Importance of OPSEC in Wartime OSINT

Russia’s missile strike on Retroville Mall might have been triggered by a video shared online by a random guy from Kyiv, a Ukrainian military investigation found. The image shared on social media might have revealed the presence of Ukrainian military vehicles at the Mall. 

Ukrainian authorities have arrested one individual believed to have leaked the information on his TikTok profile, and are currently investigating whether the suspect whether the social media user had knowingly aided the enemy. Regardless of how the investigation pans out, this incident should spark a wider conversation about using OSINT responsibly, especially during wartime.

 

 

OPSEC IN THE AGE OF OSINT

Operations Security (OPSEC), sometimes called “operational secrecy,” is the process through which adversaries are denied information, mostly unclassified, that can compromise an ongoing or planned operation. OPSEC is usually pro-active and requires a constant re-examination of which obvert actions and public information displayed could prove to be a puzzle easy to piece by the enemy. 

OPSEC is especially relevant in our current information environment, where open-source exploitation is a ubiquitous practice and the tools of the trade are not only proliferated at an unprecedented scale but also increasingly easy to use. 

GUIDELINES TO SAFEGUARD UKRAINIAN OPSEC

The Ukrainian Ministry of Defense (MoD) has periodically asked the public for support in preserving OPSEC and denying the enemy knowledge about the whereabouts and movements of the Ukrainian military. Here are some of the guidelines issued by the MoD: 

Guideline 1: Do not generate and/or post information that could be used by Russian forces against Ukraine. More specifically, do not share information pertaining to the location, disposition, capabilities, movements, and intentions of the Ukrainian military. It is also advisable not to generate content of the damage inflicted on Ukrainian forces by the enemy, including battle damage assessment (BDA). 

A personal example I can share is that in the first days of the war, we at T-Intelligence conducted a thorough review of all Ukrainian airbases using satellite imagery to determine their state following Russia’s pre-invasion missile campaign. For OPSEC considerations, we decided to not publish the results. 

Side note A: This recommendation only applies in the case of military targets and involving the Ukrainian military. Obviously, when the Russians strike civilian targets and commit war crimes, it is absolutely imperative to document the event. 

Side note B: Guideline 1 does not forbid you from celebrating the achievements of the Ukrainian military forces. It just calls to exercise judgments of how you do it. 

Guideline 2: Do not re-share and amplify information that could be used by Russian forces against Ukraine. This point is probably more relevant to the vast majority of OSINT analysts online who are not from Ukraine and cannot generate eyewitness content. 

Just because something is online does not mean that the deed is done. The level of amplification can decide how quickly information spreads and reaches the enemy. In some cases, reduced amplification can buy the Ukrainians some time while the information becomes ephemeral, or help it stay buried under “white noise.” 

As an analyst, you should study such material for your own consumption and internal assessment, but disseminating it further could make the job easier for the enemy.

With guidelines 1 and 2, I am simply echoing the recommendations issued by the Ukrainian military. 

Guideline 3: Focus on the enemy. Document the war crimes committed by the Russian military in Ukraine, the indiscriminate attacks on population centers, widespread looting, and other aspects.  Unfortunately, there is plenty of work to be done in this regard… 

Intelligence has to be objective, but it does not have to be neutral. Intelligence is most effective if it provides an advantage to a side to the detriment of the opposing side. 

Wartime OSINT is a different game, so prepare to play by different rules. 

by Vlad Sutea


Hi there!

Interested in our OSINT Training? Contact us for a live demo!

Post by I. Vlad Sutea

Comments are closed.