Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Understanding Open Source Intelligence is Critical to Cybersecurity

August 17, 2022

Dark Reading reported on August 15 that OSINT (open source intelligence) is used by attackers all the time to identify and exploit vulnerabilities in processes, technologies and people. It is easy to collect and the process is invisible to the target.  And that why OSINT is used intensively by military intelligence.

We really make it easy for the bad guys. We announce on Twitter, Facebook and in auto-responses about our vacation plans. We love fitness social networking apps like Strava. Even the military enjoys tracking and sharing their runs on Strava – unfortunately, Strava exposes the precise location of military bases.

Traditionally, open source intelligence was gathered through TV, radio, and newspapers. Now it is all over the internet, including:

  • Social and professional networks like Facebook, Instagram, and LinkedIn
  • Public profiles on dating apps
  • Interactive maps
  • Health and fitness trackers
  • OSINT tools like Censys and Shodan

We use all these tools for worthwhile purposes. But there is a dark downside.

For instance, the same ADS-B Exchange app that you use to keep track of your loved one’s flights in real-time can be exploited by malicious actors to locate their targets.

Open source information isn’t just available to those it is intended for. Anyone can access and utilize it, including government and law enforcement agencies. It is cheap and easily accessible. Nation-states and their intelligence agencies use OSINT because it provides good intelligence. Because it’s all freely available information, it’s hard to attribute access and utilization to a single entity.

Extremist organizations and terrorists can weaponize open source information to collect as much data about their targets as possible. Cybercriminals utilize OSINT to craft highly targeted social engineering and spear phishing attacks.

Businesses use open source information to analyze competition, predict market trends, and identify new opportunities. You probably use it yourself to find someone’s email address or phone number.

From social media sites, cybercriminals gather data like personal interests, past achievements, family details, locations of employees, VPs, and executives of their target organizations. They can use this to craft successful spear-phishing messages, calls, and emails.

Malicious users can (and do!) Google information such as the default passwords for specific brands and models of IT equipment and IoT devices like routers, security cameras, and home thermostats.

Searches on GitHub can reveal credentials, master keys, encryption keys, and authentication tokens for apps, services, and cloud resources in shