3 Key Takeaways From Our New Russia-Ukraine War Report

Our new report details the importance of OSINT through the lens of ten real-life use cases and expert analysis across the cyber, physical, and informational domains

February 6, 2023

Our new report on the role of open-source intelligence in Russia’s invasion of Ukraine details the importance of OSINT through the lens of ten real-life use cases and expert analysis across the cyber, physical, and informational domains. 

Here are 3 can’t-miss details from the report—which you can read here.

OSINT is a game changer

Never before has a war been documented this comprehensively—by military bloggers, reporters, and activists, to politicians, soldiers, mercenaries, and everyday citizens alike—and much of it is open-source. This is, as has been widely written and reported, a war “where open source intelligence is providing more actionable insights than classified sources.”

Our report featured ten use cases that highlights the realized value of applied open-source intelligence. Here are nine OSINT-related questions that our new report provides answers to:

The Role of OSINT in Russia’s Invasion of Ukraine

  1. Which social media and chat platforms do private military companies and other groups use to recruit soldiers and volunteers, raise funds, and disseminate information?
  2. Considering the potential exposure of Western systems to Ukrainian targets, which wipers (malware) have been used against critical infrastructure systems in Ukraine and other countries?
  3. How have the dynamics of the Russian-language darknet changed since the beginning of the war?
  4. What role is cryptocurrency, such as Bitcoin or Ethereum, playing in this war in terms of illicit financing? 
  5. What is the relationship, if any, between the Kremlin and pro-Russian hacktivist groups such as Killnet (which has made headlines throughout the war because of its DDoS attacks on various public and private entities)?
  6. How can Telegram, social media platforms, and other communication channels contribute to open-source investigations of the placement, activities, and identities of invading troops, as well as potential atrocities committed by them?
  7. How can open-source intelligence pro-Kremlin Telegram channels run by correspondents of state-backed media, military bloggers, and mercenary groups, as well as domestic politicians and propagandists, continue shape the domestic image of the war?
  8. How do open-source images and footage of weapons allow for a greater understanding of how they are being supplied and used, as well as confronted and countered?
  9. Beyond a homespun narrative, how do Russian citizens respond to policies such as Russian President Putin’s mobilization order? On a related note, how do disinformation narratives influence political and kinetic decision-making?

Russian and Ukrainian forces and proxies are fighting across numerous overlapping battlefields 

One of the prevailing themes of the report is how we characterize what makes this modern military engagement unique from an intelligence and risk standpoint. Battlefields are converging. Triangulating data across cyber and physical domains, for one, is vital to gaining value from open-source intelligence. Here’s a related snippet from the report’s introduction:

While this is far from the first conflict between the two countries, it is certainly one of the most complicated. Today, Russian and Ukrainian forces are fighting across cyber and physical battlefields, which often overlap. Furthermore, an information war is afoot—a fight for public opinion and influence. Finally, economic warfare exists in the form of sanctions, although this battle is mostly being fought between Ukraine’s Western allies and Russia.

With no end in sight, open-source intelligence remains a must-have to mitigate risk

The war has impacted how organizations in the public and private sectors view and manage risk. Timely intelligence and rock-solid analysis today are must-haves to protect critical assets, infrastructure, and stakeholders from numerous cyber and physical security risks. Why? Because the length of the war remains elusive. Plus, how the war is fought—by what means, by whom, and at which targets—is also changing and evolving. 

It is not yet clear how long Russia’s invasion of Ukraine will last. It is, by all accounts, an open- ended war. President Putin is preparing Russians for a long-term war effort. Ukraine and its supporters in the West seem to show no immediate exhaustion despite Russia’s efforts to wear them down. In Ukraine, most citizens want to continue fighting until the full liberation of the occupied territories…

In addition to the unknowable length of this war, another factor security and intelligence professionals need to consider is the constantly changing face of the war itself. To date, we have seen a quick Russian assault, which Ukrainians repelled; a veritable war of attrition; numerous counter-offensives; political crises and economic problems in Russia; disruptions to the global economy; changes to the Russian-language cybercrime landscape; the blurring of the lines between financially motivated and state cyber threat actors; data leaks from Russia; and more. In late 2022, Russia, which initially prepared for a short war, changed its tactics yet again by hitting critical infrastructure in Ukraine. Both sides seem to be preparing for offensives in 2023.

Read the report today!

Begin your free trial today.