OSINT technology with two heads: Dark & Soviet

We, humans, are social animals, and we love sharing information about ourselves, our likes and dislikes, what we do for a living, our favorite sports teams, etc. Billions of people

share tons of data on hundreds of platforms, everything available publicly, which is completely harmless in the form of the mess it

is present. But if collected and organized in one place, it becomes

a threat. This data then can be used by threat actors against us or against anything that involves us. This practice of collecting publicly available data is not new, in fact, it can be traced back to the 1980s when the military and intelligence services turned to freely available or even officially published sources to gather information and look for useful intelligence to facilitate their investigations.

The term OSINT was coined to refer to this kind of spy-craft. This practice of collecting publicly available data is not new, in fact, it can be traced back to the 1980s when the military and intelligence services turned to freely available or even officially published sources to gather information and look for useful intelligence to facilitate their

investigations. The term OSINT was coined to refer to this kind of spy-craft.

This same technique nowadays is used by many threat actors, since zillions of data about billions of people and organizations are available on the internet and can be accessed from any geographic location at the cost of a digital device and an internet connection. This practice of collecting and organizing publicly available data is called Open Source Intelligence (OSINT). Here open source describes the public nature of the data being analyzed and not the good old open-source software movement, although many OSINT tools are open source software.

Organizations as part of their marketing and branding efforts, often create their own social media profiles, adding to the wealth of free and public information online.

Much of this data is posted without confidentiality or other considerations, but organizations are beginning to understand why some types of public information can be a liability. For example, listing official email addresses online can provide an attacker with an email address naming structure of the organization that can then be used in the attacker’s next phishing scheme.

Email addresses, domain names, proprietary information, and honest customer reviews are just a few pieces of information often found with some efficient research. With a bit more digging and by connecting the dots, a savvy attacker can identify the security holes that open a door into an organization’s network, undetected.

The OSINT tools were built for security professionals to identify new vulnerabilities in systems, so they can be remediated before they are exploited by threat actors, like potential weaknesses in friendly networks exposing anyone connected to that network to potential threats.

One of the prominent use of open-source intelligence by security professionals is to prioritize their time and resources to address the most significant current threats. At any given moment, an organization races multiple threats and all of them do not require an equal amount of attention. In most cases, this type of work requires an analyst to identify and correlate multiple data points to validate a threat before action is taken. OSINT is not just limited to preventing cyber threats, it has multiple use cases in various other industries. For example, OSINT is used by Law Enforcement Agencies to collect data from a wide range of open sources, social media, news sites, and surface, deep, and even dark web which helps fight organized crimes, combat human trafficking and collect forensic evidence.

One of the use cases of OSINT, we all have experienced in our lives in the last two years. The COVID help websites that scraped the web for the availability of oxygen cylinders, ICU Beds, blood, and injections and organized that data in one place for anyone in need, is an example of OSINT since the information was collected from publicly available sources. This is the use of OSINT in disaster management. With good analysts and more efficient ways to collect and organize big data, OSINT will prove to be a great tool for policymakers and leaders, giving them valuable insights to make better decisions.