All About OSINT: Interviewing the Experts
By: Olivia Elliott
Introduction
As an emerging member of the OSINT community, I am very passionate about learning more about the field. To deepen my understanding of OSINT, I interviewed six experts in the field. During our conversations, I learned more about the tools and techniques customarily used in OSINT, the triumphs and trials to be expected, and how to integrate myself seamlessly into the OSINT community.
Falling in Love With OSINT
Of course, I had to know what interested them in such a unique field. Interestingly, many of my interviewees discovered OSINT by happenstance. For some, their interest blossomed while working for the government. Sarah Womer, Senior Analyst at Plessas Experts Network, Inc. (PEN), got into OSINT shortly after 9/11 while researching terrorist websites back when she was working as a regional Middle East analyst. She says that she mainly did “...open source intelligence or research on…hostile entit[ies] or negative themes….” Getting to follow the trail from propaganda to other intelligence excited Sarah, so she has been working in the OSINT field ever since.
Following evidence trails had also been an exciting prospect for Rae Baker, a prominent OSINT specialist best known for her book Deep Dive: Exploring the Real-World Value of Open Source Intelligence, and is currently an Advisory Specialist Master at Deloitte. She had wanted to join the crime-solving community for many years and struggled to find a good fit until she attended a conference hosting a Trace Labs competition. Rae described this activity as “...an online missing person finding kind of event…,” where you research actual cases in a sort of competition, but then it has the bonus of all the information being provided to the authorities later. This experience resonated deeply with Rae, so much so that she immediately dove into learning all she could about OSINT, leading her to where she is today.
Karie Nordland, Crime Analyst at Lakewood Police Department, discovered OSINT while “...working for the Toledo Police Department…and very slowly started doing trainings and kind of getting into the realm of crime analysis….” Among those courses were ones focused on OSINT. She quickly realized many applications could be made to her investigations, and as she used OSINT more and more, she found that her desire to learn even more tools and techniques grew, as did her desire to teach them. Now, it is a day-to-day part of her career.
However, Eliot Jardines (current President of Gnosis Solutions, Inc. and Director of Operations and Treasurer for the OSINT Foundation) discovered OSINT in one of his college courses where one of his professors required him to research information, as Eliot says, “...us[ing]...the Internet…And so I literally had to go get an email address, and he would send the assignments out only over the Internet….” Eliot had to use critical thinking and problem-solving skills to collect random snippets of knowledge hidden on the Internet, which is a vital part of the OSINT process, one that Eliot discovered he excelled in. While all that was happening, the United States Army also discovered OSINT, which led Jardines and his unit to begin “...writing a handbook on open source…;” the rest is history.
What’s the Best Part?
Another interesting thing I learned from some of my interviewees was the part of digital investigations that most fascinates them. For many, this is the ability to take one piece of information and get many other details after researching that first bit of information. For instance, Niles Gooding, the current owner of Varda Investigations LLC., enjoys interviewing scam victims because, as he says, “...there’s little digital things that they’ll give me which I can do leads on….” He says he enjoys this because one piece of information will inevitably lead to another and then another. I think this stems from a quality almost everyone in the OSINT community I have talked to has deemed essential: curiosity. It’s clear from my talk with Niles that he deeply appreciates his curiosity’s ability to highlight critical pieces of whatever puzzle he’s trying to put together.
Rae expressed a similar excitement over the fruits of her curiosity, confiding that “...uncovering those little details really makes [her] happy….” She also enjoys organizing the information she finds in link analysis charts, allowing her to follow the trails produced by her research efforts. This is a critical part of the OSINT process because, as we will later see, where information comes from matters. If you don’t have the process or the sources to back it up, you may as well be making the evidence up.
However, Eliot was mind-blown by a different wonder of OSINT: the knowledge that everything leaves a trace and that it’s up to his problem-solving skills to find that trace. He says, “...with open sources, the information 99% of the time is there….” He also mentions that it’s important to consider possible sources and locations of information, as well as the possible motives for the source obtaining that information when scouring the Internet for juicy tidbits of knowledge. This seems an excellent way to start investigations or pick them back up when stuck.
