When Nick Waters left the British Army in 2015 after four years as an infantry officer, he was looking for new things to do. Because of his interest in global conflicts, he started a master’s degree in Conflict, Security & Development at King’s College London.
The course sparked his interest in open source intelligence (OSINT), a field of investigation using publicly accessible information. His final piece of degree work, on the power of OSINT for investigating disinformation during the Ukrainian conflict, was published by Bellingcat, the digital investigations collective, in 2016. Now their senior investigator, he reports on the war in Yemen, conflict in Syria and global drone attacks using OSINT.
The method has gained new ground in the social media age. The expansion of search engines, social networks and digital tools have made the internet the biggest database in existence. Now, everyone from corporations and law enforcement to journalists and researchers are able to forensically crack difficult cases using OSINT.
One day I’m going to find the person who added the landscape function to @googleearth and I’m going to buy them a beer.
Top: still from @amnesty video. Bottom: Google Earth Landscape function
cc @samueloakford pic.twitter.com/u2aa8nuOcr
— Nick Waters (@N_Waters89) June 11, 2019
Founded by Leicester-based journalist Eliot Higgins from his living room, Bellingcat is one of OSINT’s most famous pioneers. Initially focusing on weapons used in the Syria war, the organisation received wide international attention for its investigation into a downed Malaysian Airlines plane, flight MH17, in July 2014. Now, it publishes regular high-quality reports investigated through OSINT and trains others interested in the method.
Waters talked to First Draft about the essential skills, tools and characteristics a successful open source investigator should have. Here is a summary of the main points of the discussion.
- Fluency in critically analysing information
Verifying images and videos found on social media is central to an OSINT analyst’s work. So as information is distributed in increasingly unimaginable quantities online, it’s vital for OSINT – and all – journalists to critically analyse everything they see.
Given that eyewitnesses often post about a breaking news event to social networks like Twitter before the mainstream media does, this information is a valuable source. But some of this content can be misleading, or even downright fraudulent.
Safeguard your reporting by questioning every post, image and video on social media. Most importantly, scrutinise the user it came from, asking who they are and why they’ve shared something. “Critical analysis of sources and information is a really big part of [OSINT],” said Waters.
- Knowledge of advanced search
Knowing where to look for open source information is one thing. But using search functions to their fullest extent is also key, says Waters. Twitter and Google have tools and tricks that perform more advanced searches to unlock certain information.
Twitter’s advanced search retrieves tweets based on a particular phrase, location, date, language group of accounts or hashtag. (Facebook’s graph search function that allowed users to perform powerful searches using keywords, locations and date ranges was recently disabled.)
There’s also a specific language that can be used on Google to retrieve results not possible with simple search queries. Known as Google Dorks, they are search queries that make search results more precise than with a basic Google search.
“Google is a mind-blowingly powerful tool,” says Waters. “And people only use the barest minimum of its functionality.”
- An investigatory mindset
The best tools and techniques can help journalists in their hunt for information. But what is central to being an effective OSINT researcher is an investigatory mindset, said Waters. “I wouldn’t narrow it down to one or two tools. What unites [OSINT researchers] is a love of problem solving.”
He said it’s important to learn how people behave in a breaking news situation and know how to apply that to investigations.
“Every tool we use changes or is impermanent, but what maintains what we do is an investigatory mindset of looking at a problem and working out different ways to solve it,” said Waters.
- Contextual understanding when using geolocation tools
Geolocation – finding the specific location of where a photo or video was captured – was the first thing Waters learnt when he first started open source research. It is at the heart of OSINT.
Waters describes his own expertly-crafted toolkit for geolocation. He uses map tools Google Map and Google Earth, and reverse image search tools like Russian search engine Yandex’s reverse image search function and RevEye, which performs inverse image searches on multiple platforms from one place.
He also uses weather tools like SunCalc and ShadowCalculator to track the time of day or changes to a location over time for clues as to when an image or video might have been captured.
Waters also uses a technique called “intersection” – drawing lines between two known points to decipher where the camera was when an image was captured. (Image: Nick Waters/Twitter)
But there’s more to geolocation than knowing what tools to use.
“A lot of people assume we look at the image and instantly know where it happened. But they don’t understand there’s a huge amount of context needed to work out where the image comes from.” Having language skills or local understanding of a region helps, he said.
Samir Harb (@obretix on Twitter), a geolocation specialist – or “geolocation god”, as Waters describes him – uses his local knowledge of Syria to investigate incidents relating to the conflict there.
“He’s very good at the act of matching up locations, but one of the reasons he’s so good is he has a good contextual understanding of events on the ground and of Syria itself,” Waters said.
- Ability to leverage the crowd on social media
OSINT “found its most innovative and effective use in the hands of journalists”, Muhammad Idrees Ahmad, Lecturer in Digital Journalism at the University of Stirling wrote in a profile on the collaborative investigations platform for The New York Review of Books.
Bellingcat took these methods to the next level by crowdsourcing investigations and engaging a global community of volunteer collaborators. “People think about the OSINT sphere as a community and it really is,” said Waters. “You’ll find people who will geolocate the most difficult image and they won’t see it as a chore, they’ll see it as a challenge.”
Waters said all OSINT journalists should learn how to leverage the social media crowd, tapping into it as well as contributing to it. “Because [community] is one of the most powerful things about this sphere.”
To stay informed, become a First Draft subscriber and follow us on Facebook and Twitter.
