Open-source intelligence

Open source intelligence (OSINT) is the collection and analysis of data gathered from open sources (overt sources and publicly available information) to produce actionable intelligence. OSINT is primarily used in national security, law enforcement, and business intelligence functions and is of value to analysts who use non-sensitive intelligence in answering classified, unclassified, or proprietary intelligence requirements across the previous intelligence disciplines. ^[1]

Categories

OSINT sources can be divided up into six different categories of information flow: ^[2]

• Media: print newspapers, magazines, radio, and television from across and between countries.
• Internet: online publications, blogs, discussion groups, citizen media (i.e. – cell phone videos, and user created content), YouTube, and other social media websites (i.e. – Facebook, Twitter, Instagram, etc.). This source also outpaces a variety of other sources due to its timeliness and ease of access.
• Public government data: public government reports, budgets, hearings, telephone directories, press conferences, websites, and speeches. Although this source comes from an official source they are publicly accessible and may be used openly and freely.
• Professional and academic publications: information acquired from journals, conferences, symposia, academic papers, dissertations, and theses.
• Commercial data: commercial imagery, financial and industrial assessments, and databases.
• Grey literature: technical reports, preprints, patents, working papers, business documents, unpublished works, and newsletters.

OSINT is distinguished from research in that it applies the process of intelligence to create tailored knowledge supportive of a specific decision by a specific individual or group. ^[3]

OSINT collection methodologies

Collecting open-source intelligence is achieved in a variety of different ways, ^[4] such as:

• Social Media Intelligence, which is acquired from viewing or observing a subject's online social profile activity.
• Search engine data mining or scraping.
• Public records checking.
• Information matching and verification from data broker services.

Definition

OSINT, broadly defined, involves gathering and analyzing publicly accessible information to produce actionable insights. ^[5]

The U.S. Department of Homeland Security defines OSINT as intelligence derived from publicly available information, collected and disseminated promptly to address specific intelligence needs. ^[6]

NATO describes OSINT as intelligence obtained from publicly available information and other unclassified data with limited public distribution or access. ^[7]

The European Union defines OSINT as the collecting and analyzing information from open sources to generate actionable intelligence, supporting areas like national security, law enforcement, and business intelligence. ^[8]

The United Nations has also recognized OSINT’s potential, noting its value in monitoring member states’ compliance with international regulations across various sectors, including public health and human rights. ^[9]

In the private sector, companies like IBM define OSINT as the process of gathering and analyzing publicly available information to assess threats, inform decisions, or answer specific questions. Similarly, cybersecurity firms such as CrowdStrike describe OSINT as the act of collecting and analyzing publicly available data for intelligence purposes. ^[10]

History

Seal of the 9/11 Commission

OSINT practices have been documented as early as the mid-19th century in the United States and early 20th century in the United Kingdom. ^[11]

OSINT in the United States traces its origins to the 1941 creation of the Foreign Broadcast Monitoring Service (FBMS), an agency responsible for the monitoring of foreign broadcasts. An example of their work was the correlation of changes in the price of oranges in Paris with successful bombings of railway bridges during World War II. ^[12]

The Aspin-Brown Commission stated in 1996 that US access to open sources was "severely deficient" and that this should be a "top priority" for both funding and DCI attention. ^[13]

In July 2004, following the September 11 attacks, the 9/11 Commission recommended the creation of an open-source intelligence agency. ^[14] In March 2005, the Iraq Intelligence Commission recommended ^[15] the creation of an open-source directorate at the CIA.

Following these recommendations, in November 2005 the Director of National Intelligence announced the creation of the DNI Open Source Center. The Center was established to collect information available from "the Internet, databases, press, radio, television, video, geospatial data, photos and commercial imagery." ^[16] In addition to collecting openly available information, it would train analysts to make better use of this information. The center absorbed the CIA's previously existing Foreign Broadcast Information Service (FBIS), originally established in 1941, with FBIS head Douglas Naquin named as director of the center. ^[17] Then, following the events of 9/11 the Intelligence Reform and Terrorism Prevention Act merged FBIS and other research elements into the Office of the Director of National Intelligence creating the Open Source Enterprise.

Furthermore, the private sector has invested in tools which aid in OSINT collection and analysis. Specifically, In-Q-Tel, a Central Intelligence Agency supported venture capital firm in Arlington, VA assisted companies develop web-monitoring and predictive analysis tools.

