and technically advanced European countries to overcome the decoupling. They will also likely put together a robust international talent recruitment campaign to develop softwares and address deficiencies.
In addition to recruitment, China’s Ministry of Education (MOE) is creating new tech-focused programs at several top universities to help develop their own advanced workforce in areas of critical need. People’s Liberation Army (PLA) researchers helped lay the groundwork for China’s likely strategy for greater independence from U.S. technologies.
“In November 2020, Chinese start-ups reportedly hired executives and engineers from top U.S. chip design toolmakers in an effort to break the U.S.’s near-monopoly on chip design toolmaking.”- Stone and Singer, Defense One
Open-source reporting on China and their capabilities like this Defense One article can be a valuable OSINT resource. It illuminates the breadth of publicly available information regarding our adversaries and can help corroborate other forms of intelligence.
Learn more: Use OSINT to contextualize GEOINT >
The FBI issued a warninglast month to alert the public of the existence of fake unemployment benefit websitesbeing created by cybercriminals to steal personal information and commit identity theft. The sites are made to mirror state unemployment websites and encourage users to enter personal information that the criminal actors can then use to collect benefits. The information may also be sold and exchanged, leaving victims vulnerable to additional identity theft.
The sites will routinely misspell a certain word or use the format of [state]-gov[.]xyz. The lookalike sites in some cases may also cause ransomware or malware infection after the victim enters sensitive information. More than 385 fake sites have been found, including for the states Nevada, Wisconsin, Illinois, Maryland and New Mexico.
“The US Federal Trade Commission (FTC) said in February 2021 that the total number of identity theft reports doubled in 2020 compared to 2019, with a record of 1.4 million reports within one year.”- Sergiu Gatlan, Bleeping Computer
With identity theft on the rise, the public should be vigilant when visiting government agency sites or entering personal information online.
Open source intelligence around the world has played a critical role in national security, saving lives and geopolitical fallout. In the words of Digital Dunkirk volunteer and veteran Dahvid Schloss, “...everything that can be used for bad can be used for good, or vice versa.” These real-world implications of OSINT at work have the power to change everything from worldwide diplomacy to the fates of everyday people.
To keep up to date on the latest OSINT and cyber security news, visit the Authentic8 blog.