S02 E02: Chinese Spy Balloon, Outing Spies, Islamic Attacks, & Human Trafficking As Seen Thru OSINT


March 2nd, 2023

1 hr 25 mins 8 secs

Season 2

Your Hosts

About this Episode

About this Episode

Hosts: Daniel Clemens, ShadowDragon CEO
Elliott Anderson, ShadowDragon CTO
Nico Dekens, ShadowDragon Director of Intelligence and Innovation Collection (aka Dutch_OSINTguy)

The guys are on top of the latest espionage and OSINT news around the world. From lone wolf activity to coordinated attacks, they examine recent events from an intelligence perspective, discussing new methodology and emerging patterns.

In a world where it isn’t always easy to know what’s real and what to dismiss as disinformation, we look at data to tell the true story.

Islamic Terrorism:
• An uprise of lone wolf attacks by the Islamic State have been observed in in Europe. Different than the terrorist cells we saw around 2015, but similar methods for achieving maximum damage with a knife.
• There is more activity than the last five years so there's clearly something going on. We hope to get more insight on if these were orchestrated or coordinated attacks.
• Islamic State simply wants to show they are still present and can do whatever they want when they want. That scares people and also makes some people choose sides.

Tyranny Against Farmers:
• Farmers in Europe are rising up against strict limits on emissions and nitrogen and have been aggressively protesting, blocking roads and going to politicians’ homes to make their point.
• Farmers seek to work out a long-term plan with the government, but so far it hasn't been going that well. It takes time to make big changes. The US took 12 years to switch consumers from analog to digital TV.
• Reminiscent of how the United States was started with overburdensome government interference impacting those without appropriate representation.

Irregular Warfare/Asymmetric Warfare:
• It is all about disrupting society through pinching. Russian election influence didn’t just pick one side, they picked both sides.
• It took a long time for many to realize the ability of the internet to interfere with geopolitics. The vast majority will never spot the manipulation.
• Irregular warfare uses hacker math to find two or three low-risk vulnerabilities that can affect one super critical vulnerability. Smaller groups can exploit weaknesses and tilt the scales in their favor.

Data Dumps:
• Super spies that successfully worked covertly for many years are being exposed with data dumps. Also revealing their families disrupts their daily lives for maximum damage.
• Foreign policy connections and illegal surveillance on Russian citizens are being exposed through a Snowden type of leak. What we're seeing with data dumps is similar to the Berlin Wall coming down. We believe WWIII has started.
• We are now seeing ransomware groups incorporate public relations and openly post job openings with benefits.

Data Collection:
• People don't question the tech they use like they should.
• Vulnerability is on the rise with smart devices and household appliances transmitting usage data across the web and basic apps requesting access to phone data for no good reason.
• In China, TikTok users that had anti-government pictures on their phone suddenly found those pictures deleted from their camera roll. We should rename TikTok to DickTok.

Splintered Social Media:
• People are being pulled out of their comfort zone on certain platforms. It is hard for them to adjust to new restrictions. Splintering mostly affected right-leaning groups. Now we see the same pattern with the left.
• Social aspects of the internet started in a very raw state with IRC type things and Yahoo chats. After that it became more polished like Instagram. Parents have stayed but kids have moved on.
• Every 7-10 years there is a generational change in social media platforms. The new wave of social media is a little more personal. To some extent it started with Snapchat and now with Be Real.

State of OSINT:
• For a few years we saw a mass exodus from platforms like YouTube, Twitter, and Facebook. New groups rose but most have died off.
• In smaller ecosystems users tend to trust each other and act more extremely. Bad actors can do a lot more damage in these small groups.
• This is great for OSINT investigation and attribution. We can target them easier in a smaller space and get better results.

Human Trafficking:
• Sex workers tend to advertise online, which can lead to a trove of open source intelligence.
• We see handlers slip up on operational security when they get into new platforms.
• Even with faces blurred, connections can be made through identifying the same phone number, lingerie, hotel décor, bedspread, carpet, and power outlets.

Catching Spies:
• Spies are being outed at a high rate through open source intelligence, similar to that used in the Ukraine war. Spies in Russia, Brazil, Sweden, U.S., Germany, Sweden, the Netherlands, and more have recently been exposed.
• Searching for those 35-65 is ideal. Younger people have more knowledge of online intelligence and older people have little or no online presence.
• At-home spy hunters are now finding people and “unlocking achievements” like a video game.

Chinese Spy Balloon:
• Hobbyists were tracking and identifying the Chinese spy balloon starting in the Western United States.
• A low-cost RTL USB stick and antenna has democratized the radio spectrum, enabling anyone to access the signals. People use the Flight Aware app to monitor local air traffic.
• Databases like ADS-B exchange will also give you free access to their global coverage for planes and boats. There are also weather balloon tracking apps.

Using Data To Tell The Story:
• News today can cause anxiety from not knowing what is the real truth or what is behind it.
• Figuring out what is going on is a rush. It lowers the anxiety level and lets you be at peace with whatever is the conclusion.
• With OSINT investigations, data tells the unbiased story.

ShadowDragon is excited to have Nico Dekens officially join the team. For those interested in improving their open source investigative techniques and methodology, ShadowDragon now offers a special 5-day OSINT training class that is not advertised on the website. Contact us for details.

Thank you for joining us. You can look forward to more interesting news and information from the OSINT perspective in new episodes coming soon.