Exploring Open Source Intelligence (OSINT)

Oct 15, 2024

Lecture Notes: Open Source Intelligence (OSINT) by Veli Pekka Kivimäki

Introduction

  • Speaker: Veli Pekka Kivimäki, aka VP
    • Analyst at Finnish Security Intelligence Service
    • Lectures at Johns Hopkins and UFSCOLA on OSINT
    • Formerly with Bellingcat investigation team
  • Topic: Open Source Intelligence (OSINT)
    • Adversarial use of open sources
    • Future technologies in OSINT
    • AI in OSINT

What is OSINT?

  • Definition: Intelligence from publicly available information
    • Not restricted to free information; includes purchasable commercial data
  • Process in OSINT:
    • Not just collection; involves processing, analysis, and production of intelligence
  • Terminology:
    • Different terms: Open Source Investigation vs. Intelligence
    • "Intelligence" is a loaded term with governmental connotations

Intelligence Process

  • Stages:
    • Collection of raw data
    • Processing to transform and analyze data
    • Analysis to produce actionable intelligence
    • Creation of finished intelligence products (reports, briefs)
  • Historical Context:
    • Began with printed materials, radio, TV in WWII
    • Cold War: CIA and BBC monitored Soviet media

Evolution of OSINT

  • Internet Impact:
    • Shift from institutional control to individual content creation
    • Broadens the scope of available information
  • Modern Challenges:
    • Fragmentation of internet users across regions
    • Variability in social media platforms and government controls

Current and Future OSINT Capabilities

  • Social Media:
    • Continuous influx of imagery and information
    • Key in recent events (e.g., Russia-Ukraine conflict)
  • Technological Advances:
    • Synthetic aperture radar (SAR), hyperspectral imaging
    • Tracking and geolocation from commercial satellites

Adversarial Use and Risks

  • Targeting Process:
    • Intelligence requirements lead to target selection
    • Systematic assessment and data gathering
  • Potential Vulnerabilities:
    • Social media oversharing, physical location data
    • Organizational structure, supply chains
    • Historical data and online breadcrumbs

Geolocation and Image Analysis

  • Geolocation Techniques:
    • Using minimal details to pinpoint locations
    • Example: Europol's child exploitation investigations
  • Image Vulnerabilities:
    • Reflections, facial recognition, location tagging risks

Data Leaks and Online Behavior

  • Data Breaches:
    • Systems breaches, cultural differences in data sales (e.g., Russia)
    • Consequences of online activities and leaks
  • Workplace Security:
    • Risks from remote work and information oversharing

Space-Based OSINT Tools

  • Commercial Satellite Capabilities:
    • Frequent earth imaging
    • Infrared, RF signal detection, and synthetic aperture radar
  • Reconnaissance Potential:
    • Patterns of life analysis
    • Structural mapping and emission detection

OSINT Security Concerns

  • Operational and Personal Security:
    • Importance of online presence management
    • Building a security-conscious culture

AI and OSINT

  • Application and Limits:
    • AI aids in processing, but human analysts remain crucial
    • Creative context and subtleties analyzed by humans
  • Adversarial AI:
    • Potential for automated social engineering
    • Experimentation needed in deployment

Conclusion

  • Shift in Intelligence Landscape:
    • Private industry leading innovation in technologies
    • Governments collaborating with commercial entities
  • Future of OSINT:
    • Fast evolution and increased privacy threats
    • Need for practical deployment of AI and OSINT solutions
  • End of lecture. Open for questions.