While the world’s eyes are on Ukraine, one nation is paying special attention: China. The global super power with territorial axes to grind is learning from Russia’s successes and failures in the invasion of its neighbor, taking notes particularly on the cyber warfare front for its much-hypothesized invasion of Taiwan. 

In the U.S., two government agencies issued a joint alert on how to spot potential export control violations in regards to the sanctions imposed on Russia as a result of the invasion. Nuclear secrecy may be downright impossible due to the rise in commercial satellites. And a private security firm that fed misinformation to the Minneapolis Police Department highlights the risks of outsourcing intelligence and evidence gathering.

Let’s dive into the OSINT news for the week:

What China is learning from Ukrainian cyber front

There’s been much speculation about China watching the Russian invasion of Ukraine for how it could be replicated — or not — in an invasion of Taiwan. In a recent Cyberscoop article, Tim Stark and AJ Vincens gather perspectives from those in government, the intelligence sector and cybersecurity. Together, they seek to decipher what China is learning from Russian missteps (such as its lack of early decisive victories, underestimating resistance capabilities and reliance on known attack methods) as well as from its successes (like disrupting Ukrainian communications by remotely disabling satellite modems).

While there are plenty of unknowns and hypotheticals around a potential invasion of Taiwan, it does seem clear that China is building the intelligence and strategies now that would make its position even more formidable.

Eventually you will see ‘lessons learned’ type articles appear in PLA media intended primarily for internal consumption, and from those we will be able to get a much clearer picture of what their takeaways were.

— Ma Xiu, BluePath Labs analyst, quote from CyberScoop

FinCEN/BIS alert flags Russia export control evasion indicators

The Financial Crimes Enforcement Network (FinCEN) and the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a joint alert urging vigilance against efforts to evade export controls implemented as a response to Russia’s invasion of Ukraine. The alert gives guidance to financial institutions on “commodities of concern,” as well as “select transactional and behavioral red flags” to help identify potential violations.

The export controls are targeted at Russia’s and its ally Belarus’ defense, aerospace and maritime sectors to hamper military capabilities. They also target the energy sector and other means that provide the Russian invasion its needed financial support (hence the controls on luxury goods beloved by oligarchs). 

To combat evasion of export controls, the alert reminds financial institutions of the information at their disposal to conduct due diligence, including:

  • Customers’ end-use certificates, export documents, or documentation related to credit-based trade financing
  • SWIFT messages
  • Letters of credits from importers
  • Lines of credit issued
  • Wire transfer payments

Financial institutions with customers in maritime or export/import industries should rely on the financial institutions’ internal risk assessments to employ appropriate risk mitigation measures consistent with their underlying BSA obligations. This approach to compliance with the BSA may include appropriate due diligence policies and procedures as required by law and regulation, such as, where applicable, FinCEN’s customer due diligence and beneficial ownership requirements.

— FinCEN/BIS June 28, 2022 Joint Alert

Commercial satellite imagery presents major challenge to nuclear secrecy

In an issue of the Bulletin of the Atomic Scientists, the scale and capabilities of commercial satellite imagery is laid bare — as well as its implications for secrecy around nuclear programs. 

As the post points out, commercially available satellite images have already been used in analyses of Iranian and North Korean sites. And with the continued deployment of new satellites and constellations, improved imaging capabilities and AI to make use of the volume of images, nuclear secrecy is going to become extremely difficult, “if not impossible.”

There are more than 4,800 satellites in orbit, of which nearly three-quarters are commercial systems. In addition to optical imaging systems, there are synthetic-aperture radar (SAR) systems that construct images based on microwave pulses, with which atmospheric conditions and poor illumination cannot interfere: “SAR systems are always watching,” as the post puts it. While commercial systems do not offer the same quality of imagery as provided by government systems, that isn’t necessarily a problem when it comes to tracking nuclear sites.

High resolution and high frequency of observation are not necessary for the detection of new structures and most immobile objects. Commissioning of nuclear facilities takes years and can easily be detected even with low-resolution sensors.

— Igor Moric, Bulletin of the Atomic Scientists

Private security group sent police misinformation about protesters

A series by MIT Technology Review investigates how law enforcement surveilled the streets of Minneapolis amidst protests against police brutality. Its July 7 story focuses on one private security company — Conflict Resolution Group (CRG) — sharing “untrue and politicized” information on activists with the local police department.  

Intelligence reports from CRG were sourced from the social media and the internet, including from dubious sites such as AntifaWatch, as well as photographs obtains while surveilling protests. These reports were passed to the Minneapolis Police Department (MPD), but contained erroneous conclusions:

  • One report described organizers of a protest as “antifa” without evidence of links to the political group, and possibly derived from speculation on the AntifaWatch website
  • An “individual of interest” report included a photo from Twitter of someone with a tattoo commemorating the 2020 burning of the MPD Third Precinct, insinuating that the tattoo is evidence the individual was involved in the crime

As local law enforcement organizations struggle with dwindling workforces, budget cuts and a sharp increase in violent crime, they’re frequently turning to private security groups to fill the gap. The intelligence practices of these groups as well as enforcement methods are far less regulated than the police departments they partner with. This can worsen the quality of investigation that departments are able to perform as well as infringe on citizens’ First Amendment rights. 

When one individual — who claims to have attended and brought “water and snacks” to “vigils and community gatherings” in Uptown Minneapolis — learned how she was described in a CRG report, she had this response:

While she admits that she ‘laughed out loud’ when she saw the photo and the description of herself as a ‘leader’ from CRG’s report, Kaylor is still worried by the whole affair: ‘It’s irrational to not be worried about what their ability to gather intelligence and so easily share it with MPD means.’

— Tate Ryan-Mosley and Sam Richards, MIT Technology Review

Every other week, we collect OSINT news from around the world. We continue to keep a close watch on Russia's war in Ukraine. We’re also gathering information on cyberthreats, federal intelligence strategies and much more. Find us on Twitter and share the OSINT news you’re keeping up with.

To keep up to date on the latest OSINT and cyber security news, visit authentic8.com/blog.

OSINT news