23 July,2023 08:08 AM IST | Mumbai | Gautam S Mengle
Geolocation, a major part of OSINT, helps confirm the location of a picture or video using small details present in it. In one instance, fact checkers investigated a picture taken inside a compound and searched online for pictures of the concrete arch over the gate with the tree next to it, till they found a picture taken from outside the compound. Pic Courtesy/Kalim Ahmed
On June 18, a video, supposedly of an Indian Christian priest dancing with several women intimately, went viral on social media leading to immediate flaring of tempers and opinions. Two days later, fact checkers confirmed that the people in the video were a Brazilian actor who entertains crowds at events dressed as a priest, and his friend, a Portuguese model.
While the sheer number of provocative claims on social media are today stuff of daily routine, the magic is in the way these are debunked - with careful and painstaking research. In the case of the dancing priest, what led to the truth was a reverse image search using a screenshot, and searches on YouTube and Instagram to identify the people in it.
While use of information available in the public domain to verify unsubstantiated facts is protocol, with the advent of the Internet, this has now evolved into a fascinating science known as Open Source Intelligence, or OSINT.
The evolution of OSINT lies in several major events of global historical significance. According to an article published in The Intelligencer: Journal Of US Intelligence Studies in 2013, the first documented example of OSINT was in 1947. Following Japan's attack on Pearl Harbour, the US government placed Foreign Broadcast Monitoring Service (a research initiative by Princeton University) under the purview of the Central Intelligence Agency. It was renamed the Foreign Broadcast Intelligence Service and tasked with scanning news media for information relevant to intelligence and espionage. The practice was soon adopted by several countries and peaked during the Cold War, with governments of several countries scrutinising thousands of news broadcasts globally every month.
"OSINT began to be formalised during the Cold War era, but it focused on openly available print and broadcast material," says Additional Director General of Police Brijesh Singh. "However, it was with the advent of the Internet and its widespread use that the potential of OSINT was truly realised. By the early 2000s, with the exponential growth of digital data, OSINT started gaining more recognition and evolved into the term and practice as we understand it today - leveraging the Internet and digital resources for intelligence gathering."
An independent cyber expert and the first head of the state's cyber department, Singh says that OSINT holds immense importance for law enforcement agencies in India.
"As growth of Internet usage spikes exponentially," says Singh, who is currently posted as principal secretary to the chief minister, "more information than ever is available publicly and can be leveraged for investigative and predictive policing. For criminal investigations, OSINT can aid in collecting information about suspects, their activities, connections, and even potential future actions. It can assist in tracking down cybercriminals, understanding their modus operandi, and even predicting potential targets."
SOCMINT or Social Media Intelligence, an offshoot of OSINT that focuses on collection and analysis of data from social media platforms, is already an important tool for law enforcement. Take Twitter, for example: The right keywords can narrow your search down to pictures posted only from one location during a specific period of time. Refine search parameters further and Twitter will show you responses to nothing but a particular account.
Geo-location is a favourite among OSINT practitioners, where one can confirm the place using minute details captured in one or a set of pictures. "Consider this scenario," says fact-checker Kalim Ahmed, "a violent crime is secretly filmed on the outskirts of a village in a war-torn country. You have a general idea of the district, but lack specific details such as the exact spot, time of the crime, or season. Geo-location proves invaluable in such investigations."
He breaks down the methodology.
"Accumulate diverse video clips from various sources, taken from different angles, devices, and quality; carefully document visual details, such as the mountains in the background, vegetation, ground markings, visible trees, or any distinctive structures. Analyse the subjects' shadows for approximation of time. Studying visible vegetation and considering climate conditions might help identify the season. Eventually, we use tools such as Google Earth to compare and match the collected visuals."
OSINT is now an accepted and recognised skill that even recruiters look for. A quick search for it on LinkedIn throws up 588 results, with job profiles ranging from cybersecurity analysis, fraud detection, vendor assessment and risk analysis for corporate firms. Numerous private institutes in India now have beginners and advanced online courses for the skill.
"OSINT was always part of our work intuitively," an independent auditor and consultant tells mid-day. "But today, we have tools that help us use the information found in open domain effectively. Through OSINT, we can get a sense of a particular entity, be it a person or a company, which approaches our clients and build an accurate picture of how risky it would be to associate with them."
To the determined reader, it can also be used to catching a cheating spouse.
1947
The first time OSINT was officially used in a focused manner for intelligence gathering purposes
Google dorks: Advanced search operators that can be used to refine searches and find specific information.
Shodan: Often described as the âsearch engine for everything else', Shodan can suss out specific types of computers, routers, servers, etc. connected to
the Internet.
TweetDeck: Arranges multiple timelines in one easy interface, making it easy to follow hashtags, and track social media activities.
Hunchly: Captures full web pages as you browse, and can automatically collect and organise data for online investigations.
Echosec Systems Platform: Can access data from various social media platforms, blogs, news websites, and other sources to give insight on potential threats, or to gather evidence.
PhantomBuster: Can automate data extraction from social media platforms such as LinkedIn, Twitter, Facebook, Instagram, and others.
