What is OSINT ?
OSINT or Open Source Intelligence is the process by which information are collected from openly available information or information which are Available for the public.
OSINT operations are performed by IT security pros, malicious hackers, or state-sanctioned intelligence operatives. They make use of advanced technologies to search among the huge haystack of data which is visible to all of us and they find important points they’re looking for to make their goal successful and learn information that many don’t realize is public.
What is OSPEC ?
OSPEC is Operations Security. It is the process by which organizations Protect the data that they key public view about themselves, which when is analyzed carefully can leak critical and confidential data about the organization
OSINT operations are somewhat similar to OSPEC.
History of OSINT ?
In the 1980s, the military and intelligence services started changing some of their information collecting ways and made it different from the covert methods. For example, trying to read an adversary’s mail or tapping their phones to discover hidden secrets. Instead of these methods, efforts were put into finding for useful data that was available publicly for all of us to read.
At that time, there was no social media and no Google or hacking tools or cyber security to help them with their job. But there were newspapers, magazines and databases that were available for us public. For someone who who knew how to connect dots, those information were pretty useful and interesting.
Others are reading
OSINT was invented to refer to these kind of information. Now we can use these techniques in cyber security. Organizations have very big public facing infrastructure. They spam networks, technologies, etc. Information are stored in employees devices, with BYOD devices that they own, clouds, embedded in their webcams or in the source codes of active applications.
There are vast organizations, whose IT staffs doesn’t have any clue about most of their assets that are present in the company, which be either public or might not be public.
These organizations hold indirect assets which are their social media accounts, in which there are several information and data, which if caught in wrong hands, can be used with the motive of malice.
OSINT is important because it is the way we can keep and eye on the information that we let loose in the public and for the public and also make sure that there is no chaos. Even if there is, it will be taken care of:
What are the things that OSINT needs to take care of ?
There are mainly 3 things that OSINT needs to take care about :
1) Make sure no public assets are a threat to the company.
This is one of the most important thing that has to be taken care of by the IT sector. OSINT helps the IT team to discover assets and looking for Information that can indirectly harm the organization. Their main job is recording what information someone could publicly find on or about company assets without resorting to hacking.
2) Finding related information outside the box.
A secondary function that some OSINT tools perform is looking for relevant information outside of an organization, such as in social media posts or locations that might be outside of a tightly defined network. Organizations that have made a lot of acquisitions, bringing along the IT assets of the company they are merging with, could find this function very useful.
Given the extreme growth and popularity of social media, looking outside the company perimeter for sensitive information is probably helpful for just about any group.
3) Discover useful information and mending it together.
There are some OSINT tools help to locate and mend all the discovered information together into one useful and actionable data. Running an OSINT scan for a large enterprise can yield thousands of results, especially if both internal and external assets are included. Piecing all that data together and being able to deal with the most serious problems first can be extremely helpful.
What are the threats involved related with OSINT ?
Till this far we have understood how and why is OSINT used. Let’s see how it stands as a threat too.
It’s used to find a potential targets and weaknesses in networks. It is a very simple and easy process to discover the network’s weakness and exploit it for malicious activities.
This is the reason why many organizations which are small in size who cannot afford a good cyber security, gets hacked every year. They are very easy targets OSNIT doesn’t just allow technical attacks on servers and networks but also extracts data about individuals and organizations that can be used to inform social engineering campaigns using phishing (email), vishing (phone or voicemail), and SMiShing (SMS).
This is the reason why using OSINT is important for security purpose as we need to find the delicate things that others can use as a threat against us.
