March 17, 2022
How Government Agencies Utilize OSINT
Steve Adams
Product Marketing Manager
Intelligence-led government operations utilize reliable, relevant, timely, and actionable intelligence from the internet. OSINT enables government agencies to collect and analyze information from the internet relating to their criminal investigations, infrastructure and action planning, and tackling misinformation.
OSINT enables government agencies to piece together information from a wide range of sources, building a detailed picture of organized crime, pandemics, cyberattacks, and the spread of misinformation.
Counter-Terrorism
The internet enables terror groups of all sizes, both domestic and international, to engage, raise funds, and plot attacks. Extremists communicate and collaborate in online spaces, working together further their goals. Terror and extremism threats can come from international groups, like ISIS and Al-Qaeda, or domestic movements like the Irish Republican Army.
Terror groups use internet sites, including forums and social media, to recruit and disseminate propaganda. Mainstream social media sites prohibit the sharing of propaganda videos and training guides, however, terror groups utilize these sites to bring an audience to less regulated social media sites. Right-wing social media platforms like Gab, Gettr, and Truth Social, permit more explicit communications and content, providing a platform for extremist groups to communicate and spread hate.
During the 2021 Capitol Hill insurrection, the internet was utilized by some of the individuals involved for planning and mobilization. Similarly, many of the insurrectionists were later identified by members of the public and investigators through the images and videos they shared online.
Identifying and disrupting the internet-based activity of terror groups is vital to national security for every nation, any of whom could be a target for terror-related activity. OSINT plays a vital role in identifying and understanding the actions of extremist groups. Analysts working on behalf of government agencies investigate the activity of terror group members and extremists to better understand the activities these groups engage in and the risk they present. This activity enables government agencies to predict and plan for terror attacks and pursue and prosecute threat individuals located within the country.
Cyber Security
Hackers breach and steal the personal data of a nation’s citizens from both government and private sector sources. Cyber attackers also target infrastructure, like power stations and emergency services, with the intent to disrupt life and cause significant damage to a nation. Cyber-attacks can come from lone-wolf hackers or hackers backed by organized crime groups and foreign nation-state governments.
Hackers present a persistent financial and political threat to a government and its nation from data breaches, cyber espionage, DDoS network attacks and take-downs, botnet network infection, phishing, and ransomware attacks. Cyber-attacks can be financially lucrative for hackers or can enable nation-states to influence or disadvantage citizens of foreign nations.
Government agencies use automated OSINT tools, alongside other cybersecurity tools, to detect and prevent cyberattacks. Analysts utilize these tools to monitor surface web and dark web paste sites, discussion forums, and digital marketplaces to uncover any discussion of breached data and planned cyberattacks.
Organized Crime
Government agencies, like the UK’s National Crime Agency and the U.S.’s FBI, investigate large-scale organized crime that is beyond the scope of the police, such as national and international scale criminality.
Government agencies are involved in investigations into the international trafficking of humans and arms, large-scale fraud and money laundering, and illicit and suspicious financial activities concerning blockchain and cryptocurrency.
Government analysts identify and monitor large-scale organized crime, which they target for disruption and prevention activity. Government analysts and investigators also investigate organized crime group members and international criminals, sometimes working collaboratively with other nation’s government agencies to secure prosecutions.
Disinformation and Misinformation
Disinformation is false information engineered to intentionally deceive, whilst misinformation is false information that is distributed without malicious intent. Misinformation and disinformation can be utilized by organizations and foreign nation-states to sway public opinion in any direction. Misinformation and disinformation have been used to influence public opinion on matters like the activities and views of political parties during elections, withdrawal from political and economic unions, and crisis response to pandemics and war.
The citizens of a nation can be easily targeted through online propaganda and influence campaigns through social media platforms and news sites, which can compromise a nation’s democratic processes and result in security risks, like riots.
Misinformation and disinformation can include; the impersonation of public officials’ social media accounts, spreading false or misleading information about a government, and manipulating or constructing media that does not represent reality.
Government agencies track the flow of publicly-available information on social media, forums, and news sites, to identify and track false information. False information campaigns present serious national security concerns and when left unchecked, misinformation and disinformation can influence public opinion to an extreme extent, resulting in violent threats like domestic terror attacks and riots. Government analysts utilize OSINT techniques and platforms to identify and mitigate misinformation and disinformation as much as possible.
Natural Disasters and Global Health Crises
Government agencies can utilize publicly available data to prepare for and tackle global and local disasters and public health crises. Governments agencies are required to make informed decisions in a timely manner when a crisis occurs.
Global health crises, like the Covid-19 virus, require the large-scale analysis of global health data to monitor the global impact of a virus. Government intelligence teams assess the impact of epidemics in the country of origin and track the spread of a virus around the world. This analysis informs government decision-making with regards to the severity of the virus, what resources are required, how other nations’ governments have responded to the crisis, and how they have disseminated information to medical personnel and the public.
In the immediate aftermath of a natural disaster, social media is commonly one of the earliest sources of information. Social media users often share public posts on platforms like Twitter and Instagram that detail or capture images taken at the scene of an incident. Monitoring these platforms with OSINT tools enables government agencies to quickly detect and respond to major incidents.
Government intelligence teams utilize OSINT tools that efficiently collect, collate, and analyze intelligence in bulk in relation to an urgent or ongoing crisis, providing insights into hotspot locations, public opinion, and foreign nation’s government data.
Transport and Infrastructure Planning and Security
Using OSINT tools, government agencies can better understand their citizen’s views on policy and life in their nation. Critical infrastructure like airports, railways, motorways, and walkways are vital to the success of a country and the movement of its people. The development of infrastructure using public data ensures that it meets the needs of citizens and when built, is protected appropriately to minimize potential impact.
Public data from the internet, social media, the dark web, and mobile applications, can be utilized by government agencies to generate intelligence for informed transport and infrastructure planning and security.
Utilizing application location data, like user data from fitness tracking apps, government analysts can aggregate and contextualize the movement of people within towns and cities. Knowledge of the flow of movement of people enables urban planners to understand the need for new infrastructure and where investments would be most beneficial. Location data for fitness apps, like Strava, and traffic apps, like Waze, can identify which routes people use, where traffic occurs, and the location of high-risk corridors for accidents, all of which inform the development of safe and efficient infrastructure. Location data also supports data-driven justification for investments in the development of new infrastructure.
Security intelligence analysts can utilize intelligence tools to monitor social media and review geotagged posts. Social media analysis can assist in the identification of location-based threats and incidents near transportation hubs, identify the discussion of tactics used to bypass security systems, and identify threats directly targeted at the government agencies.
Skopenow works with government departments and agencies by automating their digital investigations into extremists, organized crime groups, and fraudsters. Skopenow instantly and anonymously collects, analyzes, and archives social media accounts and posts, discovers alias’, and identifies flag behaviors and hidden links between multiple parties. Skopenow also produces automated court-ready reports, collating images, text, videos, and metadata. For more information, please e-mail us at sales@skopenow.com.