Experience the ultimate flexibility with the Isolation API, allowing you to securely Quisque pellentesque id ultrices lacus ornare elit vitae ullamcorper. Learn More

OSINT OPSEC is critical for any type of investigator to protect their mission, organization and themselves from cyber adversaries.

 

Accessing and leveraging publicly available (open source) information online is critical to a wide range of investigators, from government intelligence agencies to academic researchers and journalists. Regardless of their mission, they face risks and threats when conducting open source research. If you are looking for someone or something that doesn’t want to be found, your technology or behavior could compromise your investigation.

To protect yourself, your organization and your investigation, open source investigators must practice good operational security.

OSINT OPSEC Standards Earning Attention Outside of Government Space

Government investigators and intelligence analysts conduct open source research with well-defined mission requirements and legal authorities as well as technical means to maintain operational security. These guardrails ensure the information collected can be used effectively and protects both the researcher and their organization. On the other hand, the ad-hoc nature of open source research outside of the government context can leave organizations or individual investigators at risk. Understanding the need for operational security is one step, the next is implementing a security plan and utilizing the proper tools.

As the amount of publicly available information grows and its utility increases, organizations of all types are recognizing the need to formalize their open-source collection strategy in a similar manner. Adhering to formal principles improves the odds of a successful open-source investigation, from ensuring evidence is properly collected to providing guidance on security and tradecraft.

New Human Rights OSINT Investigations Guide Has Value for Other Practices

A new guide on open source investigations for human rights violations is an excellent example of the value formal standards and methodologies can have for investigators. “The Berkeley Protocol on Digital Open Source Investigations” was developed for international criminal and human rights investigations by the Human Rights Center at the UC Berkeley School of Law and the Office of the United Nations High Commissioner on Human Rights. The Berkeley Protocol is a “A Practical Guide on the Effective Use of Digital Open Source Information in Investigating Violations of International Criminal, Human Rights and Humanitarian Law.”

While the guide is geared towards international criminal investigators, its applications go beyond this unique user group. Organizations such as NGOs, academic institutions and journalists can utilize the Berkeley Protocol to inform their open source collection policies.

OSINT OPSEC Considerations

One of the most important and widely applicable sections of the extensive guide focuses on security. An aspect of open source investigations that can be overlooked, especially when the investigator lacks a formal framework to reference, the Berkley Protocol provides practical guidance on how investigators can protect themselves and their organizations when online. At a high level, these same principles apply to any open source investigation effort.

Here is a selection of the Berkeley Protocol’s security considerations:

  • Managing attribution: The investigator should avoid revealing identifiable elements about themselves, their organization, their sources and their intent. Investigators should also be cognizant of the distinction between anonymity/non-attribution and misrepresenting themselves online to gather information.
  • Expect observation: Open source investigators should assume they’re being monitored and conduct activities in a manner consistent with their online persona to avoid revealing identifying elements.
  • Secure environments: Investigators should utilize technical systems or environments that limit exposure to cyberthreats when conducting online activities
  • Separate personal/professional activities: Investigators should use distinct hardware/software to avoid cross-contamination of personal information and the anonymous investigative persona.
  • Browser security: The browser is one of the most common tools for online investigations but is often overlooked as a vulnerability. Tracking methods such as cookies, beacons and analytics can, unbeknownst to the investigator, reveal identifying elements or location data. Browsers are also vulnerable to cyberthreats such as malware.

The more than 100-page guide is an excellent resource for experienced open source investigators and organizations with a nascent open-source research team looking to craft their own framework.

Learn more: What is Managed Attribution, and How Does It Improve Online Investigation?

Building OSINT OPSEC in Your Organization

Regardless of your mission set, from uncovering evidence of crimes against humanity to conducting analysis of competitive businesses, open-source research must be a thoughtful exercise. Investigators need to have a plan, the proper tools and an understanding of their digital operating environment to blend in and stay safe. Conducting a risk assessment as well as anticipating adversarial threats and observers are all a part of the operational security posture. Good operational security is both the tools you use and how you use them. Investing in these resources upfront will buy down risk and support the continued success of your investigative efforts.

Learn more: What VPNs and Incognito Mode Still Give Away in Your Online Identity

For organizations looking to use a purpose-built solution, Authentic8’s Silo for Research is an analyst research platform that empowers your teams to investigate all corners of the web securely and anonymously. The platform provides an integrated suite of workflow productivity tools and enhanced OSINT tradecraft functionality, ensuring 100-percent isolation from toxic content. With Silo for Research, your organization eliminates the expense and risk of cobbled-together collection tools and local browsers that will betray you.

To learn more about Silo for Research, request a demo.

About the Author

Abel Vandegrift
Abel Vandegrift
Washington, D.C.

As Director of Government Strategy at Authentic8, Abel advises the federal business team on policy development and budget trends to identify growth opportunities and shape customer engagement.

Related Resources

Guide
Guide

Surface and dark web research: tips and techniques

How to access and analyze suspicious or malicious content without exposing your resources or identity

Flash Report
Flash Report

Managing attribution in online financial crime investigations

Learn how to maintain anonymity while investigating financial crime online to protect researchers, their organizations and the quality of investigations

Solution Brief
Solution Brief

OSINT Academy: Product and Tradecraft Training

Available exclusively to Silo for Research customers, OSINT Academy product and tradecraft training provides online courses for open-source intelligence professionals

Close
Close