Since the beginning of the war in Ukraine, journalists and citizens have used open source online intelligence to help the war effort and fight disinformation. NGOs and amateur investigators are even using it to look for evidence of human rights abuses.
“#OSINT”: These five mysterious letters and hashtag have flourished on social media since Russia’s offensive in Ukraine. Open Source Intelligence is older than this conflict which broke out last February, but it the idea became better known to the general public as videos, photos and other conflict-related content abound, especially on social networks.
What’s hidden behind this acronym is a set of methods allowing the exploitation of open sources on the Internet: videos or photos posted on social media, location data, satellite images or the positions of planes and ships shared by a number of websites.
Journalists, NGOs and even anonymous citizens have seized these techniques in the context of the conflict in Ukraine to fight against disinformation, to inform about military positions, or to look for evidence of war crimes.
Tools from Switzerland
The tools and data used for OSINT are “completely accessible, and it’s even quite simple to do,” Benjamin, the man behind the @COUPSURE Twitter account says. According to him, there is no need to be informatics-savvy. “I don’t even know how to code,” he admits. Benjamin works for an engineering firm in Switzerland and he became known for his open source investigation on Russia’s military deployment at the borders of Ukraine.
Using open source data may help to find the origin of a social media post, to geolocate, date or authenticate a photo or a video, or to spot the location of troops. It combines fact-checking and data analysis. For instance, the Bellingcat collective, created in 2014, lead investigations on the Syrian civil war or the crash of the Malaysia Airlines Flight MH17 thanks to open sources.
Investigating war crimes
A myriad of content posted on social media about the war in Ukraine, whether genuine or not, are tools for many cyber investigators. The OSINT community ensures it is able to geolocate, identify and recontextualize certain images or videos. In the course of the months preceding the invasion of Ukraine by Russia, OSINT made it possible to geolocate some troops’ moves. “We would often see Russians saying they were retreating from the Ukrainian borders, and within a few hours, the OSINT community managed to prove that it was not the case,” Benjamin says.
We look for nearby military targets which could have been a legitimate target.
Once these videos and photos are authenticated, they are also used by NGOs to search for evidence of war crimes and human rights abuses. For instance, Human Rights Watch (HRW) uses open source investigation in addition to its field investigation and testimonies collected on site. This technology becomes “essential” to investigate human rights violations, especially in places where NGOs cannot go, says Gabriela Ivens, the Head of Open Source Research in the Digital Investigations Lab at Human Rights Watch.
Telegram, a goldmine for investigators
In Ukraine, HRW mainly uses photos and videos of the conflicts provided by journalists and humanitarians on the ground, but also those found on social media. Telegram, which is a very popular messasing platform in Russia and Ukraine, accounts for much of the exploited content. “We also use satellite images, but during the first weeks of the conflicts the sky above Ukraine was too cloudy for us to exploit them,” Ivens says.
Once the data related to an alleged attack on civilians is gathered, HRW’s investigators seek to locate and date the images. Then “we look for nearby military targets which could have been a legitimate target, or evidence that the attack was disproportionate. We look for the type of weapons used, the chain of command, the affected buildings and the human toll,” the cyber investigator says.
Finding such information requires resorting to a wide range of tools and resources as a complement to images and testimonies. OSINT constantly widens the scope of possibilities. HRW identified the people involved in strikes against civilians in Idlib, Syria, by analyzing Facebook posts and military press conferences or by online tracking the locations of Russian and Syrian aircraft in this area. “All sources can be useful if we put them together,” Ivens says.
This meticulous work, during which investigators identify, authenticate and analyze online content, can last for months. It is archived and safely kept by the NGO. The evidence gathered might indeed be transmitted to an international judicial authority in the context of a procedure against human rights violations in Ukraine.
Footage showing bombed out field hospital In Mariupol's Azovstal steel plant
How reliable are open source investigators?
NGOs and journalists affiliated with a media outlet do not have a monopoly on open source investigation. The OSINT community is made up of “all sorts of people”, some of whom are completely anonymous, Benjamin says. Professionals and amateurs alike put their skills together to investigate. Cartography specialists, “people with a passion for radio who try to pick up Russian frequencies,” or aviation enthusiasts who track aircraft in the sky can be found indiscriminately among this bunch. Some have joined collectives like Bellingcat or the Center for Information Resilience, which also count journalists as their members.
Every conflict is also an information war
Open Source Intelligence and its cyber investigators with various profiles have stepped in on the analysis of the conflict in Ukraine, and especially on Twitter, where they often share their findings. But how reliable are they?
Just like for websites or online articles, you have to pay attention to who did the work. Many OSINT investigations were conducted by specialized journalists, some of whom work for fact-checking services. Others work for NGOs or recognized collectives of investigators such as Bellingcat.
Many anonymous Internet users like @COUPSURE have seen their work recognized. Over time, their findings were then empirically recognized as reliable, for example when they are cited or retweeted by journalists who recognize the seriousness of their approach. But you must remain vigilant in a context where every conflict is also an information war between stakeholders.
- Ukraine War Geopolitics: The Growing Risk Of Nonalignment ... ›
- “To Kill The Bear” — Why Total Victory Over Russia Is Frightening ... ›
- Instagram Nyet! Russian Influencers Lose Mojo On Homegrown ... ›
- Evacuating Mariupol, Lavrov’s “Jewish Hitler”, Bored Ape Metaverse - Worldcrunch ›
- How Elon Musk's Satellite System Changed The War In Ukraine - Worldcrunch ›