When it comes to militaries launching attacks using open source intelligence (including in the Wagner incident), it is unlikely that they will do so solely based on data gleaned from social media. While Ukrainian officials have said the photos of the Wagner base were useful, it is not clear whether they combined this with existing information before they launched their attack. Ukraine’s Ministry of Defence did not respond to questions about how it is using open source intelligence. However, it did recently share a photo online claiming that a Russian tourist posed for holiday photos in front of Russian air defense systems.
“Militaries like to have fidelity if they’re going to do a kinetic strike or target something—they have to justify their targeting,” says Maggie Smith, an assistant professor at the Army Cyber Institute at West Point, adding that her views do not represent those of the US military. Smith says OSINT can “show you where activity may be so that you can point more exquisite intelligence assets to focus on that area and get better visibility, better granularity, learn more about it.”
The Wagner attack is not the only instance of military action based (at least in part) on information published online. In June, the Centre for Information Resilience (CIR), a nonprofit organization that counters influence operations, published a report saying a pro-Russian OSINT group used footage from a Ukrainian news channel to locate a munitions factory in Kyiv. The building was then hit by Russian missiles, and three civilians were killed. People in Ukraine have also faced criticism for sharing social media footage of their locations.
Anything that is posted online can be used by military forces for their planning or operations. “As a commander on the ground, you have to be aware that so much data is being produced about every single one of your soldiers at any given time,” Smith says. “The signals that are emitted from cell phones or any of anybody’s web presence, anything like that, can send signals to your adversary about your location, potential training cycles, all those types of things. Any sort of photo that is posted by anybody in your ranks can probably be used to help identify where you’re located, what assets you may have.” (In the past, public data from fitness app Strava exposed military bases, as well as the names and heart rates of soldiers on them.)
Giangiuseppe Pili, an open source intelligence research fellow at the Royal United Services Institute for Defence and Security Studies, says that OSINT has been used by militaries and intelligence for years, but there has recently been an acceleration in what is possible. “The big change is the data fusion capability of open source intelligence now—so to combine different sources into one product that really brings a picture of the reality in a realistic sense,” Pili says. The speed of analyzing open source data has also increased, Pili says.
In addition to ensuring that data is accurate before it is acted on, McDonald says that there may be privacy questions of militaries using open source data that they scrape from social media. “We don’t really have a good understanding of what the limits should be or whether there should be any limits,” McDonald says, adding that if citizens send in information they have taken, this could make them military targets, further blurring the line between civilian and combatant.
While OSINT is being used on the ground for military purposes, it’s also being used in Ukraine to clean up after battles have taken place. Andro Mathewson, a research officer at the HALO Trust, is using open source data in Ukraine to help clear landmines and understand what weapons are being used. This largely comes from social media posts. “Our analysis helps us to plan our operations, tailor our demining training, and know what to educate people about in our risk education outreach,” Mathewson says.
In April, HALO Trust relocated its headquarters to the Kyiv region to focus on “clearing the contamination from the occupation” in the area, Mathewson says. “During our open source data trawling, I spotted a cluster of tractor and combine harvester accidents caused by antitank mines in Makarov,” they say. “Things like videos of burning tractors or photographs of large craters, or destroyed vehicles missing wheels.” As a result of the social posts and the open source data, the group was able to deploy its teams to the area and start clearing the destruction.