Capabilities: OSINT (open source signals intelligence)

Author: Dr. Sandra Quincoses-Campos (‘Dr. Q’), Project Manager at Boeing Intelligence & Analytics

OSINT: Important Lessons from the Private Sector

The private sector applies resourceful intelligence strategies that can profoundly benefit government-supporting open-source intelligence (OSINT) practitioners. By adopting these proven approaches, government agencies can significantly enhance the accuracy, efficiency, and relevance of their intelligence operations. This leads to more informed decision-making and optimized resource allocation.

Attribution-Focused Investigations

In the private sector, OSINT-empowered investigative work often focuses on attribution - the unmasking of a threat actor or network. Specifically, a "who"-focused approach to OSINT enables targeted collection and exploitation of publicly available information (PAI) and commercially available information (CAI). This method can efficiently lead to intelligence on what, where, when, and why. For example, successful attribution of a threat actor can illuminate indicators of intention behind malign activities – the “why.”

Private sector organizations apply this intelligence, often obtained from managed service providers, to match up against their internal intelligence, which enhances the organizations' understanding of tactics, techniques, and procedures (TTPs), and potentially, future operations. Attribution can not only reveal intention, but also capability. A factor that contributes to a threat actor's capability is its network, whether it be social network, business network, or nation-state allies.

Consumer-Centric Approach: Investigative Leads and Pivot Worthiness

Unmasking threat actors and their networks involves 'pivoting' on information gathered from PAI and CAI, requiring judgment to determine which leads warrant further investigation. Manual tradecraft and tools most certainly play an important role in enabling practitioners to pivot and make those judgements quickly. More importantly, however, are the intermediary questions practitioners ask during the process, which are reliant upon the practitioners’ knowledge of the consumers’ interests, intelligence gaps, and operations – priorities and objectives.

Consumer-practitioner interactions guide decision-making on lead quality and data pivot relevance throughout the information gathering and analysis process. As OSINT practitioners dive into copious amounts of information and various forms of PAI and CAI, they may come across information that they believe may be of interest to the client but not necessarily relevant to the request for information (RFI). Regular check-ins among practitioners and consumers enable discussions about OSINT report progress and allow consumers to request additional information on specific topics of interest. Check-ins may also reduce instances where valuable information may be tossed aside because it does not directly answer an RFI, which can be a grave mistake in some cases. It is important to remember that RFIs are a consequence of limited information or intelligence gaps, so communication is key to successful and efficient reporting.

In the dynamic realm of OSINT, practitioners navigate a maze of data, piecing together fragments to reveal hidden information. The questions posed throughout the investigative or research process form the backbone of OSINT activities. As OSINT practitioners sift through information, they must weigh the relevance of each piece of data. This involves considering its pivot worthiness and its place within the broader intelligence landscape. Touchpoints with clients and consumers ensure alignment, bridging the gap between raw data and actionable insights. In this intricate dance, attribution-focused OSINT activities and communication with consumers become the cornerstone, enabling advantageous decision-making.

For more information, contact DL_BD@bia-boeing.com