Cynthia Navarro, president of the OSMOSIS Institute, OSINT Cocktail podcast Co-Founder, and OSINT Analyst for Digital Mountain, Inc., shares Eliot’s excitement about information availability. When asked about what fascinates her, she mentions that all the personal details readily available on the Internet interest her, especially because a lot of that information can be found through someone’s connections on social media, no matter how weak. Additionally, she enjoys “...the challenge…[of] collecting or analyzing [information] for verification…” and getting to prove her skills to others. As crucial as verification is in investigations, it can be tedious, leading to people wanting to disregard it entirely, which can have highly damaging effects. It takes noteworthy analysts like Cynthia to find joy in this part of the cycle.
Karie has an affinity for a different element of OSINT work, saying, “One of my favorite things for digital investigation is cell phone analysis….” She especially likes getting the geolocation information from this data, enabling her to track the approximate locations of missing persons and suspects. She is fascinated by the evolution of this technology over time, particularly with how refined they have become. It allows her to construct a narrative depicting the events of the crime, piecing together each event meticulously so that the evidence will be convincing once presented in court.
Across all of my interviewees, the common theme for their fascination was not actually with what they were investigating but with the investigation process. Sarah sums it up the best when she notes, “It’s not necessarily the topic of what you’re investigating, it’s the methodologies and the tradecraft that you’re using for the investigations.” The predictable cycle of intelligence, the use of analysis, and the knowledge that there is an answer to every problem truly fuel the passion for OSINT for these experts.
Application to Careers
As someone aspiring to work with OSINT in the future, it was crucial for me to also discover how OSINT played a role in various careers. One of the many ways my interviewees utilize OSINT is in educating and collaborating with others in the field to ensure efficacy and bring awareness to the field. In Sarah’s work for PEN, she “...work[s] on the news portal…” to educate others about resources available from the OSINT field. To further this goal, she also helps with investigations and occasionally instructs in PEN’s many training webinars.
Other interviewees use OSINT broadly in the investigative world. One example of how Niles uses OSINT in digital investigations is taking a phone number and using that “...to figure out who that telephone number belongs to, whether it’s an active call or active number, [or] whether it’s an IP number….” Using this information, he can later find other relevant information to his investigations, providing a good application for his passion for curiosity.
Karie, for her part, mentions that she “...use[s OSINT] almost every single day…” and assists with multiple investigations due to being her department’s default OSINT expert, a role she is incredibly proud of. However, to anyone who thinks such leadership can be easily attained, Karie warns that there is more than just knowing OSINT involved. She says that while OSINT is a field that can be suited to anyone interested in joining it, to rise to the top, it is essential to know how to find information in the right places in the least amount of time. In addition, Karie notes that it is vital to be adaptable in the ever-changing landscape of the Internet, where resources can vanish like water in the desert. Like in the desert, it is crucial to have the resilience to search for a new oasis when the first is gone. Karie knows how to do this, which is why she is considered an expert in the field.
Rae, like Niles and Karie, also uses various forms of OSINT but says that she “...get[s] pulled into…a lot of maritime stuff…,” a realm of investigation that brings her particular joy. However, she mainly focuses on “...a lot of the networks, uncovering people, places, things that are facilitating illicit activities.” Work like this shows how important her love of organization is. It’s critical to keep track of where the threads between various individuals in a group connect and why, a subject that came up with another one of my interviewees later.
Still others interact with open source intelligence primarily through the legal side. Eliot mentions that he “...[doesn’t] do a lot of OSINT other than sort of day to day related tasks [and] mostly look[s] at OSINT policy [and] manage[s] OSINT contracts….” As a lesser-known and regulated field, OSINT policy and legal definitions need development, so this work is key. Regarding everyday OSINT, Eliot mentions that he is conscious about what apps he downloads and what he buys because our data can be used in ways we aren’t always cognisant of and from sources we wouldn’t even think possible. One example he gave was about a man who bought a vacuum cleaner only to realize that it was sharing information to a server based in China. This story made me realize that in today’s digital world, everyone must interact with OSINT to maintain data security.
Tools of the Trade
While trying not to think too hard about what kitchen appliances might be sharing my information with foreign powers, I also (as a budding collector of OSINT tools) had to know my interviewees' favorite tools. Their answers to this question surprised me.
