infoguard-osint-open-source-intelligence-en

What open source intelligence has to do with cyber security

Information is everywhere and it is powerful and valuable. No wonder the public data business is booming – worryingly so for advocates of data protection. States and state unions such as the EU are now stepping in and tightening corresponding legislation, as with the GDPR recently, which is currently giving many companies cause for concern. So what does this have to do with open source intelligence? Here you will find out what lies behind OSINT and how it can help your company to protect itself.

In short, the definition of open source intelligence (OSINT) is the “act of finding information”. During that process, publicly available sources are searched for information. The key point here is that the information is not classified, in other words, it is public, legal and free. Online sources such as blog entries, social media profiles or images are primarily used for this but more professional sources such as newspapers or business reports are also combed through. This often results in a huge, relatively complex collection of data artefacts which first needs to be structured and correlated.

Today there are in fact tools and methods that simplify the process of searching through large volumes of data. The decision as to whether or not the information found is even relevant however still needs to be checked by a person.

This is how cyber security experts use OSINT

Terms often bandied around when talking about open source intelligence are the deep web and the dark web (which are not the same thing). With these, information is no longer simply searched for on the “normal” internet, but also in the underlying layers using special tools. The collection of information there is often difficult, however. The sources can usually only be found under a cryptic name, change frequently and are also not always available. 

In our cyber attack simulation, the search for information forms the basis for all further steps. The more detailed and high quality the information collection phase turns out to be, the more accurately and efficiently the attack scenarios can be devised. This, in turn, improves the success rate – and you know exactly where your weaknesses lie. 

This is how to optimise your cyber security using OSINT

You may now be wondering how you can use open source intelligence personally. In practical terms, the principle is not just limited to cyber security. All of us use OSINT on a daily basis. How many times a day do you Google for answers? There you go, that is – quite simply – OSINT. So you are already perfectly capable of performing your own simple searches to optimise your cyber security. In so doing, simple search queries can help you identify information that cyber criminals could misuse:

 

  • Social-Media-Profiles are a major source of information for attackers. In the corporate environment, LinkedIn is a particular favourite. Here, internal company structures can be discovered, potential targets can be identified and changes within the company are easily detected by third parties. This is why it is important that not all information on your LinkedIn profile is publicly visible. Instead, it should only be visible to networked contacts. And it goes without saying that you should not just accept any old friend request.
  • Public documents on the company’s website can contain so-called metadata from which information about software used, system information or even usernames can be gleaned. For example, usernames can be reconstructed in combination with a username structure and the LinkedIn profiles. For this reason, such information should always be removed prior to publishing the documents.
  • Partner information or reference clients are often published on various channels. An attacker can use this information, for example, through a spear phishing attack. By masquerading as the colleague of a partner or client, it is easier for the attacker to exploit an existing relationship of trust and introduce malicious software for example.

There is more to cyber security than you think

Even unremarkable information gives cyber criminals an ideal starting point to launch an attack. So, think carefully about the information you divulge publicly. After all, hackers are clever and will exploit any weakness. Even the tiniest weak point can provide a way in. In the right (or wrong) hands, and with sufficient energy, all information can be misused – and against you at that. So, take advantage of open source intelligence as a useful tool to optimise your cyber security. You will be amazed what sensitive information you find! 

Cyber attack simulation – have your information scanned

The principle and use of open source intelligence sounds simple but, again, experience is key here. You will undoubtedly find lots of critical information on your own but nowadays cyber security is more important than ever. For this reason, it is advisable to use experienced experts who will screen your systems, employees and processes for vulnerabilities using a penetration test. OSINT is also sometimes used here to gather information. This information can then be used for targeted social engineering for example.

Find out more about our cyber attack simulation here. Alternatively, contact us directly for a non-binding quote – we will gladly advise you.

 

Cyber Attack Simulation -  Is your enterprise fit enough to fight off hacker attacks?

<< >>

Security Awareness , Cyber Security

Michael Stampfli
About the author / Michael Stampfli

InfoGuard AG - Michael Stampfli, Head of Security Operations

More articles from Michael Stampfli


Related articles
Cyber Security Blog

Exciting articles, the latest news and tips & tricks from our experts on all aspects of Cyber Security & Defence.

Blog update subscription
Social Media
infoguard-cyber-security-guide-2