There are many ways to collect intelligence. This post will briefly discuss Open Source Intelligence because it is particularly important to understand this discipline when we are talking about protecting our personal information. But first, let’s take a look at an excerpt from the FBI’s website which describes various intelligence collection disciplines and their meanings.
Intelligence Collection Disciplines (INTs)
Various kinds of intelligence—military, political, economic, social, environmental, health, and cultural—provide important information for policy decisions. Many people view intelligence as gathered through secret or covert means. While some intelligence is indeed collected through clandestine operations and known only at the highest levels of government, other intelligence consists of information that is widely available. There are five main ways of collecting intelligence that are often collectively referred to as “intelligence collection disciplines” or the “INTs.”
Human Intelligence (HUMINT) is the collection of information from human sources. The collection may be done openly, as when FBI agents interview witnesses or suspects, or it may be done through clandestine or covert means (espionage). Within the United States, HUMINT collection is the FBI’s responsibility. Beyond U.S. borders, HUMINT is generally collected by the CIA, but also by other U.S. components abroad. Although HUMINT is an important collection discipline for the FBI, we also collect intelligence through other methods, including SIGINT, MASINT, and OSINT.
Signals Intelligence (SIGINT) refers to electronic transmissions that can be collected by ships, planes, ground sites, or satellites. Communications Intelligence (COMINT) is a type of SIGINT and refers to the interception of communications between two parties. U.S. SIGINT satellites are designed and built by the National Reconnaissance Office, although conducting U.S. signals intelligence activities is primarily the responsibility of the National Security Agency (NSA).
Imagery Intelligence (IMINT) is sometimes also referred to as photo intelligence (PHOTINT). One of the earliest forms of IMINT took place during the Civil War, when soldiers were sent up in balloons to gather intelligence about their surroundings. IMINT was practiced to a greater extent in World Wars I and II when both sides took photographs from airplanes. Today, the National Reconnaissance Office designs, builds, and operates imagery satellites, while the National Geospatial-Intelligence Agency is largely responsible for processing and using the imagery.
Measurement and Signatures Intelligence (MASINT) is a relatively little-known collection discipline that concerns weapons capabilities and industrial activities. MASINT includes the advanced processing and use of data gathered from overhead and airborne IMINT and SIGINT collection systems. Telemetry Intelligence (TELINT) is sometimes used to indicate data relayed by weapons during tests, while electronic intelligence (ELINT) can indicate electronic emissions picked up from modern weapons and tracking systems. Both TELINT and ELINT can be types of SIGINT and contribute to MASINT.
The Defense Intelligence Agency’s Central MASINT Office (CMO), is the principal user of MASINT data. Measurement and Signatures Intelligence has become increasingly important due to growing concern about the existence and spread of weapons of mass destruction. MASINT can be used, for example, to help identify chemical weapons or pinpoint the specific features of unknown weapons systems. The FBI’s extensive forensic work is a type of MASINT. The FBI Laboratory’s Chem-Bio Sciences Unit, for example, provides analysis to detect traces of chemical, biological, or nuclear materials to support the prevention, investigation, and prosecution of terrorist activities.
Open-Source Intelligence (OSINT) refers to a broad array of information and sources that are generally available, including information obtained from the media (newspapers, radio, television, etc.), professional and academic records (papers, conferences, professional associations, etc.), and public data (government reports, demographics, hearings, speeches, etc.).
Unlike the other INTs, open-source intelligence is not the responsibility of any one agency, but instead is collected by the entire U.S. Intelligence Community. One advantage of OSINT is its accessibility, although the sheer amount of available information can make it difficult to know what is of value. Determining the data’s source and its reliability can also be complicated. OSINT data therefore still requires review and analysis to be of use to policymakers.
Let’s take a closer look at OSINT and why this type of intelligence is important to those of us who want to protect our data. Remember; online research is all about “connecting the dots”. All it takes is the right person to put it all together for devastating effect.
The proliferation and availability of public information has increased with the evolution of its dissemination—from print, radio, and TV, to networked communications of the Internet Age. With the constant creation of digital document archives and the migration towards a paperless society, vast databases of information are continuously being generated. Collectively, these publicly available databases contain enough specific information to pose certain vulnerabilities. The actionable intelligence ascertained from these data sources is known as Open Source Intelligence (OSINT).
Numerous search techniques and applications exist to harvest data for OSINT purposes. Advanced operator use, social network searches, geospatial data aggregation, network traffic graphs, image specific searches, metadata extractors, and government databases, provide a wealth of useful data. Furthermore, applications such as FOCA, Maltego, and SearchDiggity, in addition to custom site API integration, yield powerful search queries with organized results.
OSINT techniques are not hard to learn and it has been said that over 80% of all available intelligence of any type, is available from open sources. Indeed, someone who is searching for information about you can find a great deal without paying for premium services, a private investigator, or obtaining a warrant. Someone with bad intentions has access to a wealth of personal details, that when combined can compromise your security or safety. OSINT is the “other side of the coin” that we must understand exists when our focus is removing our information and protecting our data. As a student of OSINT myself, I find it fascinating how much information can be found online about people. As an investigator it is extremely helpful that most people freely share so much information about their lives. I have also found that the more I learn about OSINT, the more I understand the value of protecting my personal information and how it can be removed from various sources.
Social Media by itself is an extremely rich source of information for OSINT researchers. The bottom line is that if you have done nothing to protect yourself yet, there is a great deal of information that can easily be found online about you. Understanding this threat, problem, or fact, is an important step in finding ways to make yourself less vulnerable and less of a target.
I will conclude this post with a recent video that was produced to illustrate how much personal information can be obtained simply by analyzing your name and “likes” on Facebook. The setting is a coffee shop, with an advertisement at the entrance that encourages customers to “like” the business on Facebook and receive a free pastry when they get to the front counter. Unbeknownst to the customers, a team of online researchers (OSINT professionals) are in a van outside the of coffee shop. Within 3 minutes of a customer clicking the “like” button on Facebook and reaching the cashier, their personal details had been disclosed in a very surprising way. Watch the video HERE.