How to Use OSINT for the Benefit of Ukraine

September 1, 2023

Satellite imagery, drones, uninhabited aerial vehicles, a diverse range of software, and OSINT – are just a few examples of the technologies being employed in the ongoing Russian-Ukrainian war.

In the context of digital life, cybersecurity is a crucial discipline in IT. It is impossible to overlook the mention of specific tools and methods used to explore the digital space. One of these tools is Open-source intelligence or OSINT.

Since the beginning of the full-scale war, the Molfar OSINT agency has been debunking Russian propaganda and fact-checking, geospatial intelligence, and identifying Russian war criminals. Additionally, Molfar specialists have been teaching military OSINT analysts from the National Academy of the Security Service of Ukraine, the State Border Guard Service, the Ministry of Defense of Ukraine, and representatives of civil organizations.

The art of open source information analysis and challenges before the analyst

Open Source Intelligence, or OSINT, is the search and utilization of information from open registries, websites, and statistical data. The person who gathers and analyzes this information is called an OSINT specialist. The uniqueness of OSINT lies in the fact that this intelligence method allows for obtaining information from open sources without resorting to illegal actions, as the information worked with by an OSINT specialist is openly available.

Methods of OSINT can be employed in various professional fields. Regardless of the industry – from medicine to journalism – the ability to search for, find, and analyze open data can be beneficial. Thus, OSINT is not exclusively a tool for security analysts or investigative journalists; everyone can apply it in their profession.

OSINT is not just about the accessibility of information. It’s about its analysis, verification, and proper utilization. Therefore, it’s worth noting some significant challenges that any analyst encounters.

  • Huge volume of data. New data constantly emerges on the network. This boundless source of information requires finding the important amidst the secondary.
  • Information verification. The information received by an OSINT specialist can be inaccurate, outdated, or deliberately distorted. Distinguishing facts from fiction is one of the key tasks for an OSINT professional.
  • Legality. Laws regarding data collection, storage, and usage vary in different countries. An OSINT expert must take these nuances into account.
  • Ethics. Although OSINT involves open-source intelligence, it is not regulated by rules or norms. The main principle is not to break the law. However, there is an ethical boundary that should not be crossed. For example, not interfering with private life. Yet, there are cases where interfering in private life is permissible, such as searching for criminals or Russian terrorists who have infiltrated Ukraine.         

From corporate security to combat operations: OSINT in action

The war initiated by Russia against Ukraine has added a new dimension to the understanding of OSINT capabilities. Previously, we used open-source intelligence for civil and peaceful purposes (corporate security, business research). Now, OSINT is a crucial tool in war.

For instance, consider the case of identifying the location of the Russian Piatnashka battalion. OSINT analysts from the Molfar agency pinpointed this unit’s exact location. The key to uncovering the occupant’s base location was the content shared on social media: photos, videos, and even textual comments. Once Molfar determined the base’s location, the Ukrainian Armed Forces attacked the Russian positions. To learn more about this investigation, refer to the PBS report.

If we simplify the process of gathering information about the occupant’s base location into basic steps, it would look like this:

  1. Placement of information by Russians on social media.
  2. Experts gather and analyze information.
  3. Stage of information verification.
  4. Transmission of information to the Ukrainian Armed Forces.
  5. Elimination of Russian occupants.

It’s possible to obtain data from open sources with OSINT skills. However, in some instances, information is only accessible through direct contact with a person. This is the primary role of HUMINT (human intelligence) – a complex of methods and algorithms for gathering non-public information directly from experts, key individuals, and individuals in the research field. Using a fabricated cover story, an analyst establishes communicative contact with a person under disguise. Thanks to this method, the Molfar agency gained access to information about Russian spies from the foreign intelligence service.

There are numerous tools that OSINT specialists utilize in their work.
1. Tools for People Search:

  • — a service that allows finding individuals based on their photo, email address, phone number, or name. Regular users can locate lost friends or verify new acquaintances from dating applications.
  • Pipl — a platform that offers advanced online people search. It can search for information based on a wide range of open sources.
  • Spokeo — gathers information from various open sources.
  • PeekYou — identifies user profiles on social media and other websites.

2. Web Scrapers (programs that automatically gather information from websites):

  • Scrapy — a powerful and flexible data extraction tool.
  • BeautifulSoup — a library for analyzing HTML and XML documents.
  • Octoparse: a tool for automated collection of large amounts of data from websites.

You can learn more about these and other tools that OSINT analysts use at IT Arena. On October 1st, an expert from the Molfar agency will conduct a meetup on the topic ‘OSINT as a cyber defense to Russian aggression’ and provide a more in-depth explanation of the mentioned investigations and the list of used tools and methodologies. Additionally, you will receive practical advice related to your security and ask the OSINT reconnaissance expert questions.

OSINT and Social Media: The Key to Security in Everyone’s Hands

After reviewing specific cases and the importance of OSINT in modern life, it becomes clear that internet users play a significant role. Ukrainians and the IT industry should know OSINT possibilities, especially during the ongoing Russian war against Ukraine.

It’s important to remember what not to share on social media if you want to avoid a “leak” of private information:

  • data about your whereabouts;
  • information about personal life and work;
  • anything related to family and friends.

Criminals and terrorists can use all of this for various purposes. It’s worth thinking twice before publishing something. This applies not only to military personnel or officials but also to ordinary users of messengers and the internet.

Every participant of IT Arena has a chance to learn more about OSINT, its possibilities, and pitfalls. This is not only a matter of professional growth but also personal safety and the security of our state. Join the meetup ‘OSINT as a cyber defense to Russian aggression’ on October 1st as part of the conference.

Share knowledge, interact with experts, and always stay informed. This is the key to creating Ukraine’s safe and technologically advanced future. Your participation in IT Arena is a step towards that future.