This week’s OSINT news includes a review of the Cybersecurity and Infrastructure Agency’s (CISA) “Shields Up” campaign, focused on protecting critical infrastructure from Russian attacks in light of the conflict in Ukraine. The campaign's success in the last several months will lead it to likely stick around. 

We also review Russia’s use of private military companies (PMC) and what they may reveal about their long-term strategy. Meanwhile a new foundation sets out to formalize the practice of OSINT in the intelligence community (IC).

The U.S. Congress is focusing on how to address China’s evolving role in the opioid crisis and the production of Fentanyl. They seek cooperation to help curb the rise in overdose deaths.

It's the OSINT news of the week:

China’s role in the Fentanyl crisis

A recently released Congressional Research Service (CRS) report addresses China’s role in the illicit Fentanyl trade. The drug itself has been medically significant since its inception in 1959 as a painkiller and anesthetic. In recent years, the growing production and use in the illicit drug trade has led to a sharp increase in opioid overdoses and fatalities. 

China was the primary source for U.S. illicit Fentanyl and its precursors prior to 2019. According to the National Defense Authorization Act of 2020, the People’s Republic of China’s (PRC) production of the drug has “outpaced” the U.S.’s efforts to regulate them. Today, drug cartels based in Mexico  are responsible for the bulk of illicit Fentanyl production using China-sourced materials. The CRS report proposes policies to oversee and enforce PRC pharmaceutical industries to help curve production of the deadly drug.

Some U.S. objectives for cooperation with China on addressing illicit fentanyl supply remain unmet.

— Congressional Research Service

Russia’s private military groups expanding

Since its invasion and subsequent annexation of Crimea in 2014, the private military company (PMC) Wagner Group, has grown considerably both in Russia and in other nations around the world. PMCs like Wagner Group are paramilitary organizations run like private companies, contracting services to the state. The degree of removal allows nations like Russia some plausible deniability to actions they carry out. 

Russia’s use of mercenaries can be traced back to the Balkan-Ottomon conflict and the Spanish Civil War in the 1930s. The PMC operations are also lucrative for the proprietors, many of whom are oligarchs in Putin’s inner circle. The Wagner Group is a currently operating PMC which has played a role in Ukraine and has also executed contracts for resource extraction in Syria. How PMCs continue to be used in Ukraine in its aftermath could serve as a learning tool for the U.S. in understanding Russian strategy.

Russian PMCs are also increasingly involved in conducting “political warfare” activities, ranging from subversive activities to assassination, reminiscent of the kinds of “active measures” that Soviet intelligence services deployed throughout the Cold War.

— Emma Schroder, et al., Atlantic Council

Future wars and civilian protection

The increased urbanization of war has led to rapid displacement and destruction in the case of Ukraine, Syria and Iraq. The rising tensions between large populous countries of the U.S, Russia, China and Taiwan make the potential for devastation nearly unimaginable. The Texas National Security Review notes the trend of defeating enemies through “decisive victory” can have devastating consequences for civilians. In the case of the Islamic State in Iraq and Syria, the urban site of conflict has led to both displacement and high civilian casualties.

The lack of training for partner forces on civilian harm mitigation led to disastrous consequences in the recent conflict in both Mosul and Raqqa. The writers lay out step-by-step strategies for how military operations can reduce and prevent civilian harm. One such item is for large-scale combat operation training to include scenarios with civilians present and to account for a clear understanding of how civilians react to a breakout in fighting.

Being prepared for large-scale combat operations necessitates using tools, policies, practices, munitions, and training that are all contextualized for the urban environment and that sufficiently take into account risk to civilians and civilian objects.

— Sahr Muhammedally, Daniel Mahanty, Texas National Security Review

Formalizing OSINT

Veterans of the intelligence community have launched a foundation to bolster OSINT’s role within the IC and establish community-wide standards for its practice. “There’s still a lot of immaturity in the discipline,” said former Elliot Jardines to Inside the IC. The foundation will focus on training, offering resources for better OSINT adoption and standardizing practices for open-source information gathering.

The foundation will answer questions for national leaders and policymakers about OSINT and its practice. While the board members think there are things to learn from the broader amateur OSINT community, they oppose including those practices, such as reports by Bellingcat, in the official definition of open-source intelligence. The IC has a tendency to rely heavily on classified sources, making the overall adoption of OSINT slow within the community.

While each agency has their own open source training and standards specific to their missions, the idea is that the foundation can help set a baseline for a future open source workforce.

— Justin Doubleday, Federal News Network

The “Shields Up” campaign is here to stay

In February, the Cybersecurity and Infrastructure Agency (CISA) launched a public campaign to warn and advise critical  infrastructure operators about the heightened risk of cyber threats in light of Russia’s Ukraine invasion called “Shields Up.” The potential for destructive exploitation remains high and the training for industry sectors is likely here to stay. The promotion of better security is intended for both cyber-savvy and those that are not.

Some tenets of the program include promoting the utilization of multi-factor authentication (MFA), patching vulnerabilities in a timely manner, disabling unused ports, focusing on unusual network behavior and a free cyber hygiene service including vulnerability scanning. Russian attacks on Ukrainian networks have had some spillover into the U.S., but so far the government and industry’s proactive approach have mitigated major attacks.

“Even if the conflict were to simmer down from its rolling boil, CISA’s longer-term priority to improve critical infrastructure security remains one of the very top tasks for the nation’s risk management agency.”

— MeriTalk

Every other week, we collect OSINT news from around the world. We continue to keep a close watch on Russia's war in Ukraine. We’re also gathering information on cyberthreats, federal intelligence strategies and much more. Find us on Twitter and share the OSINT news you’re keeping up with.

To keep up to date on the latest OSINT and cyber security news, visit

OSINT news