top of page
  • Writer's pictureA&P

Open Source Intelligence (OSINT)


There is tons and tons of information about us that we give away freely everyday. There is social media where we are openly sharing details of our life with our friends or possibly even everyone in the world. There is also the information we trade for convenience. Think of all the shoppers clubs. It is an information exchange- give us your info in return for some discounts. All of this information is collected, aggregated and stored in massive databases. It's how advertisers know to target ads...Big brother is indeed watching our every move. Sometimes its innocent as in the case of targeted ads, but sometimes its not so benign.


If an attacker is targeting you in particular, one of the first things an attacker will do is to look to open sources of information and try to get details on you and your patterns. This is not just in the cyber realm. If you share details publicly on social media about your upcoming vacation and how your house will be unattended, there is a good chance you will come home to having had a break in. If an attacker is looking for a way into a company, they will pull public information about the company. Does your page have an about us that describes all the employees? You can bet the attacker will be all over that page. The attacker can then use google and public record searches to find out about the employees history and where they live. They might do something called dumpster diving where they go through the person's garbage trying to find something sensitive. They might us the information they find to extort or blackmail the person in doing something to help them carry out the attack.


So what can you do? Be careful what information you share. It is not one and done. Tools like the Internet Way Back Machine (https://archive.org/web/) can help the attacker find things you had maybe thought better of an tried to remove. Don't post things that people can use against you. For example, instead of posting about your excitement for your upcoming vacation instead post when you get back about what a great time you had. Don't post information relating to your password. Control the narrative and realize that every time you share information there are risks involved. Make sure you are adequately weighing the risks.

39 views0 comments

Recent Posts

See All

Comments


bottom of page