When the world gets closer.

We help you see farther.

Sign up to our expressly international daily newsletter.

Enjoy unlimited access to quality journalism.

Limited time offer

Get your 30-day free trial!
Future

Open-Source Methods, The Cyber Weapon Anyone Can Use In Ukraine War

Since the beginning of the war in Ukraine, journalists and citizens have used open source online intelligence to help the war effort and fight disinformation. NGOs and amateur investigators are even using it to look for evidence of human rights abuses.

​A woman checks in her phone the list of belongings recovered in the debris of her flat destroyed in the combats in Borodianka, Ukraine

A woman checks in her phone the list of belongings recovered in the debris of her flat destroyed in the combats in Borodianka, Ukraine

Anna Lippert

“#OSINT”: These five mysterious letters and hashtag have flourished on social media since Russia’s offensive in Ukraine. Open Source Intelligence is older than this conflict which broke out last February, but it the idea became better known to the general public as videos, photos and other conflict-related content abound, especially on social networks.

Stay up-to-date with the latest on the Russia-Ukraine war, with our exclusive international coverage.

Sign up to our free daily newsletter.

What’s hidden behind this acronym is a set of methods allowing the exploitation of open sources on the Internet: videos or photos posted on social media, location data, satellite images or the positions of planes and ships shared by a number of websites.


Journalists, NGOs and even anonymous citizens have seized these techniques in the context of the conflict in Ukraine to fight against disinformation, to inform about military positions, or to look for evidence of war crimes.

Tools from Switzerland

The tools and data used for OSINT are “completely accessible, and it’s even quite simple to do,” Benjamin, the man behind the @COUPSURE Twitter account says. According to him, there is no need to be informatics-savvy. “I don’t even know how to code,” he admits. Benjamin works for an engineering firm in Switzerland and he became known for his open source investigation on Russia’s military deployment at the borders of Ukraine.

Using open source data may help to find the origin of a social media post, to geolocate, date or authenticate a photo or a video, or to spot the location of troops. It combines fact-checking and data analysis. For instance, the Bellingcat collective, created in 2014, lead investigations on the Syrian civil war or the crash of the Malaysia Airlines Flight MH17 thanks to open sources.

Investigating war crimes

A myriad of content posted on social media about the war in Ukraine, whether genuine or not, are tools for many cyber investigators. The OSINT community ensures it is able to geolocate, identify and recontextualize certain images or videos. In the course of the months preceding the invasion of Ukraine by Russia, OSINT made it possible to geolocate some troops’ moves. “We would often see Russians saying they were retreating from the Ukrainian borders, and within a few hours, the OSINT community managed to prove that it was not the case,” Benjamin says.

We look for nearby military targets which could have been a legitimate target.

Once these videos and photos are authenticated, they are also used by NGOs to search for evidence of war crimes and human rights abuses. For instance, Human Rights Watch (HRW) uses open source investigation in addition to its field investigation and testimonies collected on site. This technology becomes “essential” to investigate human rights violations, especially in places where NGOs cannot go, says Gabriela Ivens, the Head of Open Source Research in the Digital Investigations Lab at Human Rights Watch.

Telegram, a goldmine for investigators

In Ukraine, HRW mainly uses photos and videos of the conflicts provided by journalists and humanitarians on the ground, but also those found on social media. Telegram, which is a very popular messasing platform in Russia and Ukraine, accounts for much of the exploited content. “We also use satellite images, but during the first weeks of the conflicts the sky above Ukraine was too cloudy for us to exploit them,” Ivens says.

Once the data related to an alleged attack on civilians is gathered, HRW’s investigators seek to locate and date the images. Then “we look for nearby military targets which could have been a legitimate target, or evidence that the attack was disproportionate. We look for the type of weapons used, the chain of command, the affected buildings and the human toll,” the cyber investigator says.

Finding such information requires resorting to a wide range of tools and resources as a complement to images and testimonies. OSINT constantly widens the scope of possibilities. HRW identified the people involved in strikes against civilians in Idlib, Syria, by analyzing Facebook posts and military press conferences or by online tracking the locations of Russian and Syrian aircraft in this area. “All sources can be useful if we put them together,” Ivens says.

This meticulous work, during which investigators identify, authenticate and analyze online content, can last for months. It is archived and safely kept by the NGO. The evidence gathered might indeed be transmitted to an international judicial authority in the context of a procedure against human rights violations in Ukraine.

\u200bFootage showing bombed out field hospital In Mariupol's Azovstal steel plant

Footage showing bombed out field hospital In Mariupol's Azovstal steel plant

Cover Images/ZUMA

How reliable are open source investigators?

NGOs and journalists affiliated with a media outlet do not have a monopoly on open source investigation. The OSINT community is made up of “all sorts of people”, some of whom are completely anonymous, Benjamin says. Professionals and amateurs alike put their skills together to investigate. Cartography specialists, “people with a passion for radio who try to pick up Russian frequencies,” or aviation enthusiasts who track aircraft in the sky can be found indiscriminately among this bunch. Some have joined collectives like Bellingcat or the Center for Information Resilience, which also count journalists as their members.

Every conflict is also an information war

Open Source Intelligence and its cyber investigators with various profiles have stepped in on the analysis of the conflict in Ukraine, and especially on Twitter, where they often share their findings. But how reliable are they?

Just like for websites or online articles, you have to pay attention to who did the work. Many OSINT investigations were conducted by specialized journalists, some of whom work for fact-checking services. Others work for NGOs or recognized collectives of investigators such as Bellingcat.

Many anonymous Internet users like @COUPSURE have seen their work recognized. Over time, their findings were then empirically recognized as reliable, for example when they are cited or retweeted by journalists who recognize the seriousness of their approach. But you must remain vigilant in a context where every conflict is also an information war between stakeholders.


You've reached your limit of free articles.

To read the full story, start your free trial today.

Get unlimited access. Cancel anytime.

Exclusive coverage from the world's top sources, in English for the first time.

Insights from the widest range of perspectives, languages and countries.

War In Ukraine, Day 281: Top European Leader Pushes Xi Jinping To Use His Influence On Putin

Charles Michel and Xi-Jinping

Cameron Manley, Bertrand Hauger and Emma Albright

European Council Chief Charles Michel used much of his face-to-face meeting Thursday in Beijing with Xi Jinping to urge the Chinese President to use his sway over Russian President Vladimir Putin “to end the war and to respect the sovereignty of Ukraine.”

Stay up-to-date with the latest on the Russia-Ukraine war, with our exclusive international coverage.

Sign up to our free daily newsletter.

Michel’s visit was the first official trip to Beijing by a top EU leader since the pandemic. The three-hour sit down (considered quite long for Xi) also included discussion of human rights, Taiwan, trade relations and climate change.

Keep reading...Show less

You've reached your limit of free articles.

To read the full story, start your free trial today.

Get unlimited access. Cancel anytime.

Exclusive coverage from the world's top sources, in English for the first time.

Insights from the widest range of perspectives, languages and countries.

The latest