Stay up to date with the latest OSINT news from around the world
Interest in open-source intelligence (OSINT) continues to grow on social media, and so too does the number of keyboard-armed sleuths examining publicly available information (PAI). In light of Russia’s invasion of Ukraine, scores of amateur sleuths have taken to Twitter to try to verify information in their free time. Some welcome the increased assistance in sifting through the troves of information flying around all corners of the web; others question the motives and diligence of unnamed amateur analysts and their ability to be emulated for nefarious purposes.
Cybercrimes are also on the rise, according to the FBI. While the number of crimes only saw a moderate increase, the cost of these crimes was astronomical when compared to numbers from 2021. As companies try to be more diligent, cybercriminals are becoming more creative.
Lastly, Just Security takes a look at the White House’s strategy to release declassified information in the lead-up to Russia’s attack. How can OSINT help verify official claims when sources and methods must be protected?
Since Russia invaded Ukraine, the work of hobbyist internet researchers has helped in the verification of videos on social media, the tracking of military movements and creating verified timelines of Russian actions that could help with accountability in the future. By verifying social media posts, OSINT researchers could affect the way potential war crimes are prosecuted.
The Orthodox Church in the background looks like the same one as this one photographed in the background of @EmilioMorenatti's photograph of Ukrainian soldiers assisting in the evacuation. pic.twitter.com/h3wOivToNX— Kyle Glen (@KyleJGlen) March 6, 2022
It’s not the first time. The Arab Spring in 2011 or the invasion (and subsequent annexing) of the Crimean Peninsula in 2014 led to a number of hobbyist researchers taking to social media to analyze posts. But Russia’s most recent invasion has brought more amateur sleuths than ever to the forefront of social media intelligence gathering. Geolocation continues to be a big focus for amateur researchers — by scanning videos for landmarks or other context clues, individuals can quickly verify or debunk videos or images. The founder of Bellingcat said he relied on the community to help aid in their reporting due to the sheer amount of information coming out of Ukraine. Amateur researchers should be wary of spreading misinformation or unintentionally exposing Ukrainian positions to Russian observers.
“Mykhailo Fedorov, Ukraine’s minister of digital transformation, said in an interview with The Washington Post that the community’s work is crucial for his country — so much so that a Ukrainian government app, called Diia, now allows citizens to field geotagged pictures and videos of Russian troop movements.”— Pranshu Verma, The Washington Post
The real-time, never-ending Twitter scroll style of ingesting war news has changed the way individuals interact with data coming out of areas of conflict. OSINT has been instrumental in debunking or verifying information nearly as fast as it’s being posted. While hobbyist sleuths try to earnestly help Ukrainians in their efforts to preserve their homeland, some pro-Kremlin accounts are taking note and exploiting how fast OSINT research and dissemination is taking place and doing their best to replicate it with propaganda information.
Certain accounts are continuing to parrot the idea of “liberating Ukraine from neo-Nazis,” a common Kremlin line for justifying the invasion. One such Twitter account, @ASBMilitary, has already been banned. While Twitter has not given an official reason, false claims about American bioweapons and disputed photos of Russian successes can be found on an archived version of the profile.
“As we’ve become more likely to learn of Russian military losses through a 42,000 subscriber Telegram group organised by the Ukrainian government than the nightly news bulletin, and more likely to get our war analysis from niche experts pontificating in overlong Twitter threads than from TV news channels, bad actors have recognized the opportunity to co-opt the tone and format of OSINT investigations while pushing their own agenda.”— Chris Stokel-Walker, The New Statesman
In February, the Biden administration engaged in what was being characterized as a new initiative — releasing declassified information about Putin’s disinformation tactics being created to justify the invasion of Ukraine. Whether or not the strategy is entirely new is debatable, but the decision to declassify and share critical information is a shift from past policies on disclosure. However, due to the nature of how the information was collected in the first place, the administration could not identify sources and methods to back up their claims. Open-source information can play a key role in verifying or corroborating claims to build public trust.
OSINT’s splash in social media and the news lately has led to outlets like The New York Times establishing an open-source department of their own. The Economist also referred to Bellingcat’s own published analysis of Russian disinformation as the “coming out party for OSINT.” With the availability of PAI and the opportunity for valuable OSINT contributions, the atmosphere for unsupported federal intelligence disclosures is both welcomed and met with skepticism.
“OSINT researchers, quite naturally, are themselves not free of their own biases, blind spots or agendas. Such issues can only be addressed by strict adherence to the principle of open verification, by forming networks of knowledge production that serve as mutual checks for each factual claim to be made public.”— Henning Lahmann, Just Security
The FBI released its report on cybercrime for 2021. While the Internet Crime Complaint Center (IC3) of the FBI only received 7% more complaints, the losses were $6.9 billion — a 64% increase according to Cyberscoop. Losses came from the private and public sectors and were called “unprecedented” by the FBI’s deputy director.
One of the most costly crimes was business email compromise, where attackers pose as an internal employee to commence fraudulent money transfers. That crime alone accounted for $2.4 billion in losses, the IC3 reports. The total number of losses may also be a low estimate as the FBI only gathers what was self-reported to them. Cryptocurrency has also become more common as the currency of choice for attackers.
“Cryptocurrency played a greater role in estimated 2021 cybercrime losses, the IC3 said, totaling $1.6 billion compared to $246 million in 2020 despite a lower number of victims from year-to-year.”— Tim Starks, CyberScoop
Every other week, we collect OSINT news from around the world. We continue to keep a close watch on Russia's war in Ukraine, especially on Twitter. We’re also gathering information on cyberthreats, federal intelligence strategies and much more. Find us on Twitter and share the OSINT news you’re keeping up with.
To keep up to date on the latest OSINT and cybersecurity news, visit the Authentic8 blog.