Espen Ringstad (Zewensec)

🔗 Twitter

What was your OSINT highlight of 2020?

I think I’d like to highlight the so-called “FBI Etsy t-shirt case”, where the FBI was able to identify a participant in the George Floyd protests based on her t-shirt. She was wearing a shirt that she bought on Etsy, where she had also left a review. This, in addition to image analysis of photos and videos, where they were also able to identify a tattoo, ultimately lead to the arrest of the protester.

“Agents said they then found an Etsy shop that sold the T-shirt the woman in the photo was wearing, and linked a review to a woman in Philadelphia, finally identifying her place of work on LinkedIn.”

This felt like a watershed moment for OSINT, especially from a civilian standpoint. The case got a lot of traction in the media and it seemed like everyone was just baffled by the FBI’s ability to use social media to identify a protester using modern intelligence techniques found in the discipline of OSINT.

2020 has attracted a lot of new people to the field, especially with the popularity of OSINT-related CTFs. I almost get the feeling that those who wanted to be hackers/pentesters before want to be OSINT-ers now, which is great!

The downside to this is that we are definitely seeing people with bad intentions utilize the tools and methods that we share so openly in our communities. I have experienced this first hand at Operation Safe Escape, where we deal with cases that involve abusers and stalkers that are very competent in their OSINT skills.

Any favorite tool or technique that you tried in 2020?

Publicly and especially free satellite images have taken huge strides in 2020. I’m amazed by how good the quality, selection, and frequency of satellite images have become and I love using them in my investigations. Thanks to IntelliEarth, Sentinel Hub, Google Earth, and others!

How do you see the OSINT landscape changing in 2021?

I think we will see more use of automated data collection tools for OSINT in general and a large number of tools and platforms to handle that data. OSINT will help identify important data sets for qualitative and quantitative data analysis, which in return will help narrow which methods and tools we should apply for more specific investigations.

Anything else you’d like to add about The State of OSINT?

As OSINT grows in popularity and attracts a large number of beginner OSINT-ers, please be open to the idea that even beginners can teach you a thing or two - don’t shut them down just because they are new! Invite their somewhat naive and fresh perspectives into the fold and support their eagerness as they look for new solutions to old problems.