This page contains a Flash digital edition of a book.
Fresh buzzwords such as crowd-sourcing, crowd-funding and crowd-targeting aptly encapsulate the key attributes of the digital society, whose organising units are decentralised, its actions widely distributed, and its methodology engineered towards amassing open participation and maximising publicity.


The threats


An inevitable by-product of these changes is the recent appearance of novel and potent threats. A cursory selection of new threat- phenomena observed in the past few years would include: large scale protests, civil disobedience and political revolution organised on social media platforms (e.g. Occupy movement, London riots in 2011, the Arab Spring); defamatory online campaigns targeting major international companies and events (Counter Olympic groups); various cyber-disruptions organised by hacktivist collectives (Distributed Denial of Service attacks, website defacements); sensitive corporate data being leaked and published on public forums; mapping of social networks by criminals to facilitate identity-theft, financial fraud and other types of social engineering; and terrorists conducting open-source reconnaissance on their targets (the Mumbai attackers’ use of Google Earth imagery).


The opportunities


These threats have shown that the traditional calculus of action potential and radius – what actors can achieve, in what timeframe and where – has been overwritten and made out- dated by the ubiquitous access to open-source information and technologies.


Openness, however, is a universal enabler: it can also empower efforts to detect, monitor, warn against, contain and mitigate these forms of threats. This potential can even extend to such secrecy-dominated fields as counter-terrorist investigations: as reported recently, one of the primary leads assisting US authorities in capturing a perpetrator involved in the 11 September 2012 assault on the American consulate in Benghazi was collected from social media sources.


If OSINT is done right and done well, it can save resources, secure operations, support litigation and help to prevent cyber-crimes and disruptions.


That is a critical ‘IF’ though. Producing actionable OSINT information is an extremely


difficult challenge of a dual character: on the one hand, it involves finding a solution to crunch through and process an arbitrarily large amount of data; on the other hand, it hinges on the human-driven process of distilling this data into meaningful intelligence. Although both aspects are equally important, there is a distinct imbalance of interest in the tech/intelligence worlds these days: whilst the problem of ‘Big Data’ occupies much of our attention, little effort is spent on defining OSINT as a distinct profession and tradecraft. Our experience of working with a wide range of clients in both the government and private sectors indicates that truly effective OSINT can only be based on a synergetic relationship between technology and the human analyst. Optimising this connection necessitates the cultivation of a new breed of intelligence talent.


What are the key attributes of a successful OSINT practitioner?


Contrary to the common misconception that OSINT equals performing Google searches, ‘which anyone can do’, there is a very specific set of skills and attitudes required in order to produce real value in this field. An OSINT professional is a dedicated individual whose main expertise is in the identification, gathering and exploitation of publicly available information.


In a certain sense, his job is indicative of a rather new position on the generalist-specialist spectrum: whilst the OSINT analyst needs to have a broad understanding of international relations, political affairs, economics and social dynamics, his specialisation focuses less on traditional intelligence-related subjects or geographical areas, and more on the intimate and up-to-date knowledge of research techniques, methods, sources and technologies that can be utilised to process and extract meaning out of open data.


The OSINT Toolkit


OSINT-specific knowledge extends beyond simply being aware of ‘where to look’ and ‘how to look’, with its different areas encompassing: advanced online research skills, including the ability to construct rich and conceptual searches, locate and interrogate target-centric sources and databases; experience in source-validation, corroboration and meta-data exploitation; efficiency in capturing and organising data; solid understanding of internet-infrastructure and application of secure collection methods; data visualisation and trend analysis competencies.


Another vital element in the OSINT analyst’s toolkit is network analysis: the ability to map out, interpret and assess the different forms of networks (e.g. social, professional), allowing for the identification of key influencers and critical communication nodes. OSINT is becoming an increasingly complex intelligence discipline, even recreating what could be interpreted as the open-source versions of


traditionally clandestine intelligence methods, such as traffic analysis (internet domain statistics) or geo-spatial/imagery intelligence (Google Earth).


The human factor


Agility and innovation are key personality traits in the OSINT profession. The age of the template-type, cookie-cutter intelligence product is over: in the past two years such a clear pattern of ever-diversifying and ever- more specific intelligence needs put forward by our clients, renders any attempt to create static outputs to be unsatisfactory and untenable, even in the short-term. OSINT analysts need to actively anticipate and embrace change on all fronts: they need to keep a constant eye on emerging technologies, information-sharing trends and exploitable sources in order to stay ahead of the curve and keep creating relevant products.


Combining all the aforementioned elements in one individual is neither possible nor necessary. The most effective OSINT intelligencer is not an individual: it is a collaborative team –a group of analysts, who take on and use evolving technologies on-the-fly; who share research, best practices and new methodologies as part of their daily routine. Openness is a self-reinforcing paradigm in our global information environment – in order to counter the threats stemming from it, one has to fully immerse oneself in it, adopting its organising principles as well.


OSINT as a profession


The biggest lesson from the various projects we have worked on with our clients is that OSINT is a discipline carrying a tangible relevance across virtually all risk dimensions, be it private-public, security-reputational and physical-online. At the centre of converting public information into actionable insight, the outlines of a new intelligence profession are becoming increasingly visible: that of the technology-empowered OSINT analyst.


Although the boundaries and various functions associated with this profession are still in motion, there is a highly defined array of specialist knowledge and professional values lending it a distinct character. It is time we recognised these attributes and work towards consciously nurturing them.


Article from Olton


For more information Tel: 0330 002 0011 Email: info@olton.co.uk www.olton.co.uk


> 21


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40