What is OSINT & How to Conduct Investigations with Open Source Data
OSINT is simply an abbreviation for “open source intelligence,” which is a type of research methodology. While OSINT has been leveraged by militaries, governments, and police departments for decades, the intelligence community has yet to settle on an official definition and characterization of OSINT once and for all. For practical purposes, OSINT can be generally defined as the collection, evaluation, analysis, and dissemination of publicly available information.
Breaking things down a bit further—intelligence is, in its purest definition, information with a certain value. To generate intelligence, professionals often process information through the intelligence cycle on a specific timetable, which involves direction, collection, collation, evaluation, analysis, and dissemination. That intelligence is of course produced to address a specific intelligence requirement, such as lowering crime rates or disrupting a particular criminal group. OSINT is just one branch of intelligence, amongst others which include HUMINT (human intelligence), MASINT (measurement and signatures intelligence), SIGINT (signals intelligence), and IMINT (imagery intelligence). The “open source” part refers to the fact that the information is freely available and comes from a range of sources, including the internet, books, journals, newspapers, and published government data. Any source that enables any person to access it without the need for any prior approval or clearance can be considered open source. Notably, some practitioners consider OSINT to only mean information that is free, classifying any information that was paid for as outside of the OSINT framework. However, cost itself is not a determining factor if the information is truly open source. During World War II, the Allies poured over German newspapers and listened to radio broadcasts from around the world for any information of value. The fact that the newspapers were not free did not prevent them from being OSINT. While data brokers may require a fee or subscription for access to consolidated information, the information itself remains open source, if there are no other restrictions.
Finally, today, it’s important to keep in mind that OSINT generally refers to information from the internet. The internet has, by and large, become the world’s biggest source of information. Over five billion people, roughly 63% of the world's population, have access to the internet, which contains over 1.2 million terabytes of data. And another 4.7 billion people around the world have social media accounts, showcasing how nearly all internet users are sharing their personal information through social media platforms.
5 Ways to Leverage OSINT
People are connected around the world through the internet and consistently share many aspects of their lives online. Investigators can leverage OSINT to investigate and disrupt crime, find missing persons and criminals, and protect people and the planet. Investigators should start by collecting public information to better understand their subjects and inform their decision-making.
OSINT is generally used for five main purposes, which include:
- People and business investigations - informing an organization’s background knowledge on a person, business, or event.
- Risk assessment - identifying risks associated with an event, a business, or a person. This may involve businesses and persons who are either at risk or who pose a potential risk.
- Situational assessment - determining the current characteristics of an environment and establishing the mindset of the population.
- Environment assessment - assessing terrain, weather, and civil considerations to identify civil disruption or global weather events that could impact operational activity.
- Health assessment - monitoring a global health issue or pandemic to assess the full impact.
Investigators often collect and analyze an array of information during OSINT investigations. Depending upon the type of investigation, different types of information will be relevant. With that in mind, the five main purposes of OSINT are typically executed via two primary avenues:1. People and business information collection - investigators collect PII and business information to inform their understanding of subjects, which can include criminals, witnesses, and VIPs. The internet contains disparate pieces of content, essentially “puzzle pieces” that, when combined, reveal a lot about the person being researched. Analysts combine a range of data to get a clear intelligence picture, including;
- Consented PII/ Consumer Records (Names, Addresses, Phone Numbers, and Email Addresses)
- Social Media (Schools, Employment, Social Networks, Hobbies)
- Digital Marketplaces
- Web Articles
- Vehicle Records & Shop Details
- Dark Web Data Breaches
- Court Records
- Business Directories
- Traffic Cams
- Real-Time and Historic Crime Data
- Webcam Feeds
- Satellite Imagery
- Geotagged Social Media
- News Alerts
- Major Events
- Weather, Fires, and Natural Disasters
OSINT in the Real World
After covering the background and mechanics of OSINT, it’s important to think about it within the context of real-world applications. OSINT is commonly used within a range of sectors, including the military, federal agencies, law enforcement, insurance, private investigations, the legal sector, and in investigative journalism. These sectors all rely on OSINT for different purposes, influenced by the impact that publicly available information can have on their particular line of work.
Drilling down on just a few examples, law enforcement agencies use OSINT to help apprehend offenders and disrupt crime, including but not limited to cybercrime, fraud, violent crimes, and terrorism. Criminal investigators use OSINT to find information on their subjects and detect illegal activity online. Financial intelligence teams use OSINT as a starting point for money laundering and embezzlement cases, to track cryptocurrency addresses during digital currency forensics, and to assist with identity theft cases. Business intelligence teams lean on OSINT to identify target audiences, perform competitive analysis, and for brand protection cases. And finally, cyber security professionals employ OSINT for threat analysis, penetration testing, and ethical hacking.
OSINT Best Practices
When compiling reports containing OSINT, analysts and investigators must work to a high standard. Some best practices to keep in mind include:
- The techniques used and the findings captured must be able to be replicated by another investigator.
- Captured information should be relevant to the investigation, with the appropriate identifiers and time/date stamps for all intelligence in the report.
- Metadata should be captured for all web pages and social media extracts to support digital identification and evidential presentation.
- The validity of information should be considered, ensuring the source is verified and corroborated where possible.
- During the analysis stage of the investigation, the analyst should identify and list their key findings and facts that can be verified as well as intelligence gaps and things that remain unknown.
- A summary should be created and founded on the evidence that has been collected, collated, and analyzed.
Scaling OSINT & What Success Looks Like
OSINT can have tremendous value for organizations in almost any sector. However, gathering information from a vast array of sources on the internet is a time-consuming and challenging process. Investigators utilizing manual techniques are required to stay abreast of changes to online platforms as well as new OSINT techniques and ensuring that each possible source is checked for relevant information. An experienced intelligence analyst or investigator knows all the relevant sources to locate the necessary information to inform their investigations. But in practice, capturing OSINT still remains challenging because of the scale of the various pieces of information available on the internet across multiple sources, resulting in open source information overload and a significant burden to process and convert it into actionable intelligence.
To offset these complexities, many companies and public sector agencies leverage commercial tools like Skopenow. Skopenow enables organizations of all sizes to automate their OSINT investigations, including for collecting, collating, analyzing, and presenting the open source intelligence relevant to their investigations from across the internet. Skopenow instantly builds comprehensive, court-ready, digital reports on businesses and people from data sources including social media, the dark web, court records, vehicle records, and personal contact data. Using a dedicated tool for OSINT, such as Skopenow, ensures that organizations have a standardized approach to investigations that automatically scans the same sources for intelligence in every case, removing any manual bias.
Founded in 2016, Skopenow is the leader in threat intelligence and OSINT investigations. The company's SaaS platform automates the collection, analysis, and presentation of public open-source information on any person, business, or event. Skopenow is used by 1,000+ top enterprise and government agency customers across the United States. To learn more about how you can enhance OSINT within your investigations through Skopenow, request a personalized demo today at www.skopenow.com/try.