The wait is over — we’re officially launching a ~brand-new~ season of the OSINT Jobs podcast!
You can expect a new episode every month — whether you’ve been with us from day one or you’re just tuning in, get ready for a deep dive into the world of OSINT wizardry.
First up, we have the one and only Jordan Wildon. If you’ve seen Telegram in the news recently, or read the excellent OSINT-aided New York Times investigation, How Telegram Became a Playground for Criminals, Extremists, and Terrorists, you’ll understand why Jordan is the perfect guest to kick things off.
Below you’ll find lightly edited and condensed highlights from our conversation with Jordan.
On how journalism work turned into OSINT work:
If there was a shooting, we had to find out if it was actually happening to try and get ahead on getting that story out. So that would be me going through footage that had come out on social media, as a lot of the newsgatherers do. It was pretty gruesome work and I wouldn't recommend anyone get into it. But that was where those skills really came to be.
There was an investigation that I worked on that was never published a little bit before that, which was looking into a Colombian drug cartel and how they moved a huge amount of cocaine from Colombia to the UK. And using flight records and flight data to be able to track that down.
So there was a little bit of that that I had got into at first and then it just became pure location-based work.
On having a nose for a good story:
The test that I always used was if you're sat in a bar and your friend is like the other side of the bar, and you have to shout across the story to them, and they listen then probably you've got a story. If not, and it's drowned out with everything else, then maybe it's not something that's ready for the world yet. And that one's something that gets told to people a lot of the time. But I find it generally works — if you can shout it across a crowded room and someone listens, then there's probably something worthwhile in it.
On switching from journalism to full-fledged digital investigations:
One benefit of what I'm doing now is I've got this terminally distracted brain. So being able to work across a lot of different things, not just sticking into one investigation on one story on my own — it's actually a real advantage. So we do work with journalists quite a bit because we have the ability to give them huge amounts of data that they might not otherwise get hold of, like in the New York Times piece.
So being able to provide broader context and also all of the data that's associated with that is something that's really rewarding, but also doesn't mean that I have to sit through from the pitch to publication process that I would have done if I did that myself.
On the emergence of Telegram as a platform to track:
I was looking at it around the time that QAnon was big across the US, and there was a lot of movement, especially from people moving from Twitter to Telegram in terms of the Western world.
It was a platform that was emerging in the spaces that I was already looking at whilst I was in Germany. And that was the far right extremists all moving to Telegram because they thought it was secure and safe. That was kind of my beat at the time. So I had to know what Telegram was about. That goes to around 2020ish.
From there it just kind of exploded outwards from, rather than having my beat be the specific branches of extremism that I was looking at before, it was: what is operating on Telegram. And I looked the other way and that broadened me out into looking at a lot of different kinds of things, including cults, including stuff more deeper into conspiracy theorist movements and that kind of thing.
And then as well as that you had the outset of the war with Russia and Ukraine. And that was where you got most of the news that was coming from either side was through Telegram.
On data aggregation from Telegram:
If you're looking for someone specifically, you can go, “okay, here's all of their posts that I found across several different chats,” and then do a temporal analysis of that to find out when they're going to sleep. That kind of thing is really useful for when you're doing very in-depth investigations because you go, “okay, here's the times that this person is awake because they're posting, here's the times when they have downtime.” How can I build up a better picture of them and profile in that way, especially when you're delving into someone where it has to be really targeted.
On not relying on tools (like Telegram’s geolocation capability that was removed last month):
With everything gone, then you don't have anything at all. So what do you do then? You focus on the methods. And that's the key thing that everyone can solidify in the work that they do is thinking about the methodological background of everything that they're working on because tools come and go. Every single tool that we're using at the moment, bar maybe a few, will probably not exist in about half a decade's time — just because platforms change or the methods of being able to do things change, or the actual toolkits themselves stop being maintained.
And that means that we then have to adapt and work our way around it. So a really good OSINT practitioner usually is the one that doesn't have to rely on a specific tool, but knows how to find either new tools for the job or knows a methodological background to be able to go, “right, if I can't just scrape all of the followers from Instagram, then I will go through and manually count them with a pen and paper.”
Share this post