OSINT – a new journalism

These last weeks, we talked a lot about the impact of the digital world on our consumption of information. However, we barely spoked about the way it changes the gathering of information and gave birth to a new type of journalism : OSINT for Open Source INTelligence.

After all this time ? -Always.

In 2007 the last tome of Harry Potter was published. For the first time, a person reads those famous words, far from suspecting that they apply to another emerging word : Internet. Indeed, we post, we blog, we read, we buy, we review… So many traces are forever written in stone in an obscure datacenter, located who knows where, never to be forgotten. When the subject of privacy is evoked, we often hear “I have nothing to hide”. But what exactly are we letting on the internet and how can it be used? In this article I will tell you the story of a few journalists who realised that you don’t need to look for the information on the ground when it is already online.

I really enjoy reading the papers, and when you do, you often fail to realise that there is always a journalist behind the story. It is like a story behind the story, a real story on its own. This story has been told many times and I can’t help but to recommend some of them (Movies : Spotlight, All the president’s men, She said). But for me, the story starts in 2020 when Poutine’s opposant, Navalny, is poisoned. We all suspect it : Poutine is responsible. However, we wonder how Navalny got poisoned. After all, we’re talking about an opposant for a long time, protected, cautious. Russian diplomacy deny, Navanly accuses without proof, the Organisation for the Prohibition of Chemical Weapons confirms the presence of novichok and then thunderclap! On the 14th of december, only four months after the poisoning, the investigation group “Bellingcat” published an investigation report with CNN, Der Spiegel and The Insider, proving that Navalny was followed since 2017 by FSB agents. Even better, they got a confession by an FSB agent of how they poisoned Navalny. Of course this is already quite impressive. But then I checked Bellingcat’s work : they do it all behind a desk in the UK.

From stalker to journalists : Knowing where to look.

“How is this possible?” you might ask. They use OSINT for Open Source INTelligence. OSINT is a method of investigation that only uses what is already public and available on the internet. They use a system of tools and knowledge to assemble, compile and link different intelligences from open source data, leaks and sometimes tricks to produce actual information and see what couldn’t be seen with scattered information. For instance, Bellingcat found a training camp of Daesh using only Google Earth.
In more concrete terms, OSINT journalists use two types of intelligence : easy to access and uneasy to access. Here are some not exhaustive examples :

Easy to access :

Research browsers :

Do you know the “we use only 10% of our brain” myth ? It is a myth. However, we certainly don’t use 100% of our browsers. First, most people don’t use research commands. Indeed, by using certain commands, you can choose on which website you want to search, for what kind of document, containing what exact words… Now picture using every command : you can now search precisely for what you are looking for.
That’s on Google. But other browsers have their advantages. For instance, Yandex allow facial recognition on images search allowing you to find anybody that uploaded their face on the internet using a couples of pictures.

Social medias :

Using bots, trackers or public data from companies, OSINT journalists can retrace events, shift in the public opinion or follow information. Using this kind of tools, journalists exposed russian’s troll farms or fake news creators by retracing information to its source.
Analyzing profiles and activity, OSINT journalists can impersonate people to get information or find their identity. A simple google review can point to your location. Tweeting about a movie the night of the premiere reveals where you were at a certain time, posting a story of the sunset from your window gives your address.

Snooping around :

Sometimes, you just have to look closer or wider : OSINT journalists are trained to link information, people, companies. When they search, they analyze relations between entities and sometimes find that the best hidden place is in front of everybody.

Uneasy to access :

Going to obscure places :

Starting with the obvious : the dark web is a pretty good place to find what people don’t want you to. However it’s not the only obscure place on the internet and OSINT journalists love to keep track of shady forums but also online chats including some popular ones where you can find things you wouldn’t imagine.

Using tools :

Of course, always researching and rummaging around can be tiresome. That is why the OSINT community has developed tools to automate simple tasks. You can find some of those tools here : https://osintframework.com/ (they are optimized for the US). With this you can link usernames to emails, access leak data, find records and more…

Buying information :

Sometimes OSINT journalists have to buy information from hackers but usually from data brokers. As you sure know, a lot of websites and online service providers are into the commerce of data. Whether it’s for ads or recommendations, data is a very lucrative market. On this market you can buy large scale or personal data but also sometimes sensitive data. For instance, in the Navalny investigation, Bellingcat bought phone records and lists of flight passengers with passport numbers.

And they find what they are looking for :

These methods are used to find 4 types of data : personal (social profiles, onlines activities…), organizational (business, structures, relationship…), geospatial (map data, movements…) and cyber (vulnerabilities, threats, cyber activities…). These datas can then be used and linked to produce information : this is OSINT. However, OSINT is not always the safest journalism…