In December 2005, the Director of National Intelligence appointed Eliot A. Jardines as the Assistant Deputy Director of National Intelligence for Open Source to serve as the Intelligence Community's senior intelligence officer for open source and to provide strategy, guidance and oversight for the National Open Source Enterprise. ^[18] Mr. Jardines has established the National Open Source Enterprise ^[19] and authored intelligence community directive 301. In 2008, Mr. Jardines returned to the private sector and was succeeded by Dan Butler who is ADDNI/OS ^[20] and previously Mr. Jardines' Senior Advisor for Policy. ^[21]

Tools

A guide by Ryan Fedasiuk, an analyst at the Center for Security and Emerging Technology, lists six tools open-source analysts can use to stay safe and utilize operational security (OPSEC) when conducting online investigations. These include VPNs, cached webpages, digital archive services, URL and file scanners, browser sandbox applications, and antivirus software. ^[22]

Numerous lists of aggregated OSINT content are available on the web. The OSINT Framework contains over 30 primary categories of tools and is maintained as an open source project on GitHub. ^[23]

Risks for practitioners

A main hindrance to practical OSINT is the volume of information it has to deal with information explosion. The amount of data being distributed increases at a rate that it becomes difficult to evaluate sources in intelligence analysis. To a small degree the work has sometimes been done by amateur crowd-sourcing. ^[24]

Private individuals illegally collecting data for a foreign military or intelligence agency is considered espionage in most countries. Espionage that is not treason (e.g. betraying one's country of citizenship) has been a tool of statecraft since ancient times. ^[25]

Professional associations and certifications

McAfee Institute offers several government-recognized certification programs in open-source intelligence (OSINT) and related investigative disciplines. The Certified in Open Source Intelligence (C|OSINT) program provides structured training in the collection, verification, and analysis of publicly available information, aligning with recognized standards for intelligence and law enforcement professionals.

McAfee Institute’s certification programs are approved by the Missouri Department of Higher Education and Workforce Development (MDHEWD), ^[26] listed in the National Initiative for Cybersecurity Careers and Studies (NICCS) training catalog maintained by the U.S. Department of Homeland Security, and recognized by the U.S. Department of Defense Credentialing Opportunities On-Line (COOL) ^[27] program for all military branches.

According to the McAfee Institute, the C|OSINT certification validates professional competency in conducting lawful and ethical online investigations, emphasizing intelligence tradecraft, digital profiling, and open-source data analysis. Graduates receive lifetime access to updated course materials and instructor support.

The OSINT Foundation is a professional association for OSINT practitioners in the United States Intelligence Community. ^[28] It is open to U.S. Citizens and seeks to raise the prominence of the open-source intelligence discipline. ^[29]

References

1. Schwartz, Leo (March 7, 2022). "Amateur open source researchers went viral unpacking the war in Ukraine". Rest of World. Retrieved 8 March 2022.
2. Richelson, Jeffrey (2016). The US Intelligence Community. Avalon. ISBN   978-0813349183.
3. "Spy Agencies Turn to Newspapers, NPR, and Wikipedia for Information: The intelligence community is learning to value 'open-source' information". Archived from the original on 2012-10-23. Retrieved 2008-09-15.
4. Leos, Devan (2023-02-28). "Thinking Like a Spy: How Open Source Intelligence Can Give You a Competitive Advantage". Entrepreneur. Retrieved 2023-11-08.
5. "What is OSINT (Open-Source Intelligence?) | SANS Institute". SANS Institute . 23 February 2023. Retrieved 2025-02-18.
6. Ethical Frameworks in Open Source Intelligence . (Report) (2022). Part of the 2022 Public Private Partnership Analytic Exchange Program. Washington, DC: US Department of Homeland Security.
7. NATO OSINT Handbook V 1.2. NATO. 2001-11-01.
8. "OSINT: Open-source intelligence". European Union Data. 2022-05-02. Retrieved 2025-02-18.
9. Bochert, Florian (2021-11-19). "OSINT – The Untapped Treasure Trove of United Nations Organizations". Harvard International Review . Retrieved 2025-02-18.
10. Baker, Kurt (2025-01-17). "What is OSINT Open Source Intelligence? | CrowdStrike". Crowdstrike . Retrieved 2025-02-18.
11. Block, Ludo (2023). "The long history of OSINT". Journal of Intelligence History. 23 (2): 95–109. doi: 10.1080/16161262.2023.2224091 . hdl: 1887/3731669 . ISSN   1616-1262.
12. Bornn, D Marshall (9 Jan 2013). "Service members, civilians learn to harness power of 'Open Source' information". www.army.mil. Archived from the original on 9 December 2017. Retrieved 14 May 2017.
13. Lowenthal, Mark; Clark, Robert (2015). The Five Disciplines of Intelligence Collection. CQ Press. p. 18. ISBN   978-1483381114.
14. See page 413 of the 9-11 Commission Report (pdf) Archived 2007-07-05 at the Wayback Machine .
15. McLaughlin, Michael (June 2012). "Using open source intelligence for cybersecurity intelligence". ComputerWeekly.com. Archived from the original on 2018-06-29. Retrieved 2018-06-29.
16. Office of the Director of National Intelligence. "ODNI Announces Establishment of Open Source Center Archived 2006-06-23 at the Wayback Machine ". Press release, 8 November 2005.
17. Ensor, David. "The Situation Report: Open source intelligence center Archived 2007-03-25 at the Wayback Machine ". CNN, 8 November 2005.
18. Office of the Director of National Intelligence "ODNI Senior Leadership Announcement Archived 2006-06-23 at the Wayback Machine ". Press release, 7 December 2005.
19. "National Open Source Entreprise Vision Statement" Archived 2007-09-28 at the Wayback Machine May 2006
20. DNI Open Source Conference 2008 "Decision Advantage" agenda, Office of the Director of National Intelligence, July 2008. Archived 2010-04-17 at the Wayback Machine
21. DNI Open Source Conference 2007 "Expanding the Horizons" agenda, Office of the Director of National Intelligence, July 2007. Archived 2008-08-01 at the Wayback Machine
22. Fedasiuk, Ryan (2022-04-06). "Into the Jungle: Best Practices for Open-Source Researchers". Center for Security and Emerging Technology. Retrieved 2022-04-22.
23. OSINT Framework, lockFALE, 2022-05-02, retrieved 2022-05-02
24. "Bellingcat's Eliot Higgins Explains Why Ukraine Is Winning the Information War". Time. Retrieved 2022-04-13.
25. Sun Tzu (Warring States period), The Art of War , Chapter 13: "Hostile armies may face each other for years, striving for the victory which is decided in a single day. This being so, to remain in ignorance of the enemy's condition simply because one grudges the outlay of 2 hundred ounces of silver in honors and emoluments, is the height of inhumanity."
26. "Home | dhewd.mo.gov". dhewd.mo.gov. Retrieved 2025-10-15.
27. https://www.cool.osd.mil/.{{cite web}}: Missing or empty |title= (help)
28. New OSINT foundation aims to 'professionalize' open source discipline across spy agencies, 2022-07-27
29. Volz, Dustin (2022-07-27), "New Group to Promote Open-Source Intelligence, Seen as Vital in Ukraine War", Wall Street Journal