Rae answered immediately, confiding, “Google is my number one tool…,” which surprised me as I expected a more obscure and technical tool to be named. However, Google is a formidable part of any digital investigation arsenal. Knowing how to use search operators and parameters can help narrow down the search for information, making Google one of the best starting points for research into a case.
Another common yet powerfully revealing tool was mentioned by Karie: social media. She says, “...I am fascinated by the fact that people continue to put their entire lives online and…it’s great for us because we can use it to our advantage….” Every aspect of these media services, from the pictures, reels, and other posted media to the comments and user profiles, can potentially contain valuable information, allowing investigators to collect evidence that solidifies the case and hopefully convinces the jury when brought to court.
Cynthia brought up one of my favorite tools: Epieos, a tool designed to gather more information about a person just by being provided an email address. This information consists of other accounts that email is associated with, such as social media. Another tool she claims to have merit is “...Framework, which is great because it will list everything that you may be doing within your investigation, and, say you have a username or you have a phone number, whatever it is you’re looking for, you click on that, and then it’s gonna bring out different tools that can be used, and you can look at these tools.” This seems like a good tool for beginners unfamiliar with the vast majority of OSINT tools, but also, as Cynthia noted, for people inexperienced in particular investigative areas. This could also be a resource suitable for finding additional tools when others have failed or for developing new avenues of investigating a case.
However, there was another exciting tool I had never heard of and was eager to learn more about: TLOxp, which Niles praised. He describes it as “...a database that…gathers all sorts of information from mainly across the US, but it’ll…do a little bit overseas.” Some of its merits include the ability to search a name and come back with “...a little bit of criminal history…date of [birth], previous addresses, any corporations or businesses that they’ve been associated with, either they’ve worked with or not.” Any database has the potential to hold a treasure trove of information on subjects, so I can see the benefit of using this tool. Niles also recommends Pipl, which I was more familiar with, and can give similar information after simply being provided an email address.
Other tools mentioned were more organizational, providing my interviewees a way to keep track of links between pieces of information as well as a visual way for others to see the flow of logic. Eliot mentions Maltego and Analyst's Notebook (also known as i2) as good resources, but he cautions users against simply dumping the information in and going on their merry way. He says that “...the standard link analysis chart is a chart that measures centrality…or popularity” and to keep in mind that “...popularity is not the same thing as influence.” Simply put, just because someone comes up frequently in your investigative research doesn’t mean they are more important or a leader in an organization you’re trying to investigate. It’s essential to think about why they have that presence, why others don’t, and to understand the patterns occurring in the data. As Eliot says, “...what’s not there is equally important, if not more important than what is there,” proving the importance of organization.
Rae also shares Eliot’s love of organization, naming i2 as her go-to tool. “...I think being able to see things visually for some people makes [investigating] so much easier. Because half of it is…where are the gaps, what am I missing, what did I forget, and I feel like it just…lines it up [for you],” she says, listing the merits of using similar resources.
Sarah, however, had a very different answer, confiding that she is less enthused about the tools themselves but rather the creativity and ingenuity needed to exploit those tools for uses they weren’t technically designed for but can be used for nonetheless. She also cautions that “...whenever somebody is using a tool, they should never be 100% reliant on it….” It is crucial to understand where a tool gets its information from and what errors or incapabilities may come up when using the tool. According to Sarah, the brain is our best tool, a theme that came up later in many of the interviews.
Educational Connections
When researching my interviewees, I found that many of them had previously or currently produce(d) educational material for members of the OSINT community. To learn more about this common thread, I asked each member what led them to want to do so.
For Sarah, it was to fill a need that the military had for OSINT because she “...thought it would be important for people that were going down range to be able to do OSINT in a wartime environment…,” which was somewhat of a struggle because some divisions were skeptical about how effective it could be or how it could be better than their own tools. As you’ll see later, OSINT has, and will continue to have, a very positive impact on our military.
