OSINT Weekly Review 2025.44. What do the Louvre heist…

What do the Louvre heist, counterintelligence, and cybersecurity have in common?

Recommended Reading:

• Eric O’Neill, cybersecurity expert, author, and speaker, and a former FBI counterintelligence agent, takes a look at the Paris heist at the Louvre and how it may have unfolded. He then moves into his Cybersecurity Tip of the Week, where he discusses the ‘trusted insider,’ and how “it’s easier to be invited in than to break in.” O’Neill theorizes that to pull off a burglary of this size and scope, the thieves likely had someone on the inside — someone to leave a door open, turn a camera, etc. This is where cybersecurity and counterintelligence practices intersect: when we examine insider threats or breaches, we focus on those who already have access. “Sometimes the betrayal is intentional: a disgruntled worker, a spy, or someone offered money by a competitor or foreign actor. More often, it’s unintentional: a person tricked by social engineering, spear-phishing, or simple curiosity.” So, when you think about the Louvre heist, think about who else may have helped them on the inside and how it may have been done. And then think about how you can shore up your own organization’s defenses against theft of your company’s ‘crown jewels.’

The Louvre’s jewels were protected by glass, sensors, and guards. None of it mattered if someone inside shared the map. The same is true in every company that treats cybersecurity as a technology problem instead of a people problem. Spies don’t breach firewalls, they exploit trust.

• Master of research, collection, and intelligence analysis, Arno Reuser explains the difference between OSINT and OSINF as well as the differences between intelligence and information, and what most people get wrong when they lump them all together. This is a good primer — or reminder — in case you get caught up calling literally everything OSINT.

One never collects or gathers OSINT. One CREATES OSINT.

• We talk a lot about critical thinking, but what about creative thinking? While we are often taught to use tools and methods to do our jobs, do you get enough time to flex your creative muscle and think your way out of a problem? Research shows that those who think creatively and innovate are more resilient in the face of stress. Do you think this is true? Are there ways in which you can incorporate more creative problem-solving into your investigations?

Creative thinking isn’t just for artists or innovators. It’s a trainable skill that strengthens problem-solving, builds resilience, and fuels engagement in individuals and teams across every level of an organization.

• Have you yet watched “A House of Dynamite” on Netflix? The staff at the Center for Arms Control and Non-Proliferation decided to tackle what the movie got right (and wrong) on a recent episode of their podcast. Also, be sure to check out other episodes on OSINT collection and the nuclear football and nuclear launch system.

• The Organized Crime and Corruption Reporting Project (OCCRP) recently investigated doctors who had lost their licenses and were banned from working, yet were discovered to be gainfully employed in other European countries. This wide-reaching investigation identified systemic flaws that allowed banned doctors to keep working, including an alert system for the European Union and the European Economic Area that is barely or never used in some countries.

OCCRP confirmed that over 100 doctors who are currently banned or suspended from practicing medicine in one or more countries for a range of serious reasons — including cases of sexual assaults during their medical work, botched medical treatments and inserting breast implants without consent — are licensed to practice elsewhere.

• From the Global Investigative Journalism Network (GIJN), a new Open Source Guide to Investigating Chinese Companies. This guide introduces journalists, researchers, and investigators to valuable information sources for China investigations. It demonstrates practical methods for accessing and utilizing these materials to build compelling, well-sourced stories, reports, and analyses.

These dual restrictions [on domestic media] represent a systematic withdrawal from China’s previous commitments to government openness, and their consistent application has fundamentally altered the landscape for international reporting on China, prompting the need for new and creative ways to report on the country, even if one isn’t physically there.

• RiskRubric.ai is a new site that transforms AI risk management from reactive guesswork to proactive, data-driven decision-making. Instead of spending weeks researching individual models or relying on vendor marketing materials, security leaders can access comprehensive risk profiles in minutes. Six pillars provide extensive coverage of AI risk: Transparency, Reliability, Security, Privacy, Safety, and Reputation.

Recommended Watching:

• WIRED recently launched a new YouTube series, DisInfoNation, about the rise of conspiracy theories and disinformation. The first episode, featuring dis- and misinformation researchers and authors Joan Donovan and Nina Jankowics and led by reporter David Gilbert, examines the rise of conspiracy theories following the death of Charlie Kirk.

• If you missed all or any part of Skopenow’s recent OSINT Live event, the presentation recordings are now available.

Selected Upcoming Training:

• OSINT for Financial Crimes Panel: Sponsored by Carahsoft and joined by OSINT experts from Sayari, IVIX, the US Internal Revenue Service (IRS), Chainanalysis, SpyCloud, and Strategic Leadership Solutions. Explore how Open Source Intelligence (OSINT) is transforming financial crime investigations in the public sector. This event brings together government investigators, compliance experts, and technology innovators to examine how OSINT is being leveraged to track illicit financial activity, strengthen enforcement, and support prosecutions.

When: Tues, 4 Nov 2025, 14:00 EST, 11:00 PST
Where: Virtual, Register here or click the image below

• Masterclass: Targeting Illicit Fentanyl Networks with Sayari and Fivecast: Join this virtual masterclass on combining global corporate and trade records from Sayari with digital footprint data from Fivecast to more effectively and efficiently target, disrupt, and dismantle the networks fueling the fentanyl crisis. This webinar is for government analysts and investigators looking to target, disrupt, and dismantle fentanyl supply chains.

When: Thurs, 13 Nov 2025, 11:00 EST
Where: Virtual, Register here or click below