OSINT and Intelligence

On the significance of OSINT for the overall

intelligence effort

c reuser’s information services, leiden, the netherlands. [email protected]. +31 6 3812 7715.
ahp reuser.

Contents
1 Intelligence 1
2 The information landscape 2
3 On the significance of OSINT for intelligence 2
3.1 OSINT is huge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
3.2 OSINT is safe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.3 OSINT is reliable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.4 OSINT is easy to share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.5 OSINT is cheap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.6 OSINT is everywhere . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.7 OSINT is fast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.8 OSINT is real-time, 24 hours, 7 days a week . . . . . . . . . . . . . . . . . . . . . . . 5
3.9 OSINT is mobile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4 Disadvantages of OSINT 5
4.1 There is too much information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.2 Searching is difficult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.3 OSINT is just the beginning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.4 OSINT is not...appealing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
5 How to use OSINT 7
6 OSINT and Intelligence 8

1 Intelligence

In today’s information world and under influence of the information revolution and the rapid changes
of the information landscape, the art of intelligence plays an increasingly important role in decision
making. A couple of developments are the reasons for this.

First however, a word on intelligence. In the logical chain

data ⇒ inf ormation ⇒ intelligence ⇒ decision ⇒ change (1)

Data is the unstructured start of ...everything. Data is collected by specialised entities such as open
source bureau, signals bureau, human sources and the like, and interpreted to produce information

1
OSINT 3 ON THE SIGNIFICANCE OF OSINT FOR INTELLIGENCE

reports that describe as objectively as possible the current state. Information reports are analysed by
specialists to add meaning, predictions, comparisons, warnings, outlooks etc to produce accurate and
timely intelligence products. Hopefully the intelligence products will lead to some decision or at least
influences a decision, which will probably lead to some change or action.

Two points are essential. Firstly, one does not ’gather’ intelligence nor ’collect’ intelligence. Intelligence
is a product. A product of a process called ’analysis’. Secondly, all intelligence should at the minimum
influence a decision and lead to change. If nothing happens, then the product is either a failure or
worse. At least, it is then not intelligence. Thirdly, all analysis is based on good, reliable, validated
information that is representative of what is available out there.

2 The information landscape

To find out how to get the best possible information, good insight in the information landscape is
essential. One needs to know where information is, how to acquire it, how to process it to create
information that is fit for analysis.

Traditionally, intelligence services make use of certain channels to acquire information with varying
degrees of reliability, usefulness and volume. In all cases, the information value needs to be established
before information can be used for analysis. The information value is made up of several variables.
The most important ones are completeness, timeliness, sources, references, authornames and lastly: is
the information from primary, secondary or even tertiary sources. Obviously, we like information to
come from primary sources without interference of third parties.

3 On the significance of OSINT for intelligence

3.1 OSINT is huge

On the scale of volume, we see that by far most information is coming from open sources one way or
the other. Some estimate the percentage to be around 80% 1 , some even estimate that amount to be
96% or more 2 .

The sheer volume of information available via open sources is by itself a reason never to start any
1
”Using this public source openly and without resorting to illegal means, it is possible to gather at least 80%
of information about the enemy” (Al Queda manual of jihad)
2
”80% of what I needed to know as CINCENT I got from open sources rather than classified reporting. And
within the remaining 20%, if I knew what to look for, I found another 16%. At the end of it all, classified
intelligence provided me, at best, with 4% of my command knowledge” (Tony Zinni, CINCENT, US Central
Command

c 2010-2013 reuser’s information services

-2- v3, 9may2013
OSINT 3 ON THE SIGNIFICANCE OF OSINT FOR INTELLIGENCE

intelligence analysis without extensive research in open sources. Why send a spy where a schoolboy
can go? 3 By acquiring as much as possible and feasible via open sources, analysts can save time and
effort for the real work: analysis.

