Skip to content

OSINT

Open-Source Intelligence (OSINT) is the discipline that identifies, collects, processes, analyzes, and disseminates information from publicly accessible sources—such as websites, social media, news media, government databases, Internet technical data, satellite imagery, and others—in order to respond to a specific intelligence requirement [1].

Intelligence requirement

Therefore, an intelligence requirement is the defining element that triggers the cyber intelligence process [2]. Examples of how to transform a problem into a intelligence requirement could be the following ones [1]:

Problem Intelligence Requirement
Suspecting that an organization or individual is carrying out malicious activities Determine if this person is associated with a terrorist group
A company needs information about the risks of operating in a specific country or region Assess the political and economic stability of a country to consider an investment
Tracking or solving a crime Locate the whereabouts of a fugitive
Keeping track of a competitor or a target organization Monitor the activities of a competing company
Ensuring the accuracy of media reports or political claims Verify the authenticity of a news story or statement

Historical evolution

  • 1941–1980 (Pre-digital era):
    The U.S. Foreign Broadcast Monitoring Service (FBIS) monitored foreign radio broadcasts during World War II; this practice institutionalized the use of open sources to support strategic decision-making.

  • 1990s–2000s:
    The expansion of the Internet multiplied open data repositories, and the first open data portals appeared. OSINT was still considered a complement to SIGINT/HUMINT.

  • 2010–2020:
    The explosion of social media, mobile broadband, and open government data elevated OSINT as a key discipline in investigative journalism (e.g., Arab Spring or Panama Papers leaks).

  • 2022–present:
    The war in Ukraine and the popularization of generative AI have made OSINT a primary source of real-time situational awareness, capable of verifying military movements via satellite images and geolocated videos shared by the community.

Current situation

Nowadays, the scope and relevance of OSINT have been amplified, mainly due to these three factors:

  1. Data proliferation: Every minute, millions of posts, records, and transactions are uploaded; even commercial satellites offer revisit times of less than 24 hours over most of the planet.

  2. AI and automation tools: Computer vision algorithms, natural language processing, and link analysis allow filtering noise and detecting hidden patterns.

  3. Regulatory maturity: Frameworks such as GDPR or the EU AI Act require the integration of privacy and transparency, professionalizing the discipline.

Use cases

  • Conflict verification: Analysis of satellite images and videos to confirm movements and damages almost in real time.

  • Disinformation detection: Monitoring hashtags and coordinated bot networks. Increasingly challenging with generative AI (deepfakes).

  • Supply chain risks: Cross-referencing customs, patents, and corporate records to detect business links and potential sanctions violations.

  • Cybercrime investigation: Correlation of domains, TLS certificates, and forums for technical and contextual attribution of malware, phishing, or ransomware campaigns.