Open-source intelligence: how digital sleuths are making their mark on the Ukraine war

Open-source intelligence: how digital sleuths are making their mark on the Ukraine war

Shutterstock

For months now, a large and very active community of digital sleuths has been closely tracking the escalating crisis in Ukraine. These people have been using open-source intelligence to investigate and document the build-up to – and now execution of – Vladimir Putin’s war of choice.

But what exactly is open-source intelligence? And how is it helping efforts to understand what’s happening on the ground in Ukraine?


Read more:
Ukraine Recap: Putin’s plans explained – at home and abroad

Broadly speaking, open-source intelligence describes the knowledge or insight emerging from focused collection, monitoring and analysis of publicly accessible information, now mostly online, using specialised methods and tools.

At first sight, open-source intelligence seems to be a contradiction in terms. Intelligence is usually associated with secrets and spies, not the insights of online investigators, many of them amateur, who share their findings with anyone who is interested.

Open-source intelligence does have roots in the intelligence context – indeed, these days it holds more value than ever for national intelligence efforts – but it’s no longer tied exclusively to the intelligence community.

Over the past two decades, the term has become common parlance in domains such as academia, journalism and business. Across a range of sectors, information-driven organisations have realised that much of the analytical insight they need can be drawn from open sources that are, for the most part, easily accessible online.

The best example is probably Bellingcat, the collective of investigators and journalists who have had made headlines with a string of high-profile, open-source investigations.

More traditional media outlets have also been successful in integrating open-source intelligence techniques such as geolocation (combining various sources of information to identify a precise geographical location) into their investigative journalism. Examples include the France 24 Observers and the New York Times Visual Investigations team.

What does open-source intelligence involve?

The practice is best viewed as a spectrum of activities. At one end of the spectrum is what I term the “prospector approach”. Here, the analyst or investigator is like a gold prospector, carefully sifting through the informational mud of the internet in search of nuggets of gold – those fragments of information that will advance their understanding of a particular problem or puzzle. This is how many of those investigating aspects of the war in Ukraine are approaching their work.

See also  Moveit hack: attack on BBC and BA offers glimpse into the future of cybercrime

To be successful, an aspiring open-source analyst needs to have a questioning mindset and good attention to detail. They need to become fluent in the various tools and techniques that can help refine searches and cut through irrelevant information (the Bellingcat website has some useful resources). Language skills are a bonus, but much can be done with freely available translation tools.

If they lack subject matter expertise, investigators need to be able to situate themselves in the informational context of the investigation – quickly identifying major and reliable sources of relevant information – and be willing to seek answers from others.

Finally, they need to give due regard to their digital footprint and consider the traces they leave in their pursuit of answers.

These are the basics and anyone can pick them up. There’s no requirement for prior training or qualifications. Bellingcat founder Eliot Higgins is a good example of this. When he started his open-source work, Higgins had no experience as an investigator and no expertise in matters relating to conflict. He’s now regarded one of the world’s leading open-source investigators.

At the other end of the spectrum, the approach is far more technical and relies on sophisticated algorithms and machine learning to gather, filter, connect and manipulate data. This approach to open-source intelligence is less accessible as it requires the skills of computer scientists, statisticians and engineers, as well as analysts and subject matter experts. But it offers a means of gathering and interrogating vast amounts of data at lightning speed – a valuable proposition given the dizzying rate at which the online information environment is expanding.

See also  My thoughts are my password, because my brain reactions are unique

Open-source intelligence and the war

There are at lots of ways open-source intelligence can help us understand how the conflict in Ukraine is playing out. One is its contribution to situational awareness. In the lead-up to the invasion, for example, videos posted to TikTok gave an insight into troop movements and build-up on the borders of Ukraine.

Since the invasion, videos uploaded to Telegram, combined with publicly accessible satellite imagery, have been shedding light on particular attacks and the progress of Russian forces. The monitoring of vehicle license plates grabbed from social media is providing information about the types of military vehicles deployed by the Russians, and their movements. Investigators even managed to intercept and publish unencrypted radio transmission between Russian forces.

Open-source intelligence can also be used to support prosecutions of human rights violations and war crimes. For example, Bellingcat has been seeking to track the use of cluster munitions in the conflict. These weapons, prohibited by many states, stand out because of the pain and suffering they cause. The Bellingcat team have been gathering, verifying and geolocating videos shot on the ground in Ukraine and uploaded to social media.

Another area of open-source intelligence activity involves countering disinformation. Social media has been flooded with false information – claims of hoaxes, the use of crisis actors and a broader narrative of Ukrainian provocations are all part of efforts to sow confusion and distort public perceptions of the conflict. Open-source intelligence researchers have played an important role in debunking false claims and exposing disinformation.


Read more:
Big data brings new power to open-source intelligence

Of course, there are plenty of challenges to navigate. All information must be carefully assessed and verified. What is the source? Is the information accurate? Are there any potential risks of using the data? For example, could using photos posted on an individual’s social media account in published analysis pose a risk to that person if they’re identified as the source of the photos?

See also  K-12 schools need to take cyberattacks more seriously

On a broader level, it’s important to remember that open-source information can be accessed by all sides in any conflict. The desire to protect citizens in this context explains why Google disabled Maps features in Ukraine showing live traffic data and how busy places like shops and restaurants are.

These are just some of the challenges and they shouldn’t be lightly dismissed. On balance, however, the value of open-source intelligence far outweighs any drawbacks. This has been clearly demonstrated during the war in Ukraine so far.

The Conversation

Matthew Moran does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.