3.2 OSINT is safe

Acquiring data and information to produce open source information is relatively safe. At least, much
safer than other data acquiring disciplines. To acquire HUMINT data, one needs people out there
on the street, which obviously involves a personal risk. To acquire SIGINT one needs radio parks, or
very large discs, both of which attract a lot of attention. OSINT on the other hand can be bought via
normal channels available to anybody, it can be retrieved from commercial databases or even for free
via the Internet. No personal risk there whatsoever.

Information from open sources makes the work of other disciplines safer. HUMINT typically prepares
for operations by getting the most from open sources first. Cyber operations are prepared by first
getting as much as possible from open sources to get a profile of the target.

3.3 OSINT is reliable

Since open source information has author names, sources, references and maybe even names of pub-
lishers and reviewers, the information can easily be checked for reliability and validity. Opinions and
reviews by others about the information can be checked, citation indexes may be used to do the same.
Any errors in open source information are typically very quickly corrected by international editors 4 .
Author names can be checked. The sources can be checked. The references can be checked. All is
there to effectively validate the data. There are tens of thousands ’editors’ worldwide that will correct
mistakes in open source information quickly.

Secondly, when addressing the nature of open source information, it is quite often clear what the pur-
pose was for publishing. If it was for commercial reasons, the information must be reliable, otherwise,
nobody will buy it. If it was government information to inform the public, it must be reliable too.

Consider now the typical intelligence products acquired from third parties. No author names, no
references, no sources, no apparent reason for publishing. Also many regional expert analysts with a
desk function hardly ever see the region they are supposed to be experts in, if ever. Local intelligence
officers in a mission area typically are not allowed to leave the compound for security reasons, yet they
3
Quoted from Robert David Steele vivas, former US Marine, founder US Marine Corps OSINT branch,
author of many books on intelligence and OSINT
4
A comparison in the number of errors between Encyclopedia Britannica and Wikipedia found that on
average, Britannica had 3 errors where Wikipedia had 4 errors per article.

c 2010-2013 reuser’s information services

-3- v3, 9may2013
OSINT 3 ON THE SIGNIFICANCE OF OSINT FOR INTELLIGENCE

write as if they are experts, while never experiencing anything else than the compound. This type of
information is by nature less useful and less fit for validation.

3.4 OSINT is easy to share

The main purpose of producing intelligence products is to share. Producing intelligence does not
make much sense if it cannot be shared. OSINT by nature can be easily shared, there are no security
restrictions and procedures that need to be negotiated first. The only restrictions that may apply are
copyright or licences. It makes it possible to very quickly get information on the correct place in the
correct time frame so clients can start working quickly.

3.5 OSINT is cheap

The methodology, tools, databases and techniques used by typical OSINT shops are cheap. There
is no requirement for expensive equipment or such - just subscriptions to commercial online vendors,
some print information and free Internet sources are required. For an OSINT shop with 10 employees,
a budget of 750,000.- is enough.

3.6 OSINT is everywhere

Contrary to HUMINT (which needs months of preparation before anything can be acomplished when
applied in new territories), SIGINT (which needs many months of preparation before an atenna park
or disc park can be set up in the region), both of which in addition need legal permission and all kinds
of paperwork, OSINT is truly international and covers the world, every city, every town, every region
and every country.

With OSINT as a starting point to get everybody going, time can be bought to bring in the disciplines
that can retrieve the pearls (HUMINT, SIGINT etc.).

3.7 OSINT is fast

Since OSINT is unclassified and can be shared easily, and since OSINT is produced by the masses,
open source information is very quickly available after an incident occurs. The police force in Boston
USA made heavy use of open source media to cooperate with the general public in searching for the
suspect. The raid on Osama Bin Laden was recorded and broadcast live by an eye witness. In many
cases, open sources are the first media to report an incident.

c 2010-2013 reuser’s information services

-4- v3, 9may2013
OSINT 4 DISADVANTAGES OF OSINT

The information revolution made it possible to reach out globally within the blink of an eye. Events
happening now anywhere in the world can be monitored and retrieved by open sources within seconds.
The likelihood that somebody will be witnessing with a smart phone to film everything and upload
on YouTube is high. The chance of someone there writing a short blog about the event and uploading
that on the Internet and announcing that fact via Twitter are even greater.

