Application of OSINT: Individual and Facility Protection
Our world is fueled by vast amounts of unstructured data, growing exponentially every day. From the ever-growing pool of social media content online, to news articles, publications, books, and press releases, to blogs just like this one. In the past year alone, the data landscape has grown by over 23% (source). As the volume of data grows, so too does the challenge for intelligence professionals as the question becomes: “How do we manage this data? How do we organise it? How do we gain meaningful insights from it? And how do we take action from it?”
Open-Source Intelligence (OSINT) plays a crucial role in solving this challenge by enabling the collection and analysis of information from publicly available and overt sources, transforming it into actionable insights that drive meaningful action. Let’s explore this topic in further detail.
What is OSINT?
OSINT refers to information collected from a variety of publicly available sources. This information is then processed into actionable intelligence.
Is OSINT a new thing?
Not at all! Though OSINT has grown exponentially since the dawn of the internet, intelligence specialists have been leveraging OSINT for many years now. Analysts would pour over newspapers, books and other forms of media to gather information to inform decision making. One example even goes back to the 19th century during the American Civil War, where both Confederate and U.S armies would use newspapers from the opposing side to learn about troop movements and other developments that could be used effectively.
Where can open-source information be collected from?
Open-source intelligence can be collected from any source that is publicly and legally available. While this includes printed and published media from a variety of sources, today, most open-source information is available on the internet. Generally, this is in the form of social media, but also includes information on forums, news, and other sources. If you aren’t blocked from accessing it in any way, shape, or form, it’s open source.
Is OSINT legal?
Yes! Since the information is publicly available, there are no legal complications in transforming that information into actionable intelligence.
Who uses OSINT?
Many people, companies, and governments use OSINT for any variety of reasons. Some use it for marketing and targeted advertising, while others leverage it for legal investigations. It’s a great way to ascertain public sentiment both specifically and generally, so it is no surprise that many private companies utilise it before, during and after campaigns to help effectively sell their product or service. Governments also use OSINT, though the reasons vary on a case-by-case basis, some general use cases include gaining awareness of public trends, collecting evidence during police investigations, and many other applications with the objective of maintaining public safety.
What are the advantages of using OSINT?
OSINT is a powerful and accessible tool. It leverages the vast quantity of publicly available information to make informed decisions, whilst respecting privacy and maintaining regulatory compliance. OSINT doesn’t need to be complex either, for example, comparing the prices of groceries online between shops to decide where your next shopping trip will be is an example of OSINT in action at a basic level.
What separates OSINT from other forms of intelligence?
There are plenty of forms of intelligence, including Financial Intelligence (FININT), Electronics Intelligence (ELINT), and even Human Intelligence (HUMINT). However, what separates OSINT from these is that all information gathered is publicly available, which broadens its applicability without extensive legal constraints.
How does OSINT tie into the broader intelligence cycle?
The flexibility of OSINT makes it relevant at all levels within an intelligence cycle. This can include at the initial stages where an issue is first identified, during a campaign where responses to efforts can be measured, and after a project concludes where comparisons can be drawn to measure success.
Are there any drawbacks when using OSINT?
Like with any intelligence tool, OSINT is not a silver bullet solution, an comes with its own short fallings. One primary drawback is that the open-source information which OSINT relies on is enormous, particularly in relation to the internet. The source is constantly expanding and growing, far quicker than even the best team of analysts would be able to keep up with. To put this into perspective, 183 billion emails alone are sent daily.2 Hence, finding the information, keeping it relevant, and ensuring it is up to date is a continuous challenge.
Why utilise OSINT for the protection of individuals and facilities?
Put simply- OSINT allows you to cast a wide net over a subject of interest, particularly if there are ties to internet profiles or pages, enabling enhanced threat detection compared to using other techniques in isolation.
What can OSINT tell us about an individual or a facility?
In short, OSINT assists in identifying anomalies or abnormal circumstances surrounding a topic of interest. For instance, if OSINT was used to protect a stadium, we would listen to all relevant discussions across social media. This allows us to ascertain the general sentiment related to the stadium, which in turn helps us identify any discourse shifts which may be indicative of threatening behaviour and better tailor a response.
How are threats identified in this context?
Threats can be identified either directly or indirectly. For example, if someone posted online that they were going to trash the stadium toilets after their team lost, this can be detected through listening techniques utilised during open-source information collection. Alternatively, if we notice an increase in aggressive messages on the stadium’s Facebook page, which is slightly more indirect, this can also be detected and reacted to accordingly.
Is OSINT a reliable tool?
Yes, OSINT is a reliable tool. Though open-source information is subject to anomalies and irregularities like any other intelligence collection method, it is an ever-relevant and powerful tool which is relied on across the world, particularly when used in conjunction with other methods.
How can OSINT best be applied to help protect people and places?
In this consultant’s humble opinion, OSINT is best applied to protect people and places when data collection is postured in an ‘always-on’ configuration. This means that data is drawn in around the clock, contributing to a comprehensive situational picture that can be unpacked and scrutinised to extract insights. There are specialised tools which enable this and save a lot of time during the threat detection phase.