Between journalism and intelligence: Why OSINT is needed

Every day, millions of public data items appear on the Internet: posts, photos, documents. OSINT (open source intelligence) turns this chaos into valuable information — from finding fraudsters to investigating crimes. We tell you how it works in practice.

OSINT (Open Source Intelligence) is the process of obtaining intelligence information from open sources. Unlike methods that involve unauthorized access (doxing), OSINT uses legal, publicly available data: social networks, forums, open registries, satellite images, search engine indexes, and database leaks. The key principle of OSINT is exclusively legal access to information. Using prohibited methods such as hacking accounts, intercepting correspondence, or installing surveillance is unacceptable.
“Osinter” works only with what is already in the public domain.

Research methods.
There are two approaches to OSINT research:

• The passive method involves analyzing information without interacting with the target — without communicating or leaving traces. In other words, simply studying all sorts of open data: social networks, geotags, locations with photos, comments on publications.

• Active search is considered the least secure in terms of information security. Allows limited interaction (for example, sending friend requests, creating fake profiles to obtain information). For example, an “osinter” may try to infiltrate chats or try to directly extract information from the target.

Sources of information

  • Social networks. Structured analysis of publications, metadata, content, social circle, intersections by subscriptions and reactions provides valuable behavioral and contextual data. All this allows you to create a digital portrait of the user.
  • Search engines. Everything that gets on the Internet stays there for a long time. Even if there was an attempt to delete information, some materials can be saved in the cache or in web archives. The same applies to channels in messengers.
  • Data leaks. Such information often appears on shadow forums or specialized aggregators. With their help, you can check whether logins, passwords, addresses, bank data or confidential documents have become public.
  • Databases of departments and organizations. Contain public information (tax, debts, property). With the help of such databases, you can legally obtain official information about real estate or enforcement proceedings; there are also databases of court decisions.
  • Special programs (vehicle number databases, satellite image databases, etc.). Special tools allow for a more in-depth study of the information.

However, it is important for “osinters” to remember that they may come across false information. Therefore, the data must be carefully checked.

  • Cross-checking. The reliability of information is confirmed through different sources. For example, if an email address appears in several leak databases, there is a high probability that it really belongs to the subject of the study. The same applies to publicly available photos, which need to be checked not only in the user’s account, but also, if possible, in the accounts of the environment.
  • Archiving services. The history of account changes can be tracked through tools such as the Wayback Machine, a service that saves copies of web pages.
  • Metadata. Image and video files may contain information about the date and time of shooting, coordinates, and device model.

OSINT is a powerful tool for cybersecurity, financial intelligence, investigative journalism, and compliance audit specialists. Its effectiveness depends on proper query planning, the task at hand, the tool base, and the skills to interpret data in context. Read our next article to learn how to conduct OSINT investigations.