Stay up-to-date with the most relevant OSINT news all in one place.

Introducing our new blog series, the OSINT news roundup! In each post, we will highlight recent news stories where open source intelligence (OSINT) played a critical role and that show real-world impacts of OSINT practices. Keep up with quick article summaries and key insights to the critical role OSINT plays in today’s world.

To kick off the series this week, we highlight how OSINT is helping to shed light on the drug war in Tamaulipas; evacuate vulnerable groups as the Taliban swept to power; understand the political impacts of China’s tech decoupling; and protect the unemployed from cybercriminals.

A drug war in cyberspace

As drug wars rage in Tamaulipas, Mexico between competing criminal organizations and cartels, Twitter played a key rolein helping inhabitants and citizen journalists spread information about risks and news in the area. Anonymous profiles were created to spread information without the potential of retaliation.

As time went on, the same practices being used to keep citizens of the disputed territories safe and spread information were eventually utilized by the organized crime members from which they sought safety. Profiles associated closely with government agencies have also been found, sometimes in connection to reports of violence that seem unbiased but may be used as fodder for powerful militarized responses.

“Eventually, a greater number of ‘anonymous’ social media (mainly Twitter) users reporting on violence and organized crime in Tamaulipas started to appear in the cyberspace. They were not necessarily ‘citizen journalists,’ but placed or introduced themselves as part of that category.”

- Koizumi, Baxter, et al. Small Wars Journal

The social network analysis shed light on the goals and agendas of certain actors using the practice of anonymized accounts to report via social media. Monitoring this activity has helped highlight the different ways these practices can be used and who benefits from the who-is-who confusion.

OSINT, sock puppets aid mass Afghanistan evacuation

United States intelligence professionals and veterans volunteered to aid Digital Dunkirk, assisting in the mass evacuation of civilians, foreign citizens and at-risk Afghans during the precipitous fall of Afghanistan to Taliban forces. The operation efforts began when a veteran was contacted by a former military colleague for assistance in finding critical information that could help extract people from the country. When the veteran, Dahvid Schloss, attempted to take paid time off in order to help out, the CEO of the company told him to do it on the clock instead and recruit his team to help in the operation.

The team utilized OSINT in order to use photos to identify Taliban checkpoints to warn contacts in the country about where to avoid. They were also able to gather personal information on the parties they were trying to extract in order to fill out critical paperwork on their behalf, since many did not have access to the internet to do it themselves.

“There also was a big effort on our part to help out other people in the group that weren't directly employed by us, to protect their identity as well. We did that by creating what's known as a sock puppet – which is a fake online identity – and providing them with VMs. They’d have a phone number without actually having a phone number, so that they had a safe way of communicating.”

- Dahvid Schloss, SC Media interview

The volunteers at Echelon Risk Cyber who took part in the Digital Dunkirk operation proved that the same OSINT practices that can be used for misinformation campaigns (e.g., creating sock puppets) or for doxxing and identity theft (e.g., gathering personal information) can also be used for critical life-saving efforts on behalf of citizens and refugees.

How China is planning for tech decoupling

China is gearing up for a tech warwith the United States, as the U.S. begins to tighten access and scale back tech collaborations. The Chinese plan to address their weaknesses in critical technologies by partnering with multinational corporations and technically advanced European countries to overcome the decoupling. They will also likely put together a robust international talent recruitment campaign to develop softwares and address deficiencies.

In addition to recruitment, China’s Ministry of Education (MOE) is creating new tech-focused programs at several top universities to help develop their own advanced workforce in areas of critical need. People’s Liberation Army (PLA) researchers helped lay the groundwork for China’s likely strategy for greater independence from U.S. technologies.

“In November 2020, Chinese start-ups reportedly hired executives and engineers from top U.S. chip design toolmakers in an effort to break the U.S.’s near-monopoly on chip design toolmaking.”

- Stone and Singer, Defense One

Open-source reporting on China and their capabilities like this Defense One article can be a valuable OSINT resource. It illuminates the breadth of publicly available information regarding our adversaries and can help corroborate other forms of intelligence.

Learn more: Use OSINT to contextualize GEOINT >

Fake gov sites used to steal financial, personal data

The FBI issued a warninglast month to alert the public of the existence of fake unemployment benefit websitesbeing created by cybercriminals to steal personal information and commit identity theft. The sites are made to mirror state unemployment websites and encourage users to enter personal information that the criminal actors can then use to collect benefits. The information may also be sold and exchanged, leaving victims vulnerable to additional identity theft.

The sites will routinely misspell a certain word or use the format of [state]-gov[.]xyz. The lookalike sites in some cases may also cause ransomware or malware infection after the victim enters sensitive information. More than 385 fake sites have been found, including for the states Nevada, Wisconsin, Illinois, Maryland and New Mexico.

“The US Federal Trade Commission (FTC) said in February 2021 that the total number of identity theft reports doubled in 2020 compared to 2019, with a record of 1.4 million reports within one year.”

- Sergiu Gatlan, Bleeping Computer

With identity theft on the rise, the public should be vigilant when visiting government agency sites or entering personal information online.

The many faces of OSINT

Open source intelligence around the world has played a critical role in national security, saving lives and geopolitical fallout. In the words of Digital Dunkirk volunteer and veteran Dahvid Schloss, “...everything that can be used for bad can be used for good, or vice versa.” These real-world implications of OSINT at work have the power to change everything from worldwide diplomacy to the fates of everyday people.

To keep up to date on the latest OSINT and cyber security news, visit authentic8.com/blog.

TAGS OSINT

About the Author

Abel Vandegrift
Abel Vandegrift
Washington, D.C.

As Director of Government Strategy at Authentic8, Abel advises the federal business team on policy development and budget trends to identify growth opportunities and shape customer engagement.

Related Resources

Handbook
Handbook

Surface and dark web research: tips and techniques

How to access and analyze suspicious or malicious content without exposing your resources or identity

Guide
Guide

21 OSINT Research Tools for Threat Intelligence

Authentic8 engineers curated a list of the 21 most widely used OSINT research tools for cybersecurity researchers, analysts and other security professionals

Handbook
Handbook

Tools and Techniques for Online Law Enforcement Investigations

Learn best practices for online research, including how to leverage social media, the dark web, conceal your identity and protect your agency

Close
Close