Stay up-to-date with the latest OSINT news from around the world

staged photos and intercepted comms

There is no shortage of open-source news this week, from both the domestic and international intelligence communities. On the Ukrainian front, despite having high-tech military equipment at its disposal, the intelligence community (IC) has been baffled by Russia’s use of unencrypted off-the-shelf radios and compromised cell phones in its war efforts. The use has led to interceptions by the Ukrainian military, and its subsequent reposting of it on social media for open-source intelligence (OSINT) analysts to then use.

Domestically, a new report on the development of open-source “threat products” in advance of the Jan. 6 Capitol Riots. In addition, the military is repositioning its use of OSINT to become more integrated with traditional intelligence sources.

Intercepting Russia’s military Communications

Ukraine is intercepting Russian communications and then reposting the recorded audio on platforms like Telegram. There have been several ways that Ukrainians have managed to intercept calls. One is by having Ukrainian citizens report if their cell phones were confiscated by Russian troops. They then tap into those phones and create listening devices. Since Ukraine has cut off Russian cell phones from their network, stolen phones from citizens have been increasingly used by soldiers.

Russians have also been using unencrypted radio communications and other basic methods, despite having more secure radio systems. While the Ukrainian government has released some of the intercepted calls publiclyon social media, they are strategically holding back what may become useful in battles ahead.

“Inexplicably, the analysts say, Russia has used basic, off-the-shelf, unencrypted radio communications in many cases that made it relatively easy for the Ukrainians and others to listen in.”

— Greg Myre, NPR

Staged photos

Ukraine’s strategic use of Turkish-made TB-2 armed drones to engage Russian troops and strike critical infrastructure just across theRussian borders. Beyond causing damage on the battlefield, the drones are undoubtedly a nuisance to Russia's information war strategy and so have become the focus of some propaganda efforts. While the Russians have managed to down some of the drones, intelligence agencies have also identified what were found to be staged photos, using old photos of old TB-2 wreckage to make it appear like a newly destroyed drone.

Identifying information from the drone helped OSINT experts debunk the photo and recognize the wreckage from a previously downed drone in late March. Experts agree many of the slow-flying drones have been downed by Russian troops, at least six that analysts know and agree about. However, the fraudulent photos hint at a desperation to inflate those numbers in an information war.

“A clumsy effort to inflate the tally of UAV-kills does nothing to alter the reality—that the Ukrainian armed forces have lots of drones, and are using them to devastating effect against their Russian foes.”

— David Axe, Forbes

Open-source data prior to Jan. 6

A newly released report from the Government Accountability Office (GAO) reviewed the use of open-source intelligence reports by 10 federal agencies regarding the attack on the Capitol on January 6, 2021. The report highlights how open-source data, including many social media posts, helped inform government agencies on the potential for violence on January 6 and develop “threat products,” which are a range of reports and assessments pertaining to specific threats. The FBI and Department of Homeland Security (DHS), among others, were aware of planned events and the potential for violence on that day, according to those threat products.

The agencies made threat assessments for that day, 38 of which were election-related and 26 were specifically surrounding events planned for Jan. 6. In those assessments, social media played a key role in helping identify the potential threats and domestic terrorism plots. 

““Law enforcement agencies may use posts on social media platforms and other open source information to identify potential criminal activity, to develop ‘threat products,’ and to conduct criminal investigations,” wrote GAO.”

— Jordan Smith, MeriTalk

The merging of military intelligence and OSINT

Part of a new focus of the army is integrating its traditional use of military intelligence sources with OSINT. The military has a long-standing foundation of collecting and disseminating military intelligence. Now, it is looking to support their efforts with information from all sources, including open-source intelligence, which has grown in its recognition as an important discipline in recent years.

The military has begun to better use commercial threat intelligence in addition to traditional classified sources. Blending these sources with publicly available information gives the military a more complete intelligence picture to support their mission and defend their network. Commercial and open-source data can help tip and cue military assets to focus their operations.

“The concept has five main pillars: enable decision-making, protect friendly information, inform and educate domestic audiences, inform and influence international audiences, and conduct information warfare.”

— Mark Pomerleau, FedScoop

Every other week, we collect OSINT news from around the world. We continue to keep a close watch on Russia's war in Ukraine, especially on Twitter. We’re also gathering information on cyber threats, federal intelligence strategies and much more. Find us on Twitter and share the OSINT news you’re keeping up with.

To keep up to date on the latest OSINT and cyber security news, visit the Authentic8 blog.

TAGS OSINT

About the Author

Abel Vandegrift
Abel Vandegrift
Washington, D.C.

As Director of Government Strategy at Authentic8, Abel advises the federal business team on policy development and budget trends to identify growth opportunities and shape customer engagement.

Related Resources

Data Sheet
Data Sheet

Silo for Research

Silo for Research (Toolbox) is a secure and anonymous web browsing solution that enables users to conduct research across the open, deep and dark web.

Guide
Guide

The online investigators’ definitive guide to the dark web

Everything you need to know about the dark web and how to conduct secure, anonymous and efficient research

White Paper
White Paper

Why online investigators need managed attribution

Without the ability to control details of your digital fingerprint, investigative targets could uncover your identity and intent — and spoil your investigation or put you at personal risk.

Close
Close