What is OSINT?

OSINT is an acronym for Open-Source Intelligence. In simple terms, it's the systematic searching, collecting, and analyzing of publicly available information. You can find this information on the internet, in books, and on social media, where anyone can freely access it.

The principle of OSINT is not about stealing classified information. Instead, it's about using publicly available data to solve a puzzle-like case. For example, when you see a person's photo on the internet, you can use tools like Google Maps to find out where the photo was taken.

Where is OSINT used?

OSINT can be used in various fields, primarily in the following areas:

Investigations and Law Enforcement
It's used to find evidence during a criminal investigation, uncover cybercrimes, and monitor the activities of terrorist organizations.

Journalism and Media
Journalists use OSINT to verify sources, find information behind an event, and expose the truth.

Business
Companies use OSINT to study the activities of their competitors, find new markets, and understand public perception of their products.

Cybersecurity
OSINT can be used to proactively prevent hacker attacks, identify vulnerabilities, and monitor security threats.

Personal Use
OSINT is not only useful in professional fields but also in our personal lives. Our everyday internet searches are based on OSINT's fundamental principles. You can use your name, email address, phone number, and username to find out what information about you is available online. This helps you identify where your personal data might be leaked or public, allowing you to remove it or change your privacy settings. You can also use websites like "Have I Been Pwned?" to check if your email address was involved in a data breach, which tells you if you should change your passwords. When you receive an email, you can use OSINT to check the sender's address and the links inside to determine if it's safe.

OSINT techniques are also helpful in finding long-lost friends. For example, if you remember their old username or email address, you can use tools like WhatsMyName to find their social media accounts. You can also use Google Images or Yandex Images to perform a reverse image search on their old photos to find their current profile pictures. In some countries, public records like phone directories and property ownership records are publicly available and can be used for these searches.

We will focus on discussing personal applications here more than other uses.

So, what are the benefits of OSINT?

OSINT has become an incredibly important technology today. It is very cost-effective because it primarily uses free, publicly available information rather than expensive, classified surveillance tools. Since information on the internet is vast and constantly changing, mastering OSINT techniques allows you to gather a lot of necessary information in a short amount of time. Furthermore, systematically collected data provides a clear understanding of a situation, enabling you to make more accurate decisions. Since OSINT is based on publicly available information, it is transparent and not involved in secret or illegal activities. In short, OSINT is an effective tool that anyone can use in the data-rich era. It is especially useful in cybersecurity, journalism, and business.

The above paragraph highlights its advantages, but it might be boring to read. So, I will also tell you about some real-world application cases.

OSINT has been effectively used in many significant world events.

1. The 2018 Salisbury Poisoning Incident
In Salisbury, UK, former Russian intelligence agent Sergei Skripal and his daughter Yulia were poisoned with a nerve agent. The British government accused Russian military intelligence (GRU), but Russia denied it.
An investigative journalism organization called Bellingcat used OSINT methods to investigate the incident. They obtained leaked data from a Russian vehicle registration database and cross-referenced the photos of the suspects with their social media profiles. By using passport numbers, license plates, and phone numbers from open-source databases, they were able to verify the suspects' real names and their connections to the GRU.
The results of this investigation debunked the Russian government's denial and gained worldwide media attention.

2. The 2014 Sony Pictures Hack
A hacking group believed to be connected to North Korea attacked Sony Pictures' computer systems, stealing critical information like employee salaries and unreleased movies.
For this operation, the hacking group used OSINT techniques for months before the attack. They collected employee information such as job titles, email addresses, and other personal data from social media profiles and LinkedIn. They also studied Sony's network structure and the technology used from the company's websites and other public data. Based on this OSINT, they sent targeted phishing emails to specific employees to steal their account passwords.
This incident demonstrated how powerful a tool OSINT can be for hackers (attackers) and highlighted its importance in the cybersecurity field.

3. Uncovering the Truth in Various Incidents
In conflicts and human rights violations in countries like Burma and Thailand vs Cambodia, where it is difficult to report, many international organizations have used OSINT to document the events. They used news photos, videos, and live videos from social media to verify the time, location, and details of the incidents. They cross-referenced photos of refugee camps and damaged buildings with Google Maps and satellite images to pinpoint the exact locations where the shootings occurred. Organizations like Bellingcat used OSINT methods to check for fake news and propaganda online, verifying the accuracy of the information.
These incidents showed that OSINT plays a crucial role in uncovering true news, documenting human rights abuses, and revealing the truth to the world.

You may have read tech-related content that says OSINT was used in the famous case of the U.S. locating Bin Laden. In reality, the operation to find Osama bin Laden was not solely based on OSINT but was a combination of human intelligence (HUMINT), signals intelligence (SIGINT), and OSINT. However, OSINT did play a significant role in this event.

As everyone knows, the secret intelligence operation to find Osama bin Laden took many years. The breakthrough came when they were able to track his most trusted courier. The U.S. and NATO members gathered information from al-Qaeda members detained at Guantanamo Bay prison. This information revealed that Bin Laden did not use phones or the internet and communicated with the outside world only through a courier named Abu Ahmed al-Kuwaiti.

U.S. intelligence agencies obtained information about al-Kuwaiti's cell phone in 2009. By tracking the phone's signals, they were able to estimate that he was living in Abbottabad, Pakistan.

From this point, OSINT methods played a major role. Intelligence agencies used satellite images of Abbottabad to pinpoint the exact location where al-Kuwaiti's phone signals were most frequently received. They found a large, fortified compound that was unlike the other houses in the area. This compound, which had no internet or phone lines, raised suspicion as it appeared to be hiding secrets. Even after finding the compound, they couldn't be sure if Bin Laden was there. It was difficult to get precise information from media or social networks. So, the CIA collaborated with a local doctor, Shakil Afridi, to create a fake vaccination program. While not a direct OSINT technology, this was a method of using public data and publicly available situations to gather information. Through this program, they tried to get DNA from the children in the compound to see if it matched Osama bin Laden's. The compound was monitored for a long time. There, two unusual (suspicious) facts were discovered:

1. The residents of the compound never put their trash outside; they burned it inside.
2. The people inside the compound were never seen moving around outside.

These suspicious facts and other intelligence led them to estimate the number of people inside the compound using satellite imagery and other methods.

Finally, with these OSINT clues and other intelligence information, they were 95% certain that Osama bin Laden was in the compound. This incident showed that OSINT is not a method that provides an immediate answer from a single piece of information but a way to gather many clues to solve a puzzle.