Karie also decided to teach others about OSINT to fill a void, saying that she would compile her knowledge into presentations and later notice that her knowledge wasn’t incorporated in other experts’ talks, indicating that what she had to share was unique. This later led Karie to give talks of her own, incorporating interactive scenarios into her presentations. However, her education aspirations don’t stop there. She says, “...my main goal and something I would love to do in the future is I want to go out into smaller departments that don’t have the money or the budget for analysts and be able to teach their police force how to do a lot of these OSINT and social media investigations….” This is a noble goal, as programs like this could greatly assist communities with low infrastructure, notably less populated, rural communities.
Facing similar challenges, Eliot educates on OSINT to bring “...advocacy for the discipline…,” particularly as others outside the discipline tend to spread misinformation, a problem that will be elaborated on later. OSINT is actually a very intricate discipline that seems deceptively simple, and that is what Eliot wishes to impart. To draw people into this discipline, he says it is important “...for people to see some of the products, what…OSINT can do,” and to impart why OSINT matters. They primarily try to do this through their Product of the Year award, in which participants submit written products that can be used by the general public so that OSINT’s importance is understood. He also mentions that college students will soon be able to engage in an OSINT competition, a plan presently being engineered by the OSINT Foundation.
Rae also got into teaching OSINT to promote the field to others, particularly in a way that wouldn’t intimidate them with technical knowledge from the outset. She does this well, especially in her book, which is a great introduction to the entire field without being too overwhelming for newcomers. “...I try to keep it very…conversational and very light and stupid…,” she explains about her tone, making her book a go-to resource for the OSINT community.
Cynthia’s work with the OSMOSIS Institute focuses primarily on OSINT instruction, which she enjoys “...because it’s all about bringing this wonderful community together and help[ing] one another…” to make it a safe space for fresh OSINT enthusiasts to ask questions and learn about the field. They provide resources, create events, and, above all, “...emphasize…ethics…” and teach people to avoid engaging in confirmation bias. This answer also helped give me insight into what it was like to work at OSMOSIS.
Niles, however, had a different motive, one that started in one of his previous careers. He says, “...when I became a DEA agent in particular, and started dealing with not only the bad guys, but the victims, that really led me down the road of wanting to kind of educate the public…[about] the effects…drugs have on people,” pointing out that drug use often leads to “...other types of crime” like theft, physical violence, or even murder. He particularly cites the documentary Dopesick as an excellent example of this phenomenon.
The Triumphs
But what, you may ask, are some of our interviewees' successes that resulted from their OSINT skills? In an act of extreme kindness and heroism, Sarah once helped out a family whose daughter had overdosed (thankfully still alive), using the drug dealer’s Snapchat account name to find a bunch of data on the subject, which she delivered to the family to turn over to the authorities. This story moved me because it shows the ability of OSINT to keep future victims of subjects safe and to give closure to existing victims’ families.
Karie’s story went even darker. “...we had a homicide a couple years ago,” she recalls, “and we had potential cell phone number of [our victim].... Our victim’s cell phone was taken away from the scene, we got his records, and we found it was weird that he was making phone calls after we believed he was dead. So we took those phone numbers, ran [them] through…all of our intel and everything, and it was coming back to this one guy.” However, while Karie did note that their man had gang connections, his appearance didn’t match the witness testimony. So, Karie took that phone number over to CashApp, which is often used for criminal transactions and found that number connected to a different individual. Karie says, “...I remember he had a…gangster cashtag or something and [we] found him on Facebook; he matched our description and I was actually able to figure out who he was based on the plethora of information that he put on his Facebook page….” After providing that information to the detective, they ended up discovering that the person Karie had found on CashApp was indeed their perpetrator and were able to connect him to two other murders.
Another high-stakes case found Cynthia investigating an unofficial event during which a participant was hurt. She analyzed multiple videos people had taken at the event, searching for the victim, as their job at the time was to check to see if the victim was still alive. However, while Cynthia didn’t find that evidence, she did find evidence of who perpetrated the attack on the victim, gaining intel for her team that would contribute to achieving their goal.
