On 30 March, BECID held the first session in its new training series, bringing together BECID team members and external participants for an introductory workshop on AI and open-source intelligence (OSINT).
The session was led by Anna Danielyan, OSINT analyst currently engaged in contractual work with Graphika as a Navigator and alumna of the University of Tartu’s Disinformation and Societal Resilience MA programme. The workshop was opened by BECID project manager Gretel Juhansoo, who invited participants to suggest tools and topics for future trainings so the series can respond directly to the needs and interests of the community.
During the one-hour session, Anna introduced the fundamentals of OSINT workflows and demonstrated how open-source methods can be used to investigate suspicious online content. Using practical examples, she walked participants through an image-led attribution process that included reverse-image search, domain registration checks, page-source analysis, and amplification tracking, showing how these steps can help connect content to known influence operations.
The training also covered how to present findings in a clear and actionable way. Participants were introduced to concise reporting formats built around key findings, significance, evidence of online activity, and source links, helping translate raw information into usable analytical insight.
A major part of the session focused on the ethical and legal boundaries of OSINT work. Anna emphasized that responsible use of AI and OSINT tools depends on compliance with privacy and platform rules, including GDPR and the Digital Services Act. She also highlighted the importance of avoiding the collection, storage, or sharing of illegal material, and noted that content such as terrorist propaganda or child sexual abuse material must be reported to the relevant authorities rather than downloaded or redistributed.
The workshop further addressed operational security (OPSEC) for researchers and journalists. Participants discussed device protection, browser choices, anti-malware practices, the cautious use of VPNs, and the creation of secure research identities for monitoring online spaces.
In the second half of the session, Anna introduced advanced search techniques, including Google dorking, and provided an overview of Russian and pro-Kremlin influence ecosystems. She outlined different categories of actors, from overt state media to covert networks and amplifiers, and presented examples of known operations such as Storm-1516 CopyCop, Operation Overload, and the Pravda/Portal Kombat network.
To conclude the training, participants were offered a voluntary home assignment on influence activity related to Estonia and the Baltic region. Anna invited participants to analyze a recent spike in narratives on X on 27 March and offered to provide individual feedback on completed assignments.
BECID will continue the training series with future sessions shaped by participant suggestions, helping ensure that the programme remains relevant, practical, and useful for those working on resilience against disinformation and influence operations.