Taking on extremist groups using WEBINT and OSINT

Extremism thrives during periods of social turmoil and economic uncertainty. Extremists on the far left and far right have different worldviews, but they all use online resources to further their objectives. These organizations use a variety of online forums and social media sites to interact with followers and plan events. Online resources encourage extremism. However, law enforcement organizations have a better chance of finding possible issues before they arise if they become familiar with the online meetups of radicals.

In fact, keeping up with online extremism aids officers in protecting the public and may also reveal threats made against the officers.

Internet As A Propaganda Tool

As part of their communications strategy, extremist groups plan public acts of violence and disinformation campaigns in an effort to recruit new members and keep supporters engaged. The popular surface web, which is home to well-known social media platforms, is frequently the primary channel for the propagation of an extremist group. And if extremists are banned from popular social media sites, they frequently reappear on alternate sites.

While already problematic, misleading and inflammatory content provides a route to radicalization and, from there, it's only a short hop to calls for violence. For instance, the deep web, which functions beneath the surface web, might be challenging to use because Google and other search engines don't index webpages here.

A subsection of the deep web known as the "dark web" is home to a number of unlawful activities, such as black markets for narcotics and credit card details that have been stolen. Extremists frequently use the dark web, where they may hide their actions using a number of methods. Anonymizing routers, no-log virtual private networks, and proxy servers are common tools.

Open Source Technology As The Game Changer

When looking into the internet actions of radicals, law enforcement encounters several difficulties. One challenge is the enormous size of the surface web and its subsurface counterparts.

Threat actors will also make an effort to hide their identities, particularly those linked to extremist groups. They could use one or more fictitious social media profiles and email addresses from non-verifiable service providers. Instead of their own name, they will use an online "handle" when doing this. The increased level of anonymity offered by the dark web will be used by the more knowledgeable radicals, making it harder to acquire data and proof.

Law enforcement organizations can employ OSINT, or open-source information, as a valuable tool to direct an investigation. A wide range of publicly accessible information, including that found in modern digital media outlets as well as conventional print periodicals, is included in OSINT.

Through OSINT, a knowledgeable investigator can find a lot of leads. Phone numbers, social media names, and IP addresses may be found by searching the surface web and used to identify threat actors. An investigation may be started with the use of a surface-level online search, and in certain situations, that may be all you need to neutralize a danger.

Now, detectives must combine OSINT with a web intelligence (WEBINT) instrument. Automated WEBINT can do searches that explore the deep and dark web layers in addition to the surface web. In a perfect world, WEBINT would be used in combination with AI (AI). For instance, in order to undertake a thorough investigation, authorities can use AI to develop specific search criteria, such as the hashtag or slogan of an extremist organization combined with the name of your local jurisdiction.

Importantly, law enforcement can search data and establish links far faster using automated WEBINT and AI than they can if they depend solely on manual procedures and human expertise. Any police inquiry is a race against time. When used appropriately, automated, intelligent technologies may assist you in quickly identifying threat actors. When it comes time to build a case, can point you in the direction of the data to be preserved as evidence.

Things To Keep In Mind

Extremist groups, or any other form of threat actor for that matter, should be thoroughly investigated online. Here are a few suggestions:

1. Recognize the legal and regulatory landscape: Organizations would be wise to monitor regulatory changes. For instance, the General Data Protection Regulation (GDPR) of the European Union has consent specifications that impact data collecting.

2. Establish a policy: Each law enforcement organization that intends to carry out online investigations should create a policy that represents the pertinent rules and legal requirements. The exact dos and don'ts of conducting an investigation and managing data must be known by investigators. Organizations without a policy expose themselves to civil lawsuits.

3. Be ready for fallout: Law enforcement authorities looking into extremist organizations run the danger of facing backlash if their investigations are made public. Law enforcement's vulnerability is shown by the frequent data leaks, such as the recent Pegasus data leak or police exam database incident that targeted police departments and fusion centers. A must-have is operational security.

4. What to investigate? : In terms of extremist organizations, agencies need to be aware of what to look for. The jargon employed by a certain organization must be part of that expertise. Abbreviations, slang expressions, and catchphrases can all be used as search queries. Remember that certain keywords could be encoded numerically; this happens when the first letters of words in a phrase are given numbers matching to their positions in the alphabet.

5. Make use of technology: Conducting an internet research will probably result in a data avalanche. If you don't have the technology to process it, all that data won't help you much. While manual methods may take weeks to complete, AI-enabled automation may complete the task in a matter of hours.


It takes a combination of human intuition, study, and technological techniques to keep tabs on extremist organizations. The necessity of continuing education is, nonetheless, a major factor. Extremist organizations may easily switch their preferred web hosting services, the keywords they use can vary from week to week and from group to group, and new laws and regulations can make things more difficult.

To function in this changing and dynamic world, you'll need to continually educate yourself.

latest blogs


Election Systems Worldwide Under Threat: The Impact of AI and Cybersecurity Risks

As global election systems brace for the 2024 cycle, they face unprecedented threats from advancing AI technologies and escalating cybersecurity risks.

Learn More

Leveraging OSINT to Safeguard Societies in the Era of Social Media

In the digital age, social media has ascended as the paramount platform for individuals to disseminate opinions, amplify concerns, polarize communities, and craft propaganda.

Learn More

How Hackers find your weak spots?

Social engineering attacks have emerged as a dominant method for cyber fraudsters to penetrate organizations.

Learn More

Transforming the BFSI Sector: Addressing Key Challenges through Digital Transformation

The banking, financial services, and insurance (BFSI) industries are undergoing a significant and rapid change driven by digitalization. This revolution is essential as organizations respond to evolving customer expectations, the need for superior business results, and increasing regulatory requirements.

Learn More

How Open-Source Intelligence is Empowering Law Enforcement Agencies in India

The World is growing at a rapid pace, and with that, advancements in information and communication technology are moving at a breakneck speed. In today's digital age, where information flows freely across the internet, the realm of law enforcement has undergone a unique transformation.

Learn More