Open-Source Intelligence (OSINT)
Trung Nguyen
Introduction
When cybercriminals choose a business to attack, the first thing they do is gather intelligence from the target. They usually roam the Internet to collect public information from Open-Source Intelligence (OSINT). An enormous data of legal intelligence is from the business’s social media presence or any online activities that help the criminals get well-prepared for a cyberattack plan.
So, what is Open-Source Intelligence (OSINT)? Is this a good tool for threat actors, or can cyber defenders utilize it to prevent security breaches? How does each side use this tool? And what is the ethic of OSINT? We will cover all the questions and help you understand this digital footprint better in this article.
The Definition of Open-Source Intelligence (OSINT)
OSINT is searching and gathering intelligence from a legal public source on the Internet. Intelligence has two main types:
Note that if you find information from a confidential source or a specific source type, it is not called OSINT. It is just a different type of intelligence gathering.
In addition, when cybercriminals do OSINT, they often use advanced analytic techniques such as Artificial Intelligence or Machine Learning to extract deep insights from a large volume of data.
How is OSINT used?
Two common groups utilize OSINT: cyber attackers and defenders, with different purposes.
Cyber defenders
In today’s digital age, a company has to stay active online to keep its customers and partners posted. Website or social media channels have a massive amount of information about the internal asset of the company, such as employees’ names, the company’s address, device IP, and configuration. Cyber defenders’ job is to control public information that does not contain sensitive data, which can turn into vulnerabilities for attackers. They also have to think about a defensive strategy to prevent attacks from intelligence that somebody can gather on the Internet. Here are some common ways cyber defenders use OSINT.
Cyber attackers
Just like a military attack, the cyber attacker must have a complete overview of the company to build a threat model and perfect attack plan. They can silently do it by utilizing the OSINT tool. Some of the common ways threat actors can use OSINT:
OSINT Tools and Techniques
With the emergence of big data, you can use OSINT by mastering these tools and techniques.
Open-Source Tools
If you study OSINT, you must know popular tools such as Maltego , Spiderfoot, Spyse , Intelligence X, or Shodan. They have different features but serve the same purpose to identify security vulnerabilities.
Search Engines
Google, Bing, and Yahoo contain a vast amount of public information. Also, it does have a filter feature to narrow down what you are seeking. Another search engine may be less popular but can yield much better and more accurate results. One reference is Searx – a free and open-source metasearch engine. It distinguishes itself from other particular queries because it does not track or save users’ data like Google or Bing.
Social Media
According to research , estimation shows that there are 4.89 billion social media users globally, equivalent to an enormous amount of intelligence that criminals can collect. Tools like Hootsuite , TweetDeck, or Sysomos are helpful for monitoring and gathering social media activities.
(Hootsuite – most popular social media tracker tool)
Website Scraping
Most companies have their websites. Web scraping extracts information from their HTML code to gather intelligence, such as contact information, product details, customer reviews, social media posts, and more. You can use tools like BeautifulSoup or Scrappy to extract libraries, Octoprase or Parsehub to get specific data, and custom scripts from programming languages like Java, Python, and Ruby.
(A Python Web Scraping Technique)
Big Data Analysis
Getting data is insufficient; you must analyze it to identify patterns or trends. It is where data analysis comes in by utilizing tools such as Python or PowerBI.
Extensive data analysis is critical to OSINT, as it allows for analyzing large volumes of data from various sources to identify patterns, trends, and insights. With the rapidly growing amount of data generation, the ability to extract meaningful information from this data is becoming increasingly important.
It involves using advanced analytical tools and techniques to process and analyze large datasets. The intelligence may include data from social media platforms, online forums, news, and other public data sources. Some examples of big data analysis techniques used in OSINT include text analytics, network analysis, AI/ML, and data visualization.
Ethical – Most Valuable Practice of OSINT
When you use OSINT, it is compulsory to do it ethically and make it comply with legal laws and regulations. Here are some ethical considerations for OSINT:
Respect Applicable Laws and Regulations
OSINT activities must comply with laws and regulations that government uses to enforce intelligence activities. Some rules and regulations that you should know include General Data Protection Regulation (GDPR), Computer Fraud and Abuse Act (CFAA), and Electronic Communications Privacy Act (ECPA). If you fail to follow, severe penalties and lawsuits will damage your finances and reputation.
Verify Intelligence Accuracy and Avoid Bias
As OSINT is for critical decision-making, false intelligence can lead to a negative impact. Therefore, before using it, you should always ensure the intelligence is collected from trusted sources such as government websites, academic papers, or official newspapers. Do multiple checks to verify the source’s credentials and carefully look for inconsistencies in context or meaning, as inconsistent points can result in the integrity of the intelligence. You can plan a solid and structured approach before harvesting information on the Internet. In addition, the information should not come from only one personal opinion or influencer as it is biased intelligence. There are helpful tools that we recommend to you, like FactCheck.org and PolitiFact for intelligence from a website, Google Images for any image search, and Tableau or Google Data Studio for data visualization to check the bias and accuracy verification.
Respect Privacy and Use Intelligent Responsibly
Even if the intelligence is publicly disclosed, it still belongs to an organization or individuals. Therefore, ask for permission from the owner to use it first and do not try illegal ways to steal it. Don’t manipulate intelligence for immoral purposes like harassment, threats, and blackmails. Furthermore, when intelligence is in your hand, treat it like your personal asset by creating secured storage, regularly monitoring and managing, and avoiding giving intelligence to too many people as it will bring potential security threats.
Conclusion
In conclusion, OSINT is such a valuable and essential tool for business in the modern world. It could revolutionize several industries and help solve critical social concerns. However, we should always be responsible and ethical when utilizing OSINT, strictly complying with international laws and regulations. That’s how we ensure its impact is positive and beneficial to society.