- Rescana Engineering
The AI-bots are coming (to OSINT)
For about 50 years during and after WWII, the nature of OSINT (open-source intelligence) was pretty simple — it was primarily focused on gathering actionable insights from various foreign news sources.
These sources created supplemental, publicly available data that analysts would combine with classified intelligence to get a more comprehensive “lay of the land.” And the intelligence community largely viewed OSINT as a neat addition to their primary data sources rather than a mission-critical asset.
Fast forward to today, and it’s more than clear that this era is decidedly over.
Evolution of OSINT
There are two reasons why the nature of open-source intelligence has changed so dramatically.
First of all, the scope and type of open-source data have exploded with the onset of the digital age. OSINT has gone from being a collection of data from news sources to encompassing everything from the dark web to social media platforms, public records as well as from the infrastructure of the internet itself (DNS, Websites, and others).
Secondly, certain technological advancements have helped OSINT overcome some of its major historical obstacles — scale and speed.
Before NLP (neuro-linguistic processing) tools and other AI-powered technologies became commercially available, a large amount of OSINT data made it difficult to process, analyze, and deliver actionable insights — at least at speeds necessary to prevent and contain threats on time.
However, artificial intelligence technologies such as computer vision and natural language understanding, including capabilities such as sentiment analysis, text classification, and entity extraction, have exponentially increased the data volumes that can be processed in real-time. Today’s AI-powered OSINT tools empower intelligence analysts to pinpoint vulnerabilities, corroborate reports, and uncover otherwise hidden threats.
What is OSINT today?
Today, OSINT is comprised of PAI (publicly available information) and CAI (commercially available data). It includes many elements, from details on crypto activities and dark web interactions to IP and domain knowledge, hyperlocal and crowdsources events, business and people insights, and other public records.
From a supplemental source of information, OSINT has become one of the foundational resources that other, more traditional intelligence disciplines couldn’t do without. For example, conventional human intelligence, HUMINT, is now supplemented by on-the-scene crowdsources reporting through social media apps. And the same goes for open-source imagery extensively used in modern wartime intelligence to add accuracy to traditional geospatial and imagery intelligence.
In the past, intelligence disciplines such as targeting were available only to governments due to the nature of the sensitive data used. However, data like email traffic and call detail records that would only be available through subpoenas in the past isn’t always necessary in that form — it can be supported or even replaced by comparable open-source information, like location insights, the dark web, and social data, as well as various relationship network analyses.
Of course, this wouldn’t be possible without AI usage in OSINT. As the number of different applications and data sources increased, the volume of data for OSINT processing grew accordingly — requiring brand new analytical methodologies.
That’s where AI tools come to the rescue, increasing the utility of OSINT beyond anything anyone could have predicted just a few decades ago. Machine learning algorithms have allowed us to unlock the full potential of OSINT data, vastly increasing the quality and volume of insights received from OSINT analytics.
Essentially, AI took something that was a challenge — huge data volumes — and turned it into an opportunity and an advantage.
Automation tools powered by machine learning and AI can quickly scan incredible amounts of conversations and other large-volume data, quickly identifying risks and connections that require further investigation.
It’s worth pointing out that malicious actors have access to OSINT tools as well, which means that OSINT data analysis demands a non-stop, 24/7 schedule. Keeping pace with identifying, assessing, and counteracting risks would be impossible in near real-time without AI.,
These new approaches allow analysts to focus on what the human factor does best — extracting and acting on relevant insights instead of wasting vast amounts of time they’d otherwise spend on data entry and analysis.
Even though we’re still in a relatively primitive stage of AI development, today’s AI solutions can observe data patterns from more sources and with more accuracy than any human could — and they’re even more effective when dealing with machine-generated threats.
Speaking of accuracy — AI dramatically reduces the number of errors that happen in analysis through more consistent and comprehensive processing. Of course, machine learning and AI can’t wholly replace traditional human studies conducted by intelligence experts.
However, they greatly empower human analysts, allowing them to prioritize their time better and focus on the most vital information while forming assessments. From corporate intelligence leaders to national security agencies — technology has made OSINT insights indispensable for everyone.
When a situation needs to be assessed and addressed in real-time, AI-powered OSINT is the answer. The effectiveness of any intelligence process is significantly increased through continuous screening, which automatically finds potential red flags — especially when identifying risks within supply chains or organizations.
Before such technology was available, hours of human labor had to be spent on periodic inspections. Today, far more accurate screening is completed in mere seconds — and decision-makers are quickly alerted to potential problems in a timely, precise, and routine process.
All in all, OSINT has never been as mission-critical or valuable as it has become by incorporating AI technologies. Every organization that needs to protect itself against security vulnerabilities would do well to use OSINT — it won’t replace human analysts any time soon, but it can empower them.