Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Government The Media The Military

Open-Source Intelligence: How Bellingcat Uses Data Gathered by Authoritarian Governments (cnn.com) 52

CNN profiles Bellingcat, a Netherlands-based investigative group specializing in "open-source intelligence". And investigator Christo Grozev tells CNN that authoritarian governments make their work easier, because "they love to gather data, comprehensive data, on ... what they consider to be their subjects, and therefore there's a lot of centralized data."

"And second, there's a lot of petty corruption ... within the law enforcement system, and this data market thrives on that." Billions have been spent on creating sophisticated encrypted communications for the military in Russia. But most of that money has been stolen in corrupt kickbacks, and the result is they didn't have that functioning system... It is shocking how incompetent they are. But it was to be expected, because it's a reflection of 23 years of corrupt government.
Interestingly there's apparently less corruption in China — though more whistleblowers. But Bellingcat's first investigation involved the 2014 downing of a Boeing 777 over eastern Ukraine that killed 283 passengers. (The Dutch Safety Board later concluded it was downed by a surface-to-air missile launched from pro-Russian separatist-controlled territory in Ukraine.) "At that time, a lot of public data was available on Russian soldiers, Russian spies, and so on and so forth — because they still hadn't caught up with the times, so they kept a lot of digital traces, social media, posting selfies in front of weapons that shoot down airliners. That's where we kind of perfected the art of reconstructing a crime based on digital breadcrumbs..."

"By 2016, it was no longer possible to find soldiers leaving status selfies on the internet because a new law had been passed in Russia, for example, banning the use of mobile phones by secret services and by soldiers. So we had to develop a new way to get data on government crime. We found our way into this gray market of data in Russia, which is comprised of many, many gigabytes of leaked databases, car registration databases, passport databases. Most of these are available for free, completely freely downloadable from torrent sites or from forums and the internet." And for some of them, they're more current. You actually can buy the data through a broker, so we decided that in cases when we have a strong enough hypothesis that a government has committed the crime, we should probably drop our ethical boundaries from using such data — as long as it is verifiable, as long as it is not coming from one source only but corroborated by at least two or three other sources of data. That's how we develop it. And the first big use case for this approach was the ... poisoning of Sergei and Yulia Skripal in 2018 (in the United Kingdom), when we used this combination of open source and data bought from the gray market in Russia to piece together who exactly the two poisoners were. And that worked tremendously....

It has been what I best describe as a multilevel computer game.... [W]hen we first learned that we can get private data, passport files and residence files on Russian spies who go around killing people, they closed the files on those people. So every spy suddenly had a missing passport file in the central password database. But that opened up a completely new way for us to identify spies, because we were just able to compare older versions of the database to newer versions. So that allowed us to find a bad group of spies that we didn't even know existed before.

The Russian government did realize that that's maybe a bad idea to hide them from us, so they reopened those files but just started poisoning data. They started changing the photographs of some of these people to similar looking, like lookalikes of the people, so that they confused us or embarrass us if we publish a finding but it's for the wrong guy. And then we'll learn how to beat that.

When asked about having dropped some ethical boundaries about data use, Grozev replies "everything changes. Therefore, the rules of journalism should change with the changing times." "And it's not common that journalism was investigating governments conducting government-sanctioned crimes, but now it's happening." With a country's ruler proclaiming perpetual supreme power, "This is not a model that traditional journalism can investigate properly. It's not even a model that traditional law enforcement can investigate properly." I'll give an example. When the British police asked, by international agreement, for cooperation from the Russian government to provide evidence on who exactly these guys were who were hanging around the Skripals' house in 2018, they got completely fraudulent, fake data from the Russian government....

So the only way to counter that as a journalist is to get the data that the Russian government is refusing to hand over. And if this is the only way to get it, and if you can be sure that you can prove that this is valid data and authentic data — I think it is incumbent on journalists to find the truth. And especially when law enforcement refuses to find the truth because of honoring the sovereign system of respecting other governments.

It was Bellingcat that identified the spies who's poisoned Russian opposition leader Alexey Navalny. CNN suggests that for more details on their investigation, and "to understand Vladimir Putin's stranglehold on power in Russia, watch the new film Navalny which premieres Sunday at 9 p.m. ET on CNN."

The movie's tagline? "Poison always leaves a trail."
This discussion has been archived. No new comments can be posted.

