Open Source Intelligence (OSINT) is a technique used to gather open-source data from various freely available resources for a specific purpose. OSINT is primarily used in cybersecurity. However, the scope goes further than cybersecurity. For example, a private investigator may use publicly available data to find information about their client. On the other hand, an organisation may use publicly available data to find how their product is better than their competitors.
The most important source for OSINT is publicly available information. Publicly available information can be newspapers, blogs, websites, social media posts etc. The point of OSINT is that the data should be freely available.
Before we go any further, a huge shout out to Mr. Arun Mohindru, Quality Assurance Analyst working with Citizen Resource Information Department, Government of Haryana, for his expert views on this article, and for overall guidance.
Types of OSINT
- Active- As the name suggests, Active OSINT is active in nature, i.e. there is a direct contact with the target which leads to more reliable results. The issue which one might face while Active OSINT is that since there is a direct contact with target, there is a high chance for detection;
- Passive- On the other hand, Passive OSINT refers to obtaining intelligence through third party services. There is low risk of detection. However, since the information is obtained through third party services, it may include false information.
The vulnerability of information is not only restricted to Individuals and Organisations but also to the Government. Since, a lot of information is available on the government websites, the information available can be easily retracted which breaches the user’s privacy.
Some of the tools used for open-source intelligence are-
- Maltego: Maltego is one of the most commonly used tools for open source intelligence. It collects information from various sources and gives a collection of them;
- Shodan: Shodan is a search engine that is primarily used by hackers. A search on Shodan gives searches regarding the assets which are connected to the network than the information itself;
- Google Dorks: Google is one of the most popular search engines. On the other hand. Google Dorks can help a user to target the search or index the results in a better and more efficient way.
IMPORTANCE OF OSINT
Importance of OSINT can be multifold. One of the most important reasons why people use OSINT is the cost. OSINT is cost-effective. Information is readily available on the internet so there is no cost in terms of finding specific information. The cost of OSINT is cheaper than the traditional sources. For example, certain information which is available on the government website for a certain sum may be available on social media or blogs for free.
OSINT is also legal. If someone uses illegal methods for obtaining information then there is a doubt that there might be a criminal charge against the person for breaching privacy. However, in the case of OSINT, since the data is available freely at large, there is no issue of legality of the data.
Another major reason why OSINT is useful is that there is a wide range of information which is available on the internet. Therefore, a person can search at many places and not be restricted to one thing.
HOW CAN OSINT AFFECT INDIVIDUALS AND ORGANISATIONS?
Individuals have become more accustomed to the internet than ever before. Daily, information is being uploaded on the internet without most people understanding its impact. This publicly available information can be manipulated against the favor of most individuals and organisations.
After the advent of social media, most people have social media accounts these days. LinkedIn, a social media website for professionals can be used by someone who is looking to exploit the organisation. Here is an example of how it can take place:
LinkedIn usually has information about who is in an organisation and their qualification. Therefore, providing a data set to the hacker. From here, they can know who could be targeted and in what way.
Organisations can also use OSINT for counterintelligence too. For example, an organisation can routinely employ OSINT teams who would check whatever information is available on the internet regarding the organisation and whether this information is risky i.e. can lead to exploitation of the organisation or any of its employees. Apart from that, OSINT teams can also help in understand various amount of things such as-
- Stolen property of the organisation including intellectual property;
- Leaked confidential information on the internet;
- Fake or phishing websites;
- Employee conduct on social media;
- Customer reviews.
Individuals, in a similar way, unknowingly provide a lot of information to people online. This information can be easily misused to exploit a person. For example, phishing sites are used which look like real websites. These websites take information and then leads to the actual website or shows an error. Most people do not understand that it is a phishing website. The purpose of phishing websites is to fraudly take data from the user such as usernames, passwords, Aadhaar Number etc.
Certain organisations use OSINT about their employees before hiring them, checking whether they are the right fit for the organisation and whether their behaviour can lead to issues in the future. Many employees over the world have been fired after their employers check their social media. For example, in 2015, a woman from Texas described her first day of work on twitter in an inappropriate way. She was fired the next day after the employer found out about her tweet. Many other examples are present where the organisations understood that there was a risk of exploitation due to certain information getting leaked.
Certain Government institutions are also vulnerable to attacks or data breaches due to the manipulation of freely available data. For example, for a lot of Indian government websites, the only thing needed to login is the name, father’s name, date of birth and the Aadhar number. If one can observe, these can be easily found from a person’s social media profiles, Aadhaar card, etc..
The Internet is a vast place. Information and data are the primary subsets of the internet. Therefore, in order to save ourselves against any kind of exploitation, it is necessary to limit information about us on the internet.
A google search might provide someone with all the information it needs to exploit a person or an organisation. Therefore, both individuals and organisations should ensure that there is only limited information about them on the internet.
OSINT or Open Source Intelligence is the process of using freely available data for a specific purpose. This could be Digital Forensics, Counterintelligence or just researching for a particular topic. The vastness of information on the internet gives the power to those who want to exploit people on the internet.
It has become necessary for organisations to hire OSINT teams in order to ensure that they cannot be exploited through the internet. Also, individuals can routinely check what information is available regarding them on the internet and take it down if they believe the information can lead to losses.
While we hope you enjoyed this article, we would like to know what you think. So let us know in the comments? For further reading, you may like to read about how criminals misuse data to commit cyber crimes, and how to get off the hook of a phishing campaign!
Do subscribe to our Telegram channel for more resources and discussions on technology law and news. To receive weekly updates, and a massive monthly roundup, don’t forget to subscribe to our Newsletter.