Another exciting OSINT success occurred due to Eliot’s efforts in the army during the Persian Gulf War in Iraq. At the time, they were trying to plan a maneuver that would hopefully result in a successful sneak attack. However, this maneuver “...required massive amounts of troops and equipment to move through unstretched, [uncharted], uninhabited stretches of just desert. And so [the person in charge of the maneuver] required soil composition and trafficability analysis, so that we don’t get the trucks and tanks stuck….” Unfortunately, multiple entities within the government, when requested to provide that information, said that they were unable to locate it. They were about to send a team to obtain soil samples (which could have jeopardized the future maneuver) when Eliot and his team discovered something within the Library of Congress. As Eliot recounts, “...on the shelf at the Library of Congress was a report written almost 100 years earlier by a group of American archeologists who had received funding from the government. They had done textual analysis of the Bible, and were pretty certain [of] the final resting place of Noah’s Ark….” In the planning for this expedition, this team of archeologists knew that in case they did come across the Ark, they would have to ensure that they would be able to return with the religious icon without getting stuck themselves. So, they traveled that route and did the same tests of the soil that the United States Army would need about 100 years later. Using that information, the maneuver was a success.
Rae couldn’t mention details on one of her many successes, but what she admitted showed how much of an effect OSINT has on the world. She says, “...one of the things I found led to a Presidential Action, so that was pretty cool….” Additionally, Rae counts the completion of her book as one of her other biggest successes, a noteworthy addition to her list of successes as it provides an accessible look at OSINT and people can utilize it. She also pushed herself out of her comfort zone by becoming an occasional public speaker, an act that challenged her but ultimately helped build her brand.
The Trials
Of course, not all stories are success stories, but all stories have wisdom. In their limitations, in situations that didn’t end happily, my interviewees found things to remember in their investigations.
In the most relatable of the struggles, Rae mentions, “I think the biggest challenge is working with other people. I think that that’s always a challenge….” She takes pride in following all the leads and ensuring that effort is put into her work, and it’s frustrating to her when others don’t reciprocate. And, as she notes, even if they do, group members may work at a different pace than you, so there’s also that to keep in mind. To combat this frustration, Rae says that she has to “...step back, like, okay, they’re gonna finish it, they don’t want [her] to fail, they don’t want to fail, they’ll get through it. I just gotta let them do their thing, and just personally, that’s a struggle for [her].” At the same time, she admits there is such a thing as overachieving and putting in too much effort, so she works hard to self-regulate that for herself and others.
The struggles only got more high-stakes from there. As Sarah admits about struggles occurring during investigations, “...you can’t expect everybody else to be able to react real time. I think that’s a frustrating thing for all OSINT analysts.” She gave an example of a Snap on Snapchat’s Snap Map that showed a woman “...being sold in front of a hotel….” Unfortunately, while Sarah narrowed down where the Snap had been recorded in a timely manner, the people on the other end couldn’t react as efficiently, and they lost her. Sometimes, even if someone has used OSINT to do all they can, it may not be enough, and that hit home for me in this example.
Niles’s struggles seemed to connect with Sarah’s in that time can be critical in determining the outcome of a case. He mentions that it is easier to interview a victim and get more information when they’ve been scammed recently instead of a year ago, mainly because their memory is fresher and sharper, allowing him to have more data to track down the subject.
However, sometimes more data might not always mean good data. When asked what her biggest struggle in digital investigations was, Karie admitted, “The large amount of misinformation that’s out there…” and the arduous process of determining what information is timely and outdated. It’s critical, she says, to determine the veracity of what OSINT resources tell you because some detail on a subject might be accurate up to the date or be stuck on relevant information five years ago. To confirm her findings, Karie looks at multiple resources capable of providing the same type of information and checks to see if the information matches. To do this, she uses both OSINT resources similar to the one she found the original information on and her organization’s database. Although the use of her organization’s database is not OSINT, it serves as a reliable way to assess the information gleaned from OSINT.
Operational security (OPSEC) can be another considerable issue. Ideally, as Eliot says (and Cynthia agrees), “...we should be gathering more information than the information we’re leaving behind….” He notes that the foot traffic left on adversarial sites can be an indication of data collection and that that collection can give away that that site has desirable information. Suppose the people who operate that site know that the information is of interest. In that case, they will ensure that nobody can access that information, leading to an inability to monitor adversaries effectively in the future.
