Stay up to date with the latest OSINT news around the world.

This week in open-source intelligence (OSINT) news: international cooperation is key for executing successful OSINT missions – from tracking oil spills to locating missing Ukrainian children and bringing down cybercriminal gangs.

This is the OSINT news of the week:

Who is responsible for the oil spill?

In early February, a barge capsized off the Tobago coast, leaving behind an oil slick that extended some 90 miles into the Caribbean. Tobago authorities have called on those responsible for the barge to come forward and face accountability, but between the ship-to-ship oil transfers, vessel name changes and disabling the automatic identification system (AIS) location data, the mystery of how a stranded barge ended up in the center of a major oil spill is not going to be easy to solve. 

Bellingcat was able to reconstruct the ill-fated journey of the barge and its tugboat using satellite imagery, AIS data and other publicly available tools:

  • In late January, the vessel stopped transmitting AIS data and didn’t re-enable its location monitoring until almost two weeks later.
  • Shortly after, it could be seen on satellite images leaking an oily fluid, leaving behind a long slick. Such an oil trail could not be seen earlier, indicating that the barge must have taken on oil from Venezuela while stopping in Pozuelo’s Bay — a common location for ship-to-ship transfers used to avoid sanctions.
  • Even after the tug’s name was quietly changed, Bellingcat was able to follow its voyage by analyzing images from ports and geolocation information.

The researchers have ultimately connected the barge and its tug to a group of companies that are likely the ones responsible; but despite all available evidence, the management company continues to deny any wrongdoing and the people of Tobago are still waiting for the answer.

“Those unanswered questions remain unanswered at this point. Such as, number one, who is the owner of the vessel that ran aground in Tobago and is leaking oil?”

Tobago House of Assembly Chief Secretary Farley Augustine

International investigators locate missing children

More than 60 detectives from 23 countries used digital open-source data to trace eight Ukrainian children. By using advanced facial recognition, OSINT experts were able to find recent images of the missing children and correlate them with information from geolocation sources to determine where these images were taken. 

The government in Kyiv estimates that nearly 20,000 Ukrainian children have been forcibly displaced from their homes to Russia since the Russian invasion began in February 2022. While the Russian government denies the accusation and says it has protected the children by moving them from a war zone for their own safety, the fact that the children’s whereabouts are mostly unknown is undisputed. Digital sleuths from all over the world are contributing their time and expertise to the missing children project in hopes that their efforts can help reunite families — one child at a time.

“In 2023, the International Criminal Court issued an arrest warrant for the Russian President Vladimir Putin and his Children's Rights Commissioner Maria Lvova-Belova for the alleged unlawful deportation of children.”

Anna Holligan & Diana Kuryshko, BBC Ukraine correspondent

11-nation operation takes down world’s “most harmful” cybercriminals

Another story that highlights the benefit of international cooperation: An international coalition of law enforcement agencies in 11 countries announced this week that it had taken control of computers and software at the heart of LockBit — the world’s most prolific ransomware gang.
The infrastructure seized from the group included hundreds of electronic keys needed to recover the stolen data as well as the site on the dark web where LockBit leaked data from victims who refused to pay ransoms. The law enforcement effort, dubbed Operation Cronos, was led by the U.K.’s National Crime Agency and included the FBI and other enforcement agencies. 

LockBit malware has been responsible for about a quarter of all ransomware attacks in the past two years. The gang has published data stolen from Boeing, upset financial markets with an attack on the financial services division of a major Chinese bank, ICBC, crippled Britain’s mail service last year, and hit numerous U.S. cities, school systems and counties.

“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code and obtained keys that will help victims decrypt their systems. As of today, LockBit is locked out.”

Graeme Biggar, NCA Director General

The age of intelligence diplomacy 

Intelligence has always been an asset to U.S. diplomats, but it was the war in Ukraine that highlighted the importance of sharing strategic intelligence with our partners. Brett M. Holmgren, the U.S. Assistant Secretary of State for Intelligence and Research, shares his opinion of the importance of “intelligence diplomacy” — using declassified intelligence to support diplomatic activities and public diplomacy to advance U.S. foreign policy objectives.

Holmgren, however, also warns that without appropriate safeguards and oversight, intelligence diplomacy can increase risks to national security, undermine trust with foreign partners and erode U.S. interests. He cites many examples of both successful intelligence diplomacy outcomes, such as enabling the U.S. and allied response to Russia’s invasion of Ukraine by declassifying intelligence to warn Ukraine  (and the world) about Russia’s plans, and disastrous outcomes — like making the case that Saddam Hussein possessed weapons of mass destruction. That information turned out to be inaccurate and tarnished the intelligence community’s reputation around the world for a generation.

Ultimately, Holmgren states that there is no one-size-fits-all approach to intelligence diplomacy. Different government agencies need to develop and deploy models consistent with their own authorities and objectives, to maximize the benefits of intelligence diplomacy while guarding against misuse or abuse.

“Intelligence diplomacy should support a defined policy objective; be consistent with and reinforce other elements of national power; prioritize strengthening alliances and partnerships; rely on credible, reliable, and ideally multisourced intelligence to maintain U.S. credibility; and strive to share new, unique information that is not otherwise available through open sources.”

Brett M. Holmgren, the U.S. Assistant Secretary of State for Intelligence and Research

Every other week, we collect OSINT news from around the world. We’re also gathering information on cyberthreats, federal intelligence strategies and much more. Follow us on X (Twitter) and share the OSINT news you’re keeping up with.

To keep up to date on the latest OSINT and cybersecurity news, join our newsletter below.

Subscribe on LinkedIn

OSINT news