NEW!Enroll into our new Ethical Hacking Playlist. Watch Now

[quads id=1]

Ethical HackingTechnology

OSNIT: Everything you need to know about Open-Source Intelligence

3 Mins read
[quads id=3]

What is OSINT ?

OSINT or Open Source Intelligence is the process by which information are collected from openly available information or information which are Available for the public.

OSINT operations are performed by IT security pros, malicious hackers, or state-sanctioned intelligence operatives. They make use of advanced technologies to search among the huge haystack of data which is visible to all of us and they find important points they’re looking for to make their goal successful and learn information that many don’t realize is public.

What is OSPEC ?

OSPEC is Operations Security. It is the process by which organizations Protect the data that they key public view about themselves, which when is analyzed carefully can leak critical and confidential data about the organization
OSINT operations are somewhat similar to OSPEC.

text
Photo by Markus Spiske on Unsplash

History of OSINT ?

In the 1980s, the military and intelligence services started changing some of their information collecting ways and made it different from the covert methods. For example, trying to read an adversary’s mail or tapping their phones to discover hidden secrets. Instead of these methods, efforts were put into finding for useful data that was available publicly for all of us to read.

At that time, there was no social media and no Google or hacking tools or cyber security to help them with their job. But there were newspapers, magazines and databases that were available for us public. For someone who who knew how to connect dots, those information were pretty useful and interesting.

Others are reading

Videos

HackTheBox – Invite Code Challenge 2021

1 Mins read
In this video I’ll talk about how to join hackthebox and complete the hack the box invite code challenge in order to…
Ethical HackingEthical Hacking Course

Mastering Reconnaissance in Cyber Security: A Beginner’s Guide to Footprinting

9 Mins read
Footprinting stands at the forefront of reconnaissance in cyber security, marking the initial phase where cybersecurity professionals, penetration testers, and even threat…
Ethical Hacking Course

Getting Started with Burp Suite: A Comprehensive Guide

7 Mins read
Introduction In today’s digital landscape, web application security testing has become a critical aspect of ensuring the safety and integrity of online…

OSINT was invented to refer to these kind of information. Now we can use these techniques in cyber security. Organizations have very big public facing infrastructure. They spam networks, technologies, etc. Information are stored in employees devices, with BYOD devices that they own, clouds, embedded in their webcams or in the source codes of active applications.
There are vast organizations, whose IT staffs doesn’t have any clue about most of their assets that are present in the company, which be either public or might not be public.

These organizations hold indirect assets which are their social media accounts, in which there are several information and data, which if caught in wrong hands, can be used with the motive of malice.

OSINT is important because it is the way we can keep and eye on the information that we let loose in the public and for the public and also make sure that there is no chaos. Even if there is, it will be taken care of:

What are the things that OSINT needs to take care of ?

There are mainly 3 things that OSINT needs to take care about :

1) Make sure no public assets are a threat to the company.

This is one of the most important thing that has to be taken care of by the IT sector. OSINT helps the IT team to discover assets and looking for Information that can indirectly harm the organization. Their main job is recording what information someone could publicly find on or about company assets without resorting to hacking.

2) Finding related information outside the box.

A secondary function that some OSINT tools perform is looking for relevant information outside of an organization, such as in social media posts or locations that might be outside of a tightly defined network. Organizations that have made a lot of acquisitions, bringing along the IT assets of the company they are merging with, could find this function very useful.

Given the extreme growth and popularity of social media, looking outside the company perimeter for sensitive information is probably helpful for just about any group.

3) Discover useful information and mending it together.

There are some OSINT tools help to locate and mend all the discovered information together into one useful and actionable data. Running an OSINT scan for a large enterprise can yield thousands of results, especially if both internal and external assets are included. Piecing all that data together and being able to deal with the most serious problems first can be extremely helpful.

What are the threats involved related with OSINT ?

Till this far we have understood how and why is OSINT used. Let’s see how it stands as a threat too.
It’s used to find a potential targets and weaknesses in networks. It is a very simple and easy process to discover the network’s weakness and exploit it for malicious activities.

This is the reason why many organizations which are small in size who cannot afford a good cyber security, gets hacked every year. They are very easy targets OSNIT doesn’t just allow technical attacks on servers and networks but also extracts data about individuals and organizations that can be used to inform social engineering campaigns using phishing (email), vishing (phone or voicemail), and SMiShing (SMS).

This is the reason why using OSINT is important for security purpose as we need to find the delicate things that others can use as a threat against us.

Others are reading

Ethical HackingTechnology

What is Network Security? Types of Web Protection

3 Mins read
Network security is all about protection, detection and reaction. In this highly technocrat world, network security has become one the most crucial role player in the economy.
Ethical Hacking Course

Cybersecurity Course: The Power of Footprinting & Reconnaissance in Hacking

6 Mins read
In the world of digital investigations, one of the most powerful tools at the disposal of investigators is the technique of “footprinting”…
7 posts

About author
Dipsikha Bhattacharya is first year psychology student at Indian institute of Psychology and Research, working here as a content writer, also owns an Instagram page for writings and aspires to be a writer and a psychologist.
Articles
    Related posts
    Ethical HackingEthical Hacking Course

    Footprinting: Tracking Digital Footsteps Through Search Engines

    3 Mins read
    In the vast world of cybersecurity, the notion of ‘Footprinting’ is a widely used concept. As an essential step in penetration testing,…
    Ethical HackingEthical Hacking Course

    Mastering Reconnaissance in Cyber Security: A Beginner’s Guide to Footprinting

    9 Mins read
    Footprinting stands at the forefront of reconnaissance in cyber security, marking the initial phase where cybersecurity professionals, penetration testers, and even threat…
    Ethical HackingHackers News

    How to Set-Up VPN Chaining: The Ultimate Guide

    14 Mins read
    In today’s interconnected world, online privacy and security have become paramount concerns. Many Internet users turn to Virtual Private Networks (VPNs) to…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    ×
    Cyber CrimeEthical HackingHackers News

    Why do Hackers Hack: InfoSec Insights