Stay up to date with the latest OSINT news around the world.
This week in open-source intelligence (OSINT) news: new crackdowns on free speech in Russia, iSOON data leaks reveal insights into the Chinese intelligence capabilities, and what the Pentagon can learn from targeted ads.
This is the OSINT news of the week:
Kremlin’s ban on the VPN
The Russian government continues to tighten its grip on open communication by forbidding companies to offer or advertise virtual private networks (VPNs) not approved by the government. The new ban is intended to stop people from using a VPN to get around Russian internet monitoring and censorship. It follows closely on the heels of other Russian crackdowns, like the blocking of Facebook and Instagram, and criminalizing open dissent of government policies and “disrespect” of government officials.
Defense One reports that the Russian government is willing to go the distance to further quell the free flow of information and news. The Kremlin has been experimenting with a nationwide intranet system that would allow it to disconnect from the global World Wide Web entirely – but so far, these efforts have resulted in unreliable outcomes. But all hope is not lost. The Russians continue to turn to media networks like Telegram to get access to uncensored intelligence and news about technology developments that could help them circumvent the government’s bans. And for online researchers, journalists, policymakers, and anyone else who needs unrestricted access to information, tools like Silo for Research can offer a safe, reliable and anonymous platform to safely browse sources in any region without the use of a VPN.
“There are market solutions still available to the Russians. The [Times] article hints that tech progress will be faster than the Russian government's ability to react to VPN developments.”
Sam Bendett, Adjunct Senior Fellow at the Center for a New American Security
Lessons from the iSOON leaks
The OSINT world is once again talking about a massive data leak. Internal information from iSOON, a contractor for the Chinese Ministry of Public Security (MPS) that specializes in network penetration research, recently had its data leaked to GitHub. The significance of this breach is being compared to the NTC Vulkan leak that affected Russian military intelligence or the Snowden incident, which impacted the U.S. National Security Agency (NSA).
Based on the level of detail, leaked chat logs, amount of data, and corroboration from indicators of compromise (IOCs), there is a high level of confidence the data in the leak is legitimate and accurate. @BushidoToken Threat Intel blog highlights some preliminary findings within the leak, which reveal that it contains unprecedented insights into how the Chinese MPS operates by using Chinese commercial surveillance vendors and what their technical capabilities are.
“The iSOON leak is one of the most significant cyber threat updates related to China in recent years. The tools offered by iSOON and campaigns run by their operators highlight how both the Chinese MPS and Chinese Ministry of State Security (MSS) outsource their intelligence gathering to commercial surveillance vendors.”
@BushidoToken Threat Intel blog
The man who taught the Pentagon how to use targeted ads for military intelligence
Back in 2019, a government contractor and technologist named Mike Yeagley made it his mission to introduce the Pentagon to the world of geospatial intelligence (GEOINT) and demonstrate how adopting the techniques of data brokers and targeted advertising can bolster the agency’s intelligence-gathering capabilities. Author Byron Tau tells a story about how Yeagley had spent years working as a technology “scout”—looking for emerging capabilities or data sets that existed in the private sector and helping to bring them into government. Yeagley was able to effectively show the Pentagon officials how advertisers use location data gathered and shared by everyday phone apps to shape and deploy their ads.
Geolocation is the single most valuable piece of commercial data to come off mobile devices. Understanding the movement of phones is now a multibillion-dollar industry. But this kind of data also has remarkable surveillance potential – because what individuals do with their devices cannot truly be anonymized when examined in the context of other factors and data points. Leveraging GEOINT principles with advanced analytical tools, the Pentagon was able to refine its ability to identify and monitor targets and even found a way to keep tabs on the location of the leaders of US adversaries.
“After acquiring a data set on Russia, the team realized they could track phones in the Russian president Vladimir Putin’s entourage. The phones moved everywhere that Putin did.”
Byron Tau, Washington, D.C.-based reporter and author of the book Means of Control: How the Hidden Alliance of Tech and Government Is Creating a New American Surveillance State
Ideas for using AI in OSINT
While AI and Large Language Models (LLMs) offer a lot of promise for OSINT investigators, they also can pose a significant risk to information integrity. Digital Investigations offers a detailed look at some new AI tools and techniques to help OSINT analysts accomplish their tasks, including geolocation, facial recognition, detection of AI-generated material, pattern recognition, transcription, and more. This review summarizes the benefits (and limitations!) of AL/ML tools that help with photo/video analysis, advanced searches, and object and pattern recognition in maps, images, or within large databases.
Using AI for document and data analysis is not new. Journalists and investigators have been relying on machine learning to examine datasets for several years now, but the latest advancements and availability of AI technology are making it significantly easier to gather relevant information and generate useful insights from the vast amounts of data. AI is also making great strides in helping analysts translate and summarize material in foreign languages, allowing OSINT researchers to expand the scope and reach of their online investigations.
“This investigation can serve as an example of how AI can be leveraged for reporting: a @picterra tool was programmed to analyze @planet satellite imagery to search for bomb craters (1.6K were found). The team then manually reviewed each one to weed out false positives.”
Christiaan Triebert, the New York Times
FTC rules that web browsing data is a sensitive matter
The FTC, following recent enforcement actions against companies Avast, X-Mode, and InMarket, officially announced that web browsing data is indeed a highly sensitive matter. The news is said to be a breakthrough in terms of the large number of companies that have been collecting customers’ geolocation and browsing data for years, without obtaining any type of consent. But those practices may change, as the FTC detailed how personal information, even when stripped of details like social security numbers and names, still poses a serious threat to consumer privacy.
The tech companies are likely going to need to rethink how they are going to use customer data going forward, what options are available to them to continue to sell data to advertisers, and when and how they will need to obtain consent from their users. It remains to be seen how the recent rulings and the FTC’s announcement will affect future data collection and advertising practices, but it appears that the current decision by the FTC is met with enthusiasm by consumer privacy advocates.
“The chairman of the FTC just made the effort to tell the world that such online practices of collecting users’ sensitive data are not allowed for obvious reasons.”
Dr. Hura Anwar, Content Writer
Every other week, we collect OSINT news from around the world. We’re also gathering information on cyberthreats, federal intelligence strategies and much more. Follow us on X (Twitter) and share the OSINT news you’re keeping up with.
To keep up to date on the latest OSINT and cybersecurity news, join our newsletter below.
Tags OSINT news
