Investigating Disinformation Online using OSINT
Disinformation and ‘fake news’ have infiltrated our vocabulary in a big way over the last several years. In this blog, we’ll continue to investigate the concepts of information validation and verification – this time, with a focus on investigating inauthentic content.
We’ll look at OSINT tools and tradecraft to identify and investigate information operations and campaigns in the online space, including:
Resources for understanding the online operating environment
Collective tools for key word and hashtag analysis
Pivoting from usernames and images
Investigating disinformation websites and domain metadata
We will also consider some of the challenges facing analysts and researchers who seek to identify and analyse inauthentic content online.
Disinformation in History
In or around 1903, a notorious antisemitic hoax known as The Protocols of the Elders of Zion first appeared in a Russian newspaper called Znamya (The Banner). Over the next few decades, this text was circulated in Russia and the West. In 1921, the London Times debunked the document, showing that it was plagiarised from other texts including a French political satire. Nonetheless, the Protocols were used in Nazi propaganda and schools in to inculcate an antisemitic ideology. Since then, the Protocols has been leveraged by antisemitic groups to continue to incite fear and hatred.
The very fact that inauthentic content published over a hundred years ago is still used to promote ideological narratives and manipulate audiences reflects how pervasive disinformation campaigns can be. Even after ‘fake news’ is soundly debunked and proved to be false (as the Times demonstrated way back in 1921), the content can still be used to sway and influence, and permanently muddy the waters of the information environment.
THE TIMES, AUGUST 17, 1921
The Origins of Disinformation
The English term ‘disinformation’ originates from the Russian term Дезинформация, transliterated to dezinformatsiya, which was used as early as the 1920s to describe official dissemination of false information to influence public opinion. Disinformation isn’t a new phenomenon – ‘fake news’ and inauthentic content has been used to influence and manipulate for as long as we can remember.
Investigating Disinformation Campaigns and Inauthentic Content
So how do we begin to identify inauthentic content in the online space? Where do we look? And what are we looking for? Inauthentic content spans a wide range of topics – from macabre urban legends to bizarre conspiracy theories, to perhaps well-meaning but misinformed health advice. For researchers and investigators looking at disinformation campaigns, identifying key terms, narratives, and methods for disseminating and amplifying inauthentic content can not only help to debunk and counter disinformation, but can also help identify the actors that seek to influence the information environment.
Understanding the Online Operating Environment
Disinformation campaigns might not be new, but the internet has drastically altered the scale and effect of information operations. Having a thorough understanding of the online operating environment is essential for researchers and investigators seeking to understand how, where and why inauthentic content is disseminated online.
When planning an information operations investigation, we should ask which platforms are being used to disseminate and amplify inauthentic content?
Social media penetration varies significantly depending on country. DataReportal publishes reports on digital trends and social media usage, which can help answer questions about platform usage and reach for specific demographics: https://datareportal.com/