Simply put, Open-Source Intelligence (OSINT) is the process of gathering information from public resources, either online or offline. OSINT is a methodology. It is a crucial skill for security researchers. The “Open-Source” nomenclature refers to any information that is public in nature and accessible by everyone, while “intelligence” refers to analyzing the gathered information to build a profile of a particular target.
What’s more, OSINT means there are no restrictions on how or where you have collected data from. Therefore, OSINT can be performed legally by anyone since all the information collected has been publicly released. As a methodology, OSINT has gained momentum in a whole host of scenarios.
In the business world, OSINT is a great technique and popular way for security professionals to protect their organization and their clients’ assets. However, cyber criminals can exploit anything posted online as nothing is 100 percent secure. Once you post data online, you no longer have control over it. It is imperative to remember that the internet never forgets.
The Purpose of OSINT
In really understanding the applications of OSINT, we must start with its purpose. We’ve established that OSINT is a highly effective means for gathering information. It is used frequently in the cybersecurity community to collect information passively, without any interaction with the target, to identify (sensitive) information. This information could be abused by hackers to attack organizational assets. To prevent this from happening, security professionals are assigned by governments and organizations to do an OSINT sweep to identify any exposed data that could somehow be leaked.
By using OSINT techniques, professionals can gather domain information, IP addresses, breached credentials, public business records, public documents, public exploits, research papers, and other information about various individuals and entities.
This is important as many of us will share details of our lives casually on social media. This could be views from our house, where we’re going out or traveling, or even expensive belongings. Unfortunately, this can make us vulnerable to cyber threat actors. For example, if a thief were to see and use this information, they would be able to identify when you are out of the country, the exact location of your house, what valuables you have, and potentially where they could find them.
We may not realize how much information we are truly sharing online; and how it can make us an easy target for those seeking to exploit this information.
The Dangers of OSINT
As mentioned earlier, it isn’t only trained security professionals who can perform OSINT. Government agencies, criminals, and essentially anyone else can perform OSINT to acquire more information about their target. There are many sources of OSINT today—from search engines to forums, blogs, and social media platforms. Radio and television are also information sources, as are public databases and even the dark web.
Hackers tend to collect this data before they attack. This data could consist of an organization’s digital architecture and their vulnerabilities, which could be used to penetrate the target network. But OSINT is not limited to targeting an organization, as individuals are also targeted by hackers. An organization’s employees are often a preferred target for adversaries. By analyzing individuals’ social media accounts and online activity (posts, tags, and comments), hackers can create an entire profile of an individual’s life.
For example, an employee’s LinkedIn profile has a lot of information such as the employee’s email, name, and job title. This information, though seemingly harmless, could contribute to fully compromising an employee’s credentials if the hacker is able to trick the employee into visiting a phishing email containing a spoofed website link.
Taking all of the above into consideration, it is crucial that each of us remember that oversharing on the internet makes us an easy target. We become more vulnerable to malicious actors. While we cannot fully eradicate these risks, organizations would do well to enlist cybersecurity professionals to analyze OSINT sources with information about them and their employees. This can ultimately help to mediate future risks and improve an organization’s cyber maturity.
Caption - In an industry of acronyms, Open-Source Intelligence (OSINT) is perhaps not seen as often as other terms. But the value of OSINT and its implications on modern businesses are profound. In this blog, we explore the concept of OSINT and how threat actors are using this intelligence.