The OSINT Edge: Why Russia Can’t Hide

In an era where every smartphone is a sensor and every TikTok clip can tip a strike, OSINT has become a front-line weapon, not just a nerd’s tool in the J2 shop. From Ukraine’s open-source kill chains to CENTCOM and INDOPACOM’s watchful nodes, this isn’t just about seeing the battlefield—it’s about shaping it. Here’s how open-source intelligence is pulling back the curtain on adversaries, rewriting targeting doctrine, and forcing Russia and others to fight in the light.

AI Image – They’re On The Road

OSINT turns the world into a sensor—and hiding becomes a luxury no adversary can afford

You want frontline impact? OSINT delivers. In today’s high-stakes strategic contests—Ukraine, CENTCOM’s turf, INDOPACOM’s vast expanse—open‑source intelligence isn’t just a force‑multiplier—it’s a spotlight. Let’s break it down: targeting, attribution, deterrence.

Targeting: Crowd‑sourced kill‑chains

Ukraine’s weaponization of civilian eyes and smartphones has blurred lines. It’s officially called “outsourcing parts of the kill chain to civilians,” allowing Ukrainian forces to geolocate Russian convoys, ammo dumps, and Wagner camps in real‑time. Platforms like Bellingcat and InformNapalm fuse satellite imagery, Telegram posts, and social feeds to pinpoint targets—no classified ops required.

Take Operation Spider’s Web (June 1 2025): OSINT identified at least five Russian airbases deep behind enemy lines. Analysts post‑strike compared pre‑ and post‑strike satellite imagery to confirm bomber kills—turning public chatter into operational certainty.

Downrange, CENTCOM and INDOPACOM are watching this playbook too. Persistent UAS and satellite surveillance feed pattern‑of‑life data into open-source pipes, allowing cross‑domain targeting without sending boots in—detonation by detection drives efficiency.

Attribution: Building the paper trail

Found a crater? OSINT geolocates, timestamps, tags—and uplinks the who‑what‑when‑where. This fills classified gaps and makes evidence publicly verifiable. For example, Ukraine has documented over 23,000 incidents—troop movements, civilian harm, torture—via platforms like Eyes on Russia, creating a forensic baseline for war‑crimes attribution.

Even historically “hidden” events are now exposed. Bellingcat’s Eliot Higgins and others shattered myths about MH‑17, Assad’s sarin use, and Russian disinfo through methodical OSINT that turned discarded social‑media scraps into smoking guns.

This isn’t academic. Attribution backed by rock-solid chain‑of‑custody is now part of every intel fusion center in Kyiv, Tampa (CENTCOM), and Hawaii. When state‑sanctioned units move, they leave digital footprints—OSINT captures and timestamps them in public view.

Deterrence: Knowing you’re seen changes behavior

When adversaries realize every move is being watched, they think twice. That’s deterrence by detection in action: the mere existence of OSINT lifts the veil.

A CSBA concept paper puts it bluntly: persistent surveillance with attribution induces doubt in enemy minds—either they get exposed PRE‑strike or prosecuted POST‑strike. That mindset is creeping into Russia’s decision calculus.

In Ukraine, public filming of Russian convoys—even crossbars on tanks—feeds intel networks tracking unit readiness and movement. That transparency makes hiding for free impossible. Every missile salvo, every trainload of armor, gets logged, geo‑tagged, and shared. OSINT’s public ledger shapes reality on the ground.

Across INDOPACOM, allied navies and partners are building similar ecosystems. Persistent open‑source monitoring of Chinese naval movements and infrastructure expansions creates a networked deterrent. The question becomes: what can you do if we already know where your carriers are?

Doctrinal Fit—and Gaps—in Targeting

FM 3‑0 & ATP 2‑22.9 explicitly recognize OSINT’s economy-of-force role and its value in deep reconnaissance—yet doctrine still leans heavily on classified sources.

Where it works: Field manuals describe open-source collection—from broadcast, imagery, geospatial sources—as force-multipliers that organically support targeting cells.
Where it falls short: Integration remains stovepiped. Analysts on classified networks often lack seamless access to open internet sources .

