Open Source Intelligence: what lies behind OSINT
The term OSINT comes from the abbreviation of open source intelligence or open source intelligence. And it comes to carry on research with resources accessible to all. This field has acquired special relevance with the Internet, which since its appearance has been flooded with extensive and unfathomable information about people, companies and governments.
The objective of this open source intelligence is to make this information a little more comprehensive. In a way, it could be said that what it intends is to find relevant data in all this amalgam, in order to later convert it into useful intelligence for certain purposes. The field where it has been most developed and to which it is normally associated is cybersecurity and cyberintelligence.
OSINT or the science of knowing how to search
Although this practice consists of searching with tools available to everyone, its springs are more complex than all this. Carlos Seisdedos, cyberintelligence researcher and analyst at Isecauditors, banishes some accepted beliefs about OSINT: “When we talk about Open Source Intelligence we are not talking about data extraction tools, we are talking about techniques and methodology with which we transform a data or information input into actionable intelligence,” he says. “Open Source Intelligence or Open Source Intelligence (OSINT) is intelligence that is produced based on publicly available informationby collecting, exploiting and disseminating in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement”.
For OSINT to be considered, intelligence must always be acquired from publicly available information. That is why we speak of open sources of information. By comparison, closed sources are those that contain classified or sensitive data. Only authorized persons have access to these, either in a company or in a public entity.
“Open sources are very diverse and include what is found on the Internet, from search engines, social networks, forums, blogs to the Dark Web, or traditional media, such as television, radio, newspapers, books and magazines. But also specialized publications, conference proceedings, think tank studies, photographs, videos, audios, geospatial information, such as maps and commercial image products”, lists Seisdedos.
The researcher specializing in cyber intelligence clarifies that open sources are not synonymous with free sources: “As long as the information is accessed legally and said information is available to any user, regardless of whether it requires a prior payment (for example, a subscription service), it will be considered open source and likely to be used as part of an OSINT investigation.”
The origin of OSINT
In reality, research with open sources, although it was not called that, goes back a long way. Some consider that the military field has been the protagonist of this type of search for information. Not in vain, throughout the centuries military leaders have tried to gather information in a thousand ways to start their confrontations with an advantage.
Although the most organized beginning of the OSINT has its origin already in the 20th century. “It dates back to the years of the Second World Warin which the FBIS (Foreign Broadcast Information Service), created in 1941 by the United States, used open sources, as they would surely use the services of other countries, to obtain information by monitoring and translating foreign media, a way that would provide a military advantage over the adversary”, says Seisdedos.
Intelligence from open sources, key in cyber intelligence
In a field where having information can mean the difference between being protected from attack or being vulnerable, OSINT has come a long way. Its potential is interesting for cybersecurity, as it is one more avenue of investigation in an environment that is usually quite opaque.
“For a cybersecurity researcher or computer security analyst, OSINT techniques allow them to obtain a comprehensive collection of information on the objectives of the audit or assets that must be protected”, says Seisdedos. “For example, in pentesting or social engineering services, the more information available about the targets, the greater the probability of success. In the case of threat intelligence, by collecting and analyzing indicators, as well as monitoring trends, you could identify what threats your organization is exposed to and how you can deal with them proactively”
The information is available to everyone but you have to know how to find it. And for this it is essential to use the right tools. Some are known to everyone. Search engines, for example, such as Google, Bing or Ask index many entries, which link to data of all kinds.
Through these search engines you can find valuable information. It is true that they are available to everyone, but to use them well, certain techniques are required. It is what is known as Google hacking, which is nothing more than commands supported by the search engine to increase the specificity of a search. In this way accuracy is gained. Some of them are as simple as putting a word or phrase in quotes so that Google searches for those specific terms in that order, or typing ‘site:domainname.com’ so that it only shows results on that domain. Others are more complex and allow you to find files that should not be accessible, view open surveillance cameras or discover personal data.
You can also search by location with the right tools, which look for social media posts in a specific location. There are also specialized OSINT search engines, such as Shodan, which crawls the Internet to find computers, webcams, and other connected devices based on software, IP address, and other parameters.
Problems that arise
There are basically two difficulties inherent in this type of research. They have to do with the amount of information and its quality. There is too much information on the Web, so that it’s easy to get lost in an ocean of data without getting anywhere. Hence, specialized tools are needed to focus the work.
The quality of the information is the other problem. And it stems from the first. As there are so many types of publications, the sources are often not reliable. This can happen due to the dynamics of misinformation that are generated on the Internet. But it can also be due to conscious masking work. And it is that just as there are tools to search, there are also tools to mislead and create false identities or artificial online activity.
Internet, a revulsive for the OSINT
Obviously, today’s OSINT work cannot be understood without the Internet. It is true that there are other sources of data, such as printed books and newspapers (which are not yet digital, as is the case in certain areas of the world with local press), radio or television. But the Internet is a huge trunk of informationboth in the version we all know and on the Dark Web.
Users do not stop generating information, whether through social networks or other online activity. And all this adds to the data that the Internet contains. “Although open sources have always been used in the intelligence community, the evolution of technology has allowed them to be exploited to answer new questions and, in turn, make them available globally to any user,” he says. the cyber intelligence investigator.
Seisdedos delves into the enormous change that the emergence of social networks has produced. “It has made it possible to generate a huge volume of information that, in turn, is exposed and accessible to anyone. There is a growing interest in acquiring and exploiting such information, as it provides a competitive advantage and a privileged position. Although there are multiple challenges to face when we refer to OSINT, such as infoxication or misinformation”.
The other fields where OSINT is used
OSINT techniques cannot be limited only to the field of cybersecurity. In reality, any field that involves informed decision making is likely to use these tools. It can help in financial investigations, judicial investigations, audits, trend monitoring, among other areas.
Sesidedos highlights some of its other applications: “It is interesting for human resources departments, by researching and analyzing a candidate’s online activity and reputation. The same as for marketing analysts, by monitoring campaigns, user segmentation, market trend analysis, or gathering information on the objectives of an investigation. Support in police work, during the search for criminals, or to identify fraudulent or malicious pages are also use cases”, he points out.
Cover image: Nikotxan