OSINT: what it is and how cybercriminals are using it
Have you ever heard the term OSINT? Though still largely unrecognized among the lay public, the concept is popular among technology professionals and even government investigative or law enforcement agencies. OSINT is the acronym for Open Source Intelligence, which should provide an initial idea of its meaning.
In layman’s terms, OSINT involves using public sources of information to generate intelligence. Specifically in the virtual world, OSINT involves leveraging all publicly available information on the Internet to obtain findings, collect evidence, or, unfortunately, in the case of cybercriminals, craft more convincing scams to trick victims.
We need to address a small "detail" at this point; something that causes loads of doubt: is OSINT even legal? The answer’s not so simple. In theory, yes. After all, all publicly available information can, supposedly, be used by anyone. Problems arise when the technique is used for malicious purposes or when it violates specific rules on certain platforms – like social networks, which prohibit the collection of open data from their users.
Scouring the Internet
As mentioned earlier, OSINT is particularly popular among investigative forces, as it allows you to cross-reference a range of data from different sources to discover the real identity of an offender, for example. Think about how police teams around the world have cross-referenced videos, photographs, and other public information to identify a vandal or criminal, for instance. However, in the world of cybercrime, the method is used very differently.
Applying specific OSINT tools, criminals can craft even more effective phishing campaigns by obtaining in-depth information about a specific victim. They can also employ software to detect faulty servers, open connection ports, network equipment with weak passwords, and so on.
All it takes is a little patience, knowledge of how to use the appropriate keywords in the most common search engines, and, finally, all the intelligence gathered can be used for malicious purposes.
How to protect yourself
There’s good news and some bad news. Beginning with the bad news: it’s tough to mitigate attacks architected through OSINT. After all, the technique is based on collecting public information, and the tools are available to anyone and everyone. The best step towards increased protection is to minimize online exposure as much as possible. Think twice before commenting on something controversial on a public site, and enhance your privacy settings on social networks.
On the other hand, the good news is that information security teams can also employ OSINT tools to shield their systems. They can be employed with relative ease to identify any security holes in corporate computing infrastructures, sensitive information improperly posted on the web, and so on, before cybercriminals do. As always, it’s the early bird that catches the worm!