What is OSINT (Open Source Intelligence) & why you should learn it?
Today we explore the world of OSINT. OSINT stands for Open Source Intelligence, and it is one of the key aspects in understanding the cyber-security on the internet and the information era.
Open source intelligence (OSINT) is information collected from public sources such as those available on the Internet, although the term isn't strictly limited to the internet, but rather means all publicly available sources.
How is Open Source Intelligence used?
We may not know it but we already use OSINT in our day-to-day but companies and individuals don't consciously know it.
Do you think only hackers, con-artists and criminals use this? NO, effective OSINT gathering is essential for journalists, cyber security professionals and in the corporate world, such as the banking sector, to detect potential fraud, phishing scams, money laundering, counterfeit production and other issues.
Company HRs use OSINT for due diligence. It is common for candidates to be vetted for recruitment through their social media and not getting the job because of a photo they posted in 2016.
Social networking sites have also become a key tool for Sales, Marketing, and Product management teams, so most companies need to have a strong social media presence and social media experts in place to implement an effective online marketing strategy.
While a lot of OSINT techniques are used by government and military agencies, they can often be applied to your own company, too. Not all strategies and techniques will work due to different areas of application but you can still identify which sources are good and which ones are irrelevant for your use.
How Organizations can utilize OSINT
Now that we’ve covered the basics of open source intelligence, we can look at how it is commonly used by organizations big and small.
Protect brand reputation and preserve trust - Nothing damages a company more than losing brand trust. Preserving the integrity of your brand is a multifaceted job, and a team employing OSINT resources can certainly help. OSINT teams understand how to take the information at hand to both prevent incidents, as well as to aid in the response after the incident.
Understand public sentiment, react, and respond - Whether your organization is looking to understand the public perception in a particular region for business expansion, or there has been a public incident that requires crisis communication, data collected through OSINT research can be an invaluable asset for making better informed decisions.
Detect data breaches early on and identify external threats - Businesses are at a constant risk of confidential information being leaked, such as customer personal information, intellectual property, and more.
The Dark side of OSINT
Consider the amount and the nature of the personal information that you share online, and how it might disclose more than you had bargained for. To put it differently, if a stranger was to search for you on Google, Facebook, LinkedIn and elsewhere, how much could they learn about you as a person, your family and friends, and your coworkers? Could they discover where you live? Where you work? Where you attended school? Your hobbies, interests and daily routines?
Given enough data points about a person (or an organization), certain undisclosed details may nonetheless be exposed or “predicted” using statistics and algorithms.
What most people may not realize is that the first step of any cyber attack involves reconnaissance to collect as much information as possible about the target.
In order to avoid becoming the next unwitting victims of cybercrime, people all over the world must be made aware of the risks and should learn how to defend themselves.
Open source intelligence (OSINT) is information collected from public sources such as those available on the Internet, although the term isn't strictly limited to the internet, but rather means all publicly available sources.
How is Open Source Intelligence used?
We may not know it but we already use OSINT in our day-to-day but companies and individuals don't consciously know it.
Do you think only hackers, con-artists and criminals use this? NO, effective OSINT gathering is essential for journalists, cyber security professionals and in the corporate world, such as the banking sector, to detect potential fraud, phishing scams, money laundering, counterfeit production and other issues.
Company HRs use OSINT for due diligence. It is common for candidates to be vetted for recruitment through their social media and not getting the job because of a photo they posted in 2016.
Social networking sites have also become a key tool for Sales, Marketing, and Product management teams, so most companies need to have a strong social media presence and social media experts in place to implement an effective online marketing strategy.
While a lot of OSINT techniques are used by government and military agencies, they can often be applied to your own company, too. Not all strategies and techniques will work due to different areas of application but you can still identify which sources are good and which ones are irrelevant for your use.
How Organizations can utilize OSINT
Now that we’ve covered the basics of open source intelligence, we can look at how it is commonly used by organizations big and small.
Protect brand reputation and preserve trust - Nothing damages a company more than losing brand trust. Preserving the integrity of your brand is a multifaceted job, and a team employing OSINT resources can certainly help. OSINT teams understand how to take the information at hand to both prevent incidents, as well as to aid in the response after the incident.
Understand public sentiment, react, and respond - Whether your organization is looking to understand the public perception in a particular region for business expansion, or there has been a public incident that requires crisis communication, data collected through OSINT research can be an invaluable asset for making better informed decisions.
Detect data breaches early on and identify external threats - Businesses are at a constant risk of confidential information being leaked, such as customer personal information, intellectual property, and more.
The Dark side of OSINT
Consider the amount and the nature of the personal information that you share online, and how it might disclose more than you had bargained for. To put it differently, if a stranger was to search for you on Google, Facebook, LinkedIn and elsewhere, how much could they learn about you as a person, your family and friends, and your coworkers? Could they discover where you live? Where you work? Where you attended school? Your hobbies, interests and daily routines?
Given enough data points about a person (or an organization), certain undisclosed details may nonetheless be exposed or “predicted” using statistics and algorithms.
What most people may not realize is that the first step of any cyber attack involves reconnaissance to collect as much information as possible about the target.
In order to avoid becoming the next unwitting victims of cybercrime, people all over the world must be made aware of the risks and should learn how to defend themselves.
—
If you like this post, please do share it on social media like Facebook, Twitter or any other site that you like (of course with a credit link back to this blog post).
Also, don’t forget to follow me on Facebook, Spotify or Anchor.fm (for the Podcast), and Instagram for more updates and random stuff about me and this blog.
If you like this post, please do share it on social media like Facebook, Twitter or any other site that you like (of course with a credit link back to this blog post).
Also, don’t forget to follow me on Facebook, Spotify or Anchor.fm (for the Podcast), and Instagram for more updates and random stuff about me and this blog.
What is OSINT (Open Source Intelligence) & why you should learn it?
Reviewed by Vernon Joseph Go
on
Thursday, August 06, 2020
Rating:
Reviewed by Vernon Joseph Go
on
Thursday, August 06, 2020
Rating:
Post a Comment