Open-Source Intelligence: How Bellingcat Uses Data Gathered by Authoritarian Governments

Comments Filter:
  • This seems heroic, and it is. But by publishing these scoops they are hardening the Russian info sphere. Probably 5-eyes agencies knew these facts as well, but didn't publish, because they knew that if they did then those tactics would be removed for future exploitation. I am not sure this group is helping anyone in the long term. Their interests are not really perfectly aligned with the best intelligence posture of the West -- they get a lot of publicity from their discoveries. You have to wonder if t

    • by splutty ( 43475 )

      The corruption in Russian, well, everything, is so deeply ingrained by now that it's pretty much impossible to close all the holes that exist.

      Reminds me of a comment "Why would we send spies if you can pay 2 bucks to a government official?"

      • Re:closing windows (Score:4, Insightful)

        by rantrantrant ( 4753443 ) on Sunday April 24, 2022 @09:06AM (#62473792)
        This is exactly what spies do: Cultivate relationships with insiders to get them to reveal secrets & gather precise, valid, reliable information straight from the horse's mouth over months, years & decades. Running around, breaking things, causing problems, etc. is the least effective way to gather information. Films about real-life, effective spies would be deathly boring - absolutely no drama or anything out of the ordinary.
    • by gtall ( 79522 )

      The 5-agencies probably do also know these facts. However, were they to publish them, useful tools like you would be claiming they were 5-eyes propaganda.

    • tbh if you stop the CIA or NSA you've done the world a favor.

    • Re:closing windows (Score:4, Interesting)

      by quantaman ( 517394 ) on Sunday April 24, 2022 @11:40AM (#62474072)

      This seems heroic, and it is. But by publishing these scoops they are hardening the Russian info sphere. Probably 5-eyes agencies knew these facts as well, but didn't publish, because they knew that if they did then those tactics would be removed for future exploitation. I am not sure this group is helping anyone in the long term. Their interests are not really perfectly aligned with the best intelligence posture of the West -- they get a lot of publicity from their discoveries. You have to wonder if they have been privately asked to stop.

      It depends. Going through social media to categorize Russian military equipment isn't necessarily exposing sources, and they can crowd source which gives them abilities that 5-eyes may not have. In fact, I suspect the 5-eyes agencies probably use Bellingcat as a resource when it comes to cataloguing Russian military positions and losses.

      When it comes to the spy vs spy stuff yeah they might be blowing sources. Though at the same time there's people who will help a Bellingcat type operation who won't help a spy agency. Remember a spy agency is both trying to uncover enemy secrets and protect your own secrets and generally push the country's agenda. Lots of people will be very skeptical of discoveries by spy agencies for that reason. Bellingcat is just interested in uncovering secrets, so they have a certain credibility because they don't have a big secret agenda.

  • I don't think 905 words is a "summary" of anything. Holy crap, you know the first job of an EDITOR is to EDIT, right?

  • And anyone that believes only countries like Russia use this is fooling themselves. This company was created by âoeWesternâ Intelligence Agencies which are still customers. And I would bet you anything this is one of the many ways they gather intelligent on countries like Russia.
  • Never seen a full page slashvertisement before. Was this some leftover CNN+ marketing budget? Good to know that slashdot is hitting even deeper lows. Bellingcat is just a PR agency for the CIA and sources 'appear' as necessary for them to claim they do open research to 'write' their articles legitimizing whatever the CIA is doing now.

  • ...the Beebs documentary from last year about the Navalny poisoning & they mention the Bellingcat evidence. Good documentary & as always, you can't make this stuff up - the truth is way weirder & incredible than you might think. I recommend it: https://www.bbcselect.com/watc... [bbcselect.com]
  • "But it was to be expected, because it's a reflection of 23 years of corrupt government."

    I see someone's not a student of history.

  • by Required Snark ( 1702878 ) on Monday April 25, 2022 @03:20AM (#62475714)
    It's supposed to be about Russia and public source intelligence gathering, but it very quickly degenerated into a slime attack on CNN. Why did this happen?

    Just ask yourself who benefits and it all becomes crystal clear: Putin/Russia and the pro-Russia wing of the Republican Party. Welcome to a real world real time example of how Russian propaganda operates on the web right here in the good old USA. Instead of focusing on covert Russian activity, the topic is completely unsupported attacks on CNN. Score Putin/Russia 1, Ukraine/NATO/USA 0.

    Many of the slime-casters are "useful idiots" for Russian propaganda, but there are a fair number who know the score and are completely on Putin's side. Remember that totalitarian leaders often admire others of their kind, and Trump loves Putin. At the start of the invasion Trump was "Go Putin!" Now the Trump toadies are continuing that support by somewhat less obvious means.

"The voters have spoken, the bastards..." -- unknown

Working...