Fix: Push doctrinal revisions to mandate organic, real-time OSINT access within targeting cells. Give every targeting officer permissions and tools to ingest public intel—social media, adtech feeds, GEOINT overlays—directly into the CAT/DART process. Equip UAS, camouflage, SIGINT as OSINT enablers.

Attribution: Legal Foundations and Policy Gaps

Army JAG papers and TRADOC’s Operational Environment outline war crimes thresholds—but OSINT attribution still lacks legal automation.
Value: Commercial imagery and public social feeds are now bona fide evidence—for instance, civilian documentation of Russian atrocities in Ukraine is used by legal boards and NATO offices.
Gap: Ad hoc pipelines (Eyes on Russia, Bellingcat) aren’t doctrinally tied into the Joint Targeting Cycle (JTC) or NATO courtroom prep processes.
Fix: Add a formal OSINT Attribution Annex to targeting doctrine, detailing how to collect, certify metadata, chain custody and cross-source validate. Train JAGs, targeting, intel, and G-2 fusion centers on rapid OSINT evidence handling.

Deterrence: The Doctrine of Detection

The FY25 CSBA concept of “deterrence by detection” mirrors IO doctrine’s emphasis on militarized transparency—but OSINT often sits outside Information Operations and MILDEC orders.
Current strength: Public tracking (tank convoy Instagram, X‑tagged missile prep) shapes battlefield optics and deters behavior pre- and post-strike.


Shortcoming: IO planners seldom task OSINT for strategic influence; it’s seen as “sharing, not shaping.”
Fix: Embed OSINT into IO planning cycles—Issue RFI for citizen sourcing, integrate adtech “ADINT” feeds into influence ops, and task MILDEC cells to run deception/OPSEC through open-source vetting.

Private & Commercial OSINT: The New Frontier

Commercial intel firms (PlanetRisk, CrowdStrike, UberMedia) now offer what the IC once classified—public adtech, telecom meta, global activity logs.

Impact: IC agencies (CIA’s Open Source Enterprise, DIA, DHS) flex these feeds—tracking Putin’s travel, supply routes, missile reloads—without clandestine ops.

Risk: Little internal policy—some adtech ingestion occurred absent privacy or OPSEC guardrails.

Fixes:

  • Codify “ADINT” collection: require CM approval, privacy-impact reviews, and partner with CISA/NSA IG to ensure lawful use.
  • Build private-OSINT fusion hubs: draw from commercial, NGO, academic sources alongside SIGINT.
  • Institutionalize public-private collaboration cells, similar to cyber JCDC, under the Open Source Enterprise.

Ops Implications & Future Moves

  1. Integrate OSINT into targeting cells. Light‑enable every targeting staff to pull from unclassified web tools—photo geolocation, satellite overlays, traffic cams. That means less guesswork, more surgical effects.
  2. Harden digital trails. Expect Russia (and China) to ramp up deception: fake geolocations, bot‑driven disinfo. Counter with live data fusion, AI‑driven image verification, metadata triage. Academic platforms are already building computer‑vision tools to identify weapon systems in social media posts .
  3. Formalize attribution pipelines. Rather than ad‑hoc tweets, embed OSINT‑based evidence into legal frameworks and targeting authorities. Eyes on Russia’s open breach logs set a precedent for battlefield transparency .
  4. Expand deterrence architecture. CENTCOM’s Arab partners and INDOPACOM’s allies should layer persistent sensors (UAS, shoreside cameras, satellites) and open‑source nodes (civilian analysts, academia, NGOs). OSINT isn’t just cheap—it scales faster than any SIGINT build‑out.

Bottom Line

OSINT is no longer a “nice-to-have.” Current doctrine nods at its value—FM 3‑0, ATP 2‑22.9, and LOEs on contested logistics—but treats it like collateral. LSCO demands full integration: organic targeting, legal attribution, IO-informed deterrence, and commercial fusion. Combined, these build an edge.

If you’re sitting in Tampa or Honolulu asking how CENTCOM or INDOPACOM keep pace, this is your playbook: institutionalize OSINT, fuse its layers, and operate with transparency as a weapon. Adversaries may still lie—but they’ll be doing it under 24/7 public surveillance.

Welcome to the OSINT era: where bold moves meet bright lights, and hiding becomes harder every upload.