Lastly, another big struggle in working in the OSINT field is dealing with what is known as vicarious trauma, which is the effect of taking in disturbing and traumatizing content of something terrible happening to another person and then feeling that trauma yourself. This is especially prevalent in people who work on pedophile or other sexual assault cases. In Sarah’s case, this came from her extensive research on terrorist websites, which can be disturbing, but she offers some guidance in this space. She says, “...I think some OSINT analysts can get burnout…For a while, I had it, and…you have to find that healthy balance, so that you’re not just surrounding yourself with all these dark things.”
Advice for the Newbies
I asked all my interviewees what advice they would give to young professionals aspiring to enter the OSINT field, both for myself and for the good of others who share my passions. They did not disappoint.
Rae started answering this question by describing how open OSINT is to accepting new followers, especially as it’s gained renown in the media and popular culture. The problem is that new OSINT followers tend to miss one critical thing when attempting to join the community. Rae says that “...the one thing that people…don’t want to do is market themselves, and…[she’s]...always telling people to do that and they fight it because…it’s weird for people to…put themselves out there and some people don’t like to blog [or] talk about themselves….” However, Rae swears by this method’s success, having built her brand as an OSINT subject matter expert (SME). With the general public's lack of understanding about what OSINT is and what it can do, any certificate you receive is nice but less effective without the extra branding and explanation of your skills. As an example, after Rae participated in the Trace Labs competition that she had mentioned earlier (she won second place), she was contacted by Deloitte, both because they were impressed with her performance in the competition, but also because they had then looked her up, read and watched her content, and knew that she possessed skills that would make her a desirable employee.
For Sarah’s part, she again touted the importance of investigative thinking, saying, “I think the one thing that is…the bread and butter for…an aspiring young person looking to join the OSINT field is…you should start off with…one kind of area that you specialize in…but the biggest part of it is having that foundation of analytical thinking and getting a basis of things like…competing hypotheses, association matrixes, how you do inductive, deductive logic, all that kind of stuff. Because, again, the tools are just the tools, and they’ll be there for a while, and then out comes a new tool. And you can always learn a new tool.” The Internet is in a constant state of change, but what will never change is the importance of being able to problem-solve. Later in my interview with Sarah, she also mentioned the importance of operational security (OPSEC), and that it is crucial to “...not [put] somebody else’s life in danger,” and, more generally, that it is crucial to be ethical when doing OSINT.
Niles’s piece of advice was one that I, funnily enough, had been following during my interviews. “...the biggest thing,” says Niles, “is getting ahold of those subject matter experts and picking their brain. And if you go to some of their trainings, their…trainings are absolutely fantastic. The other thing…is…as you start to go to these trainings, or [pick]...their brains and [say] ‘Hey, what do you use?...How do you do these types of investigations, they will typically tell you….” To advance in the OSINT community, collaborating and learning as much as possible is important, evident from Niles’s testimony.
Cynthia agrees with learning as much as possible, particularly from field experts. She says, “...go out and take different…courses that…[are] going to help you to understand how to do the work. [You want to] know the ethics, you wanna know the different tools that are available out there…and I recommend going to LinkedIn…” in order to see “...who appears to be having a lot of followers and folks watching what they’re doing…,” particularly if they have reliable intel. She also advises, “...start following them, but you wanna see where that passion is for you because you might find something you don’t even know you like…and passion is what really pushes you forward more than anything,” again showing that esteem for discovery is a common trait among OSINT community members.
In that same vein, Eliot mentions that it is crucial to “...be curious about the world around you,” whether it’s studying linguistics, traveling, or reading up on a culture you were previously uneducated on. This is especially handy, Eliot says, if you’re trying to get into an intelligence agency.
Another recommendation Eliot had on how to get into the intelligence community revolved around internships. He says, in particular, to “...apply [to] all the intelligence agencies…because…getting the clearance for the background check is the biggest hurdle…” and tends to take a long time.
Karie agreed with Eliot’s and Niles’s opinions, saying that getting your feet wet in OSINT is critical to learning about and advancing in the field, whether done through internships or talking with experts. She says, “...what can set you apart is having done research, having taken those trainings, and be able to speak to the experience that you’ve already gathered just being a young student in college.”