3.8 OSINT is real-time, 24 hours, 7 days a week

Since OSINT is everywhere, and produced by the masses worldwide using mobile devices, and can be
shared easily, information from open sources can be gathered on a 24 hour basis 7 days a week, and,
information from open sources will due to its global nature, give a representative impression of the
world events round the clock.

Imagery intelligence typically consist of satellite imagery and imagery obtained from unmanned aerial
vehicles. These two will typically provide a very detailed picture. However, combined with OSINT
which can provide the broader view and an umbrella viewpoint, the three are a true force multiplier.
The sum of the parts is much greater than the individual parts. OSINT is ideal in conjunction with
IMINT.

3.9 OSINT is mobile

Information from open sources is unclassified and can therefore be easily used and processed on mobile
devices enabling the users to work round the clock if needed, anyplace, anywhere. Where users of the
other intelligence gathering means are typically bound to certain technical solutions, OSINT analysts
can work anywhere anytime.

4 Disadvantages of OSINT

4.1 There is too much information

The information problem is truly a problem. The amount of information available (or the amount
of raw data) increases rapidly. Estimates are that the total amount of data grew 375 time in the
last 10 years. The number of Tweets during the football world championship final was around 15.000
(fifteen thousand) tweets per second. At the moment, the massive amount of data makes it impossible
to retrieve all relevant information. Even worse, there is not enough storage equipment to store
everything so that historical data will quickly disappear and be gone forever.

c 2010-2013 reuser’s information services

-5- v3, 9may2013
OSINT 4 DISADVANTAGES OF OSINT

4.2 Searching is difficult

And much more difficult than many think. Most people think they know how to search, but most
make a mess of it. Research 5 show that on average people have no idea how to set up proper research
using tools from the internet, libaries, databases and commercial information providers. Many fail to
understand the world of sources, incorrectly analyse requirements, wrongly apply Boolean logic, or
use the wrong service for the wrong questions. All students in a test group of 100 used the Internet
to find a list of universities and their professors in a south american country which took them hours.
An information professional simply uses a handbook ”the world of learning” where exactly the same
information can be found on page 75. Searchtime: 3 minutes. Looking for todays’ weather status,
about two third of the students went online to look at a weather forecast website instead of looking
out of the window.

4.3 OSINT is just the beginning

Open source information is only part of the entire picture. It will retrieve most, but by no means all
of the required information. Other intelligence disciplines are necessary to augment the information
found in open sources. OSINT is a good start, but in most cases one should continue the research in
the other intelligence disciplines to retrieve the gold nuggets to complement the picture.

Joseph Nye explained the concept very well with the analogy of a jigsaw puzzle. ”...the outer pieces
of the jigsaw puzzle, without which one can neither begin nor complete the puzzle...open source
intelligence is the critical foundation for the all-source intelligence product, but it cannot ever replace
the totality of the all-source effort”6

4.4 OSINT is not...appealing

As much as we think that open sources are important for intelligence, for the general public and
the sponsors, it does not look very much like... intelligence. Intercepting radio signals, deciphering
encrypted satellite communication, gigantic radio disc parks, spies travelling over the world, eaves
dropping equipment cleverly hidden in unexpected places, all that is associated with intelligence and
is what budget holders and sponsors will pay for.

OSINT is indeed not James Bond, but much more Sherlock Holmes.