• WashTimes.com, Washington Times – CIA mines 'rich' content from blogs, 19 April 2006
• GCN.com, Government Computer News – Intelligence units mine the benefits of public sources 20 March 2006
• FindAcricles.com, Military Intelligence Professional Bulletin October–December, 2005 by Barbara G. Fast
• FAS.org, Congressional Testimony on OSINT and Homeland Security 21 June 2005
• Thompson, Clive (2006-12-03). "Open-Source Spying". The New York Times. Retrieved 2018-05-29.
• "The Intelligence Network : I n t r o d u c t i o n". intellnet.org. 2008-05-09. Archived from the original on 2008-05-09. Retrieved 2018-05-29.

Further reading

• United Nations Office of the High Commissioner for Human Rights; University of California, Berkeley Human Rights Center (2022). Berkeley Protocol on Digital Open Source Investigations A Practical Guide on the Effective Use of Digital Open Source Information in Investigating Violations of International Criminal, Human Rights and Humanitarian Law (PDF). New York, Geneva: UN Office of the High Commissioner for Human Rights; Human Rights Center, UC Berkeley School of Law. ISBN   978-92-1-154233-2. OCLC   1334608062.

Scientific publications

• Deneuville, A., Hernández López, G. & Rasmi, J. (Eds.) 'Contre-enquêtes en sources ouvertes'. Multitudes, 89, 2022.
• Arthur S. Hulnick: 'The Dilemma of Open Source Intelligence: Is OSINT Really Intelligence?', pages 229–241, The Oxford Handbook of National Security Intelligence, 2010
• Cody Burke: 'Freeing knowledge, telling secrets: Open source intelligence and development', Bond University, May 2007 Archived 2016-08-17 at the Wayback Machine
• Florian Schaurer, Jan Störger: 'The Evolution of Open Source Intelligence', OSINT Report 3/2010, ISN, ETH Zürich, October 2010
• Hassan, Nihad A. (30 June 2018). Open source intelligence methods and tools : a practical guide to online intelligence. Hijazi, Rami. [United States]. ISBN   978-1-4842-3213-2. OCLC   1043830928.

External links

• The Open Source Intelligence Resource Discovery Toolkit
• The New Craft of Intelligence: Making the Most of Open Private Sector Knowledge
• Actual Intelligence Case Studies Leveraging Open Source Intelligence (OSINT)
• Sailing the Sea of OSINT in the Information Age
• Open Source Intelligence (OSINT): Issues for Congress, Congressional Research Service, December 5, 2007
• Open Source Intelligence (OSINT): Issues for Congress, Congressional Research Service, January 28, 2008
• The Free Library, FMSO-JRIC and Open Source Intelligence: speaking prose in a world of verse, Military Intelligence Professional Bulletin, Oct–Dec, 2005 by Jacob W. Kipp