Threat intelligence is a vital part of a security strategy as it helps businesses prepare for, detect, and prevent cyber attacks. There are several ways of collecting intelligence including signals intelligence (SIGINT), human intelligence (HUMINT), imagery intelligence (IMINT), geospatial intelligence (GEOINT), and open source intelligence (OSINT). We aren’t going to talk about all these ways. Today, we’ll focus on what open source intelligence is and how it can help businesses.
There are two methods of gathering intelligence: covert and overt. Covert methods use secret data sources. Overt data collection uses information that is available for public consumption. As for open source intelligence, it uses overt sources to collect data.
Open source intelligence can be divided into six categories including:
- Public media sources ― news reports, newspapers, and magazines
- Internet ― anything gathered from online databases, search engines, social media, online publications, and discussion groups
- Public government data ― budget reports, publicly available government reports, and public hearings
- Professional and academic publications ― theses, journals, and other academic papers
- Commercial data ― corporate databases, industrial assessments, and financial databases
- Gray data ― information that wasn’t widely distributed or published but is legally available
80% of cybersecurity threats business face are from inside people including contractors, vendors, employees, and customers. For example, disgruntled employees can use social media platforms to divulge confidential information. Poorly configured and personal devices can also open the door to attackers. As a result, the data that should have been kept in house is accessible externally.
Open source intelligence can help businesses with detecting and preventing these threats. For example, if login credentials have been leaked or sensitive data appears in public-facing web servers, open source intelligence makes it easier to find this out and identify the source of the breach.
The drawback of open source intelligence is that the same tools that an intelligence analysts use to protect your business are the same tools that hackers can use to attack your business. Threat actors make use of open source intelligence tools to find a potential vulnerability.
Because threat actors use open source intelligence lots of small and medium-sized enterprises experience data breaches. Why small and medium-sized businesses? The reason is that such businesses don’t invest in their own open source intelligence analysts and are therefore easy targets.
Open source intelligence isn’t just used for IT attacks. Threat actors can use this information to create customized social engineering campaigns. They can use pinpointed phishing by taking advantage of seemingly innocent information shared on social networks or social media and compromising a network.
Open source intelligence leverages a variety of techniques to help a business monitor its data storage and employees. Open source intelligence isn’t something that only large enterprises should be concerned about. Medium and small businesses have valuable information to protect, and open source intelligence is one of the tools that can help them do this.
We hope that our article has given you a better understanding of what open source intelligence is and its benefits and limitations. If you have any questions or if you would like a free consultation with our team, message us.