OSINT makes use of sources that everybody can use and is therefore not...very ’cool’. Yet it contributes
5
Using the Internet: Skill related problems in usersâ online behavior / Alexander van Deursen, Jan van Dijk.
- University of Twente : Interacting with Computers, 2009
6
Joseph Nye, Head National Intelligence Council, 1990

c 2010-2013 reuser’s information services

-6- v3, 9may2013
OSINT 5 HOW TO USE OSINT

about 80% of all the information and everybody uses OSINT. This phenomenon makes it difficult
sometimes to organize it properly and get the required funds, let alone the recognition it deserves.

5 How to use OSINT

Open sources are typically used in different scenarios:

1. Start of intelligence research

Due to the above characteristics, in many countries open sources are used as the first resource
to start intelligence research. It is used extensively until one cannot go any further. At which
point special means of acquiring information will be used, such as SIGINT or HUMINT.
In many countries the use of open sources as the first means of acquiring information is obliged
by law. Special means of acquisition (eavesdropping, interception, hacking and such) may only
be used if, and only if, the required information cannot be found, or cannot be found in time,
via open sources.

2. Verification purposes
Open source information is ideal to use to verify information retrieved via other channels,
sources, or acquisition means. Little hints or gold nuggets that seem to point to something
interesting but, in themselves, do not make sense, can be verified by using open sources to
connect the dots.
In addition, open sources are ideal to verify names of persons, to look up background information
on issues and events, provide data on institutes, professionals, companies, markets, etc.

3. Global coverage
Since OSINT can truly cover the world’s major events about anything anywhere, the other
disciplines can concentrate on the higly ’hot’ issues and areas, for instance peace missions or
military interventions. They can rely on OSINT to keep an eye on the rest of the world and
raise the flag if there is something going on.
Most intelligence services work with some kind of prioritization system. Level one is concerned
with areas and subjects of high priority, gets most attention and is typically covered by the
specialised INT’s. Lower levels have less priority and are covered by other means such as
OSINT.

4. Early warning
Following on the previous point, OSINT is by far the obvious choice to establish an early warning
and indicators centre. If that can be augmented with some other intelligence disciplines, even
better.

c 2010-2013 reuser’s information services

-7- v3, 9may2013
OSINT 6 OSINT AND INTELLIGENCE

6 OSINT and Intelligence

Last, but certainly not least, it is of the utmost importance to realize that true intelligence effort
can only be done in an All Source Intelligence fashion, and, in open cooperation with other entities
and organisations. Law enforcement, humanitarian relief organizations, police forces, tax office, local
clubs and associations, city council, bailiffs, NGO’s, as well as with international organisations such
as NATO, IAEA, United Nations, European Union, and others worldwide.

We have to realize that with the information revolution, the general public has changed from being
information consumers to information providers. Mobility and the trend to 24/7 allows everybody to
gather information, analyse it in their own way, and publish. Intelligence services would never call
this ’intelligence’, but think about it. Why not make use of such a vast amount of information sources
out there. Intelligence today is done by everybody and All Source Intelligence that is shared is the
future.

In many countries OSINT is organized as a separate entity within the organization. Most are very
small, typically less than 20 persons, with a few exceptions. There are countries that have 250+ people
assigned to an OSINT task or even more, thousands.

In some countries, OSINT is a standalone unit, in others, it is integrated with ’likewise’ organizations
such as SIGINT, which makes sense. In yet other cases OSINT is integrated with its logical counterpart
like FORINT: for if the information cannot be found in open sources, than it seems logical to hand
over the task to FORINT to search in classified sources. Yet with others, it is combined with the
general analysis department for they are the most important users.

There are advantages and disadvantges for both. If the OSINT unit is placed separately in the organ-
ization, then it can easily serve the entire organization but it loses direct contact with its customers.
If the OSINT unit is subordinate to a particular department, let’s say SIGINT, it can serve that
particular department very well due to the close distance to the customers. But, it loses contact with
the other departments.

This can be overcome if OSINT offers its general services via an online enterprise portal, preferably a
WIKI. There, customers can easily retrieve the information they require and can file requirements for
more in-depth research.

c 2010-2013 reuser’s information services

-8- v3, 9may2013