On Monday 5 June, the Foch Amphitheatre at the École Militaire hosted an IHEDN Monday on the theme of "OSINT: the new sinews of war? Chaired by Julien Le Bot, journalist and writer-director (Arte, France Culture, RFI, Actes Sud), the meeting provided an opportunity to cross the views of three speakers who are both experts in and practitioners of OSINT: Alexandra Jousset, journalist, film-maker, winner of the Albert-London 2022 prize, producer of the 'Sources' programme on Arte; Frédéric Lenfant, forensic expert in criminal analysis and digital investigations, fraud analysis, cyberthreats and OSINT; and Kevin Limonier, lecturer in geography and Slavic studies at the French Institute of Geopolitics (Paris 8 University) and deputy director of the French Institute of Geopolitics. GEODEa centre specialising in the geopolitics of data.
OSINT is an acronym for "open source intelligence". But how do you define OSINT? For example, "IHEDN Mondays are free open source intelligence", as the Institute's director, Lieutenant General Benoît Durieux, points out in his introduction. This applies to all public information sources, "sources used by intelligence services, journalists and activists", as Julien Le Bot sums up.
A COMPLEMENTARY FIELD OF INVESTIGATION
"OSINT starts with a simple Google search", says Alexandra Jousset. Co-author (with Ksenia Bolchakova) of the award-winning documentary "Wagner, l'armée de l'ombre de Poutine" (France 5, 2022), she is delighted with the collaboration between journalists in the field, like herself, and journalists specialising in data research. In this case, for their documentary, those ofOpenFactoa French-language platform for open-source investigation.
Their work "enables us to find information that is difficult to obtain on the ground. On Wagner, we were able to verify information that we had thanks to open sources: satellite images, databases, lists of US sanctions, etc. This is essential to be more sure of what we publish, because in journalism, we have to check three times rather than once". This enabled them to prove that several companies linked to Wagner were exchanging funds in Africa, and thus to detail the group's activities on the continent.
For Frédéric Lenfant, "there are a huge number of tools and resources, and each of them will offer a small part of the information". Hence the importance, in OSINT, of the methodology for aggregating information. The aim of any investigation is to make connections and cross-checks," he explains. The professional field of this former gendarme, criminal analysis, is fully applicable to OSINT. In the case of the notorious training account SMS fraud, for example: "We use a tool that enables us to find one piece of information, which leads us to find another, and then, through the modus operandi, we end up identifying a place and then a person".
THE READER CAN REDO THE SURVEY IN REVERSE
For his part, researcher Kevin Limonier talks about "putting data to music": the technical processes for extracting and representing this data, and then the whole methodology that will enable the information to be told. He has shown that the Russian army's priority is to reroute Internet networks eastwards as soon as it takes control of part of Ukrainian territory.
By definition, OSINT implies a high degree of transparency. "There is a notion of reversibility of information", notes Frédéric Lenfant, since the reader "can redo the investigation in reverse". Alexandra Jousset notes that the public appreciate knowing the method used by journalists: "It responds to a societal issue of mistrust of institutions. Her programme on Arte, Sources, shares the sources and methods of each programme, for example for Prigojine's filesWagner's boss.
The three speakers noted a recent trend: governments are themselves starting to communicate on sensitive subjects, elevating confidential information to OSINT status. This was the case when the US government warned the whole world of the imminent Russian attack on Ukraine in early 2022, even though it did not reveal the sources of this information. For Kevin Limonier, this represents a real break with the regalian relationship to information: "Today, strategic intelligence is available to everyone.
Alexandra Jousset reports that in Mali, for the first time, the French army warned some journalists that its drones had filmed Wagner's militiamen making a fake mass grave that they intended to blame on him.
RISKS AND ETHICAL LIMITS
Frédéric Lenfant reminds us: "Everyone is on the Internet, and everyone leaves traces". For the former gendarme, "the Internet is the equivalent of a digital crime scene. It's the principle of trace transfer: we look for traces, but we also leave traces" by looking for them. Alexandra Jousset has realised this: "It's very important to cover our tracks, and initially, journalists weren't trained in this at all. She herself was unaware of this need until she was introduced to it by her colleagues at OpenFacto: "In just two clicks, the person we were investigating could find out who we are.
But this tagging of everyone's activities on the Internet is a godsend for researchers, journalists and spies, says Kevin Limonier: "The great revolution in OSINT today is that digital traces make visible networks and power logics that weren't visible 20 or 30 years ago". However, the academic also points out the ethical implications: "OSINT is a lot like hacking, because it involves retrieving data from sites that weren't designed for that purpose: Tinder was not created to track down French soldiers in Benin", as has been the case.
What's more, notes Frédéric Lenfant, "we have to weigh up the possible consequences of disseminating information to the general public, even if it's open source: in a gendarmerie investigation, I noticed the difference between what I saw in the media and the reality of the investigation, and what the consequences of this dissemination were for our work". He also questions the notion of data leakage: "Either it's voluntary, and therefore a whistleblower approach, or it's the result of hacking, in which case it's concealment and illegal". So before using leaked information, you should always ask yourself: "Am I dealing with open-source information, or information resulting from data theft?
In the future, more and more "turnkey" tools will be available for harvesting OSINT, and a growing number of people will be familiar with the methodologies. However, as Frédéric Lenfant points out, "there are always misappropriations of technological advances". Kevin Limonier wonders: "There may come a time when someone will create a false digital trail to trick someone using off-the-shelf tools. Another unknown factor is the development of IT tools and their accessibility, which will no doubt make it more difficult for government departments not to leave any traces. "This is not an easy issue to manage," says Frédéric Lenfant.