Recommended Resources
Of course, my knowledge-hungry brain wanted more, so I asked my interviewees what resources they would recommend for someone interested in OSINT and digital investigations. I would be remiss to withhold them from fellow amateurs, so I have provided them here.
One resource provided by Eliot was the group known as Bellingcat. He mentions that they have good training and that their book, We Are Bellingcat: Global Crime, Online Sleuths, and the Bold Future of News, is also a good resource, but that “The one caveat with that book is some of the things that they do is not open source,” so it’s essential to research what is and is not OSINT if you are unfamiliar with it. Eliot also recommends (and I concur) that the docuseries Don’t F*** With Cats: Hunting an Internet Killer is another good resource showing the investigative process, although it does have its problems with the lack of OPSEC that occurred. It should also be noted that this docuseries contains somewhat graphic images and content and should be watched with caution. Another resource provided by Eliot was the frequently updated book, Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information.
Another Bellingcat enthusiast, Cynthia, recommended visiting Bellingcat’s Discord and home site. Cynthia also mentioned ProPublica, an organization that often collaborates with Bellingcat. Of course, she also mentioned the resources provided by the OSMOSIS Institute, noting that many members are OSINT experts.
Karie, for her part, highlighted the material created by PEN, which ranges from training to articles to blog posts, and referred me to OSINT Techniques content, some of which is developed by another prominent OSINT expert, Ritu Gill. Along with those two resources, she recommends following experts (naming Chuck Cohen as an example) and going to speaking events.
Rae also recommended other interesting literature. In our talk, she praised the online content created by OSINT Curious and recommended searching for topics of interest on YouTube. She also mentioned the importance of following prominent OSINT community members on social media and paying attention to what they post. She says, “...I like to follow experts who are doing things that I…want to be doing so that I can model what I’m doing off of what they’re doing….” And, of course, never missing a branding moment, she offered up her blog.
Sarah also quite rightly pointed out that resources benefitting newcomers to the OSINT community will differ based on specific interests. Still, she pointed out one that has a common thread with every interest. She says, “I think one of the big things…is to do an internship,” mainly because it can help beginners gain experience in the particular line of work they are keen on. She also mentions shadowing, getting a PI license, and obtaining legitimate OSINT certifications as valuable learning opportunities.
Regarding certifications, Niles cited the ACFE certification as particularly good because it takes a lot of effort to complete and will likely make a good impression on a resume. He says that getting multiple certifications and having many experiences to draw from can make an individual more marketable and, consequently, more likely to be given a job offer.
Internship/Job Openings
In that line of questioning, I also asked my interviewees whether their companies had any internship and/or job opportunities that would benefit analyst aspirants like myself.
I was already aware that Plessas Experts Network, Inc. offers internship opportunities, having participated in one this summer. However, Sarah also mentioned that potential job opportunities may be available, particularly if paired with obtaining a PI certification.
The OSMOSIS Institute is both hiring and offering internships according to their website, although you must first become a member to have access to said positions.
The OSINT Foundation offers jobs, but not internships, due to the nature of their employees working face-to-face with government clients or via a home office, neither of which would be appropriate spaces for an intern. Entry-level positions with their company exist, particularly for recent graduates, but you need a clearance to apply and obtain a job with them due to the nature of their work.
Conversely, Deloitte is highly supportive of interns and offers numerous internship opportunities, particularly targeting recent college graduates, with competitive compensation.
Karie notes that her department occasionally has internships, though they are uncommon. While the position is not exclusively focused on OSINT, it remains a valuable opportunity. Karie often works closely with the interns, providing instruction in the techniques and tools relevant to the field.
OSINT’s Problems
While OSINT is an excellent field, it does have problems. One of those problems, as described by Eliot, is “That there are many people who think that because they use the Internet that that gives them the right to speak about open source intelligence. So, many senior leaders who think that because they can Google, they understand the complexities of open source, and that’s not the case….” This false idea of OSINT being pushed by people who aren’t informed can be damaging to the field by making it seem like something it isn’t (which can mess with future legislation regulating its use or recruit or dissuade people who shouldn’t be recruited or dissuaded from the field). In fact, the OSINT Foundation was created because “...the biggest challenge we have is that the people who are speaking the loudest on OSINT are rarely knowledgeable,” and they want to set the record straight on what OSINT is and is not.
Karie’s worries also stem from people who don’t see OSINT how it is actually used. She says, “I think [the biggest problem] is the fear of Big Brother. I say this with social media, I say this with a lot of sites, I think people are very fearful that government, law enforcement, all these entities are trying to track their every movement, all of their information, and because of that, sites keep getting shut down…the majority of the public is afraid that we’re tracking everyone when they don’t understand that most of the people we’re looking into we’re looking into for a specific reason.” This fear most of the civilian population has is mostly unfounded because even if the authorities did care what everyone was up to all the time, I doubt they would have the manpower and bandwidth to monitor them all. However, due to this irrational fear and subsequent OSINT witch-hunting, the authorities are suffering resource losses that could otherwise help them track down dangerous criminals.
Rae has a similar worry to Eliot about the world’s lack of understanding of the nature of OSINT. When asked about the field's problems, she says that “...the lack of unified certification” is the biggest. She adds, “...anybody can say they’re an OSINT analyst…There’s no good one-stop-shop to get a certification. You can get it from Sands, you can get it from McAffee (which I wouldn’t recommend). I know OSMOSIS has theirs now and they’re trying to make their…certificate into that…but as it stands right now, there’s not one fully recognized certification that you can take to a job and everybody knows you know what you’re doing.” This makes it hard for employers to adequately determine which candidates have the skills and which are pretenders.
Yet another problem facing the OSINT community centers around morality. Cynthia says, “I think that ethics would be a big [problem] because you can go out and get information. The question is how you went out and got that information and that can be a real challenge. If you’re very eager to get some information, you have to have that discipline that you will keep your ethics and you’re not gonna get it illegally because that happens so much. You have to be very, very careful within that field,” especially if the courts are in play. If evidence is not obtained carefully and properly, that evidence is inadmissible in court, and your opportunity to apprehend someone dangerous is potentially squandered.
Conclusion
These interviews show that OSINT is a diverse discipline. However, as I learned in these interviews, some essential qualities will help you stand out in the OSINT field. First, we need people who are curious, who will question the information they are provided with thoroughly, and who will look for creative ways to solve problems. These people are necessary to aid the efficiency and effectiveness of verifying information and tracking down criminals.
We also need people who can adapt easily to the changing technology and criminal landscape. As advancements bring new tools into play and force others into obsolescence, we need people willing and eager to learn quickly to keep up with the similarly widening field of crime.
What can people just joining us expect from OSINT in the near future? We can expect that AI will continue to develop and evolve in its capabilities, including those that can be used for OSINT, as well as the ethical and legal ramifications of its use. We can also expect that OSINT as a whole will be discussed from an ethical and legal standpoint, as its definition is not widely known, and the line between gathering too much information and just enough information can be gray at times. We’ll need invested and engaged people willing to engage in these conversations so that our tools and techniques fit the needs of our members and the people we’re trying to protect.
If you’re even a little bit interested, don’t be shy! Reach out to other members in the OSINT community or go to local events! Our community members are always happy to talk about what they do. I also encourage you to pursue internships with companies, groups, and agencies that work with OSINT to dip your toes in and get some hands-on experience. Finally, I cannot undersell the importance of reading. Use the resources I mentioned in this article, and seek out more so that you can learn more in-depth about what possibilities exist in our field.
I hope this article provides some of this knowledge to others who, like me, want to be involved in this community of diverse passions. Below, I have linked the resources mentioned by my interviewees. If you have any questions or comments or want to chat about OSINT, please do not hesitate to reach out via LinkedIn! I am always happy to answer questions and discuss OSINT! And, as always, happy investigating!
Sources (for interviewee research):
Sources (for interview conduction):
Resources mentioned in paper:
Editing Tools/Resources:
Kirby Plessas, CEO of Plessas Experts Network, Inc.
Kyle Elliott, COO of Plessas Experts Network, Inc.
My lovely interviewees:
Rae Baker
Niles Gooding
Eliot Jardines
Cynthia Navarro
Karie Nordland
Sarah Womer
Grammarly (extension)
ChatGPT