This article looks into the use of open source intelligence (OSINT) within NATO’s Multinational Corps Northeast (MC NE). It is based on the author’s PhD research for which 56 respondents from the corps were interviewed on their intelligence work, including their use of OSINT.
MNC NE is the command for NATO ground troops in Poland, Estonia, Latvia, and Lithuania. While the Russian invasion of Ukraine has put the alliance on alert, it remains in peacetime condition as long as Article 5 is not invoked. Therefore MNC NE is not fully manned or equipped and has a limited operational mandate that restricts intelligence collection activities. As a result, respondents in all echelons of the corps fell back on collecting intelligence from open sources. Most of this collection took place on the internet and includes news sites, blogs, fora, social media or websites of relevant organizations such as Institute for the Study of War or Bellingcat. In doing this, the respondents faced several challenges.
First of all, the technical access. For security reasons there was a limited number of computers that have access to the open internet. And in many cases the connection was limited in bandwidth, thereby affecting search activities. Secondly, there were no specific open source collection tools available within MNC NE. Meanwhile, many relevant tools are available that facilitate structuring, focusing, and automating the collection of open sources as well as facilitate access to the deep and dark web. Thirdly, open sources in the Russian language posed significant problems. Most staff did not master the Russian language to the extent that they could easily collect and interpret open sources that are in Russian. There was general agreement that this lack of Russian language capabilities hampered collection efforts. The fourth challenge is the magnitude of open sources that are available. For many respondents this resulted in sheer information overload making it very difficult for the respondent which sources to select and focus on.
While these challenges are of a more practical, or circumstantial, nature the problem runs deeper. Intelligence staff had little knowledge of, and experience with, conducting OSINT. Almost none of the respondents had followed an OSINT course or training, although these are widely offered. An additional point of concern is the invalidated nature of the open source information. As one section head remarked: ‘The main challenge of the operating environment is the confirmation of a piece of information that is open source.’ Many respondents pointed to the limited collection mandate. This made it difficult for them to verify information from open sources.
Furthermore, respondents argued that the F6 system, that is used to grade sensor reporting and judge the credibility of the source (score between A-F) and reliability of the information (score between 1-6), is difficult to apply to open sources. For a sensor report the source is either the sensor itself (e.g. observation, imagery) or a human source (signals intelligence or human intelligence). However, when determining the source for an online news article, the F6 system leaves room for interpretation. Is the news company the source or the medium? If the article is based on several sources, some cited from other media, what is the source then?
The F6 system is especially difficult because Russian disinformation is often tied into existing phenomena and real news facts. This is difficult to unravel and understand as it is, let alone to use the F6 system against. Several respondents even questioned the use of open sources as it was. One respondent, reflecting on the information value of social media mentioned by many respondents, stated: ‘Social media is only about extremes; every nuance is filtered out by algorithms. It’s a common mistake to think that social media is an actual reflection of the world and of people’s perceptions and ideas.’
The reliance on open sources, the lack of OSINT training and experience, and the problems with determining the reliability of information had severe consequences. Given these difficulties, it is not clear whether the use of open sources at the corps was mere collation of publicly available information, or if it entailed some form of analysis or enrichment that turns it from aggregated information to proper intelligence. This had the risk ‘of importing propaganda, misinformation, and disinformation’, as one divisional lieutenant-colonel stated. In particular in the context of the current information war, respondents considered this potentially harmful. This danger is real, as Varzhanskyi shows. [1] Using the concept of reflexive control he studies how in the Russo-Ukrainian war disinformation is used to influence open source information and intelligence to ultimately influence the opponent’s decision-making. While the respondents are aware of this danger, their working circumstances are certainly not optimized to prevent this.
Bram Spoor
Assistant Professor of Intelligence
Netherlands Defence Academy
The Netherlands
