viciousoptimistLeave a Comment on The Perils of OSINT

The Perils of OSINT

Imagine, for a moment, you are a bad guy from a hostile nation-state. In the Army, we referred to such opponents as OPFOR – opposing forces.

Suppose your nation does not have the military capacity to directly engage US. or NATO forces due to funding limitations, present-day technological capabilities, or common geographic positioning.

However, your nation does possess unfettered access to the internet and – most importantly – the will to disrupt, destroy, and demoralize military, industrial, or societal targets.

Enter social media… where you can browse not just potential targets, but also assess the second- and third- order effects of any actions you might take to assess the effectiveness of seemingly innocent, innocuous inconveniences that were the results of your efforts.

This is what I find myself thinking of more and more – though, it’s not an entirely new thread. Back in January 2022, I mulled over the capability of weaponizing information in “The Cost of a Tweet” and immediately after that, “Two Sides of Pyrrhic” touched on the carelessness in the race to trend/show off on social media.

There are times when I read a headline or an article about an event with a key piece of infrastructure and one simple word comes to mind:

Probing.

In short, probing is exactly that – to conduct an activity with the intent on discovering weaknesses, capabilities, and responses to said activity. From casual queries on a potential romantic interest’s receptiveness to affection to deliberate military operations to find an exploitable avenue of attack, probing is part of the intelligence discipline which permeates everyday life more than one would think.

Which is why it could be so easily overlooked as something other than what it is.

Not too long ago, I was watching a YouTube video about what happens when infrastructure gets hacked, and one of the examples cited was the January 2024 cyber attack on the water system of Muleshoe, Texas.

Immediately, I found it fascinating just for the name alone. While I am not, by any stretch of imagination or claim, an Intelligence professional, it doesn’t take much to imagine that the specificity and uniqueness of the name of the targeted town might have been intentional. After all, if it weren’t for the event, Muleshoe would have remained under the radar for everyone.

However, I started to wonder if my thoughts were right – that events like this, while relatively benign, might be part of a larger effort to probe not weaknesses, but reactions to the event and subsequent efforts to mitigate/deter future attacks along these lines.

This is where OSINT – open-source intelligence – efforts become somewhat worrisome.

There are some fantastic channels on YouTube and content creators out there who put a substantial amount of effort into their brand and field; I frequently visit several to see what they have to offer for information and perspectives of stories not typically visited my Legacy Media and/or to verify that my own observations on other trends aren’t isolated to just my overactive imagination.

However, despite the proven lunacy of much of the commentary offered on Twitter/X, this platform has been making me question whether too much information on the actions/reactions and/or factuality/capacity for gullibility within the commons is really a good idea.

I had started this post before learning of the drone attacks on Russian airbases. Upon getting the first snippets of what happened, I pulled up a PDF of an old Rand research report to see when I had first downloaded it – 28Sep2015. Even then, I highlighted several interesting sections – to include the following:

Another possibility is that adversary or other ground forces would be equipped with advanced standoff systems and therefore be able to conduct precision strikes against parked aircraft and other high-value targets. These could include guided rockets, artillery, missiles or mortars, small unmanned aerial vehicles […]

This wasn’t the only PDF I found on the topic, and not the only highlighted text:

Likewise, commercially available small unmanned aerial systems, geocaching smartphone computer applications, and social media flash mobs offer organizational, kinetic, and intelligence, surveillance, and reconnaissance opportunities to the next generation of tech-savvy threat actors.

Commanders must make hard choices on base defense, considering mission requirements, resource constraints, and the dangers of a determined enemy enabled by technology like remotely piloted vehicles (RPV) and GPS-guided munitions. The threat is growing, and defenses are less certain.

Those last two quotes were from a book published by the Air University Press in 2021. The titles of both examples are intentionally left out because the entire point of this post is my concerns about open… source… intelligence becoming the Good Idea Fairy of nefarious entities.

Why is it so hard for folks to understand the value of information – not just for their own means, but for the intent of others? Even something as simple as the seeming fun participation in questions like “What was your first car?” has me ranting about how even with a limited exposure to SERE and understanding the basics of ISOPREP development can see how dangerous small bits of information can be to the right collectors.

“But… you are posting online, dude. It’s not like they don’t already have boatloads of data on you already…” one might protest.

Yeah, but I don’t want to make things easier. Hell, once you start paying attention to automated license plate readers, one starts to get that lead-pit-in-the-stomach that information as a commodity is where we already are.

Returning to the opening scenario… social media has become a window not just of the world of commodified reactions, but of potential after-action reviews (AARs) for kinetic actions around the world. Future historians, anthropologists, and digital archeologists are going to have an amazing and frustrating time in looking at what is posted in comparison to how things turned out. I can only imagine that much of their reactions are going to be something along the lines of: “How could they NOT see how that was going to play out?? What a bunch of idiots!”

The price for all of the shenanigans – current and future?

One Tweet.

Discover more from milsurpwriter

Subscribe to get the latest posts sent to your email.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from milsurpwriter

Subscribe now to keep reading and get access to the full archive.

Continue reading

search previous next tag category expand menu location phone mail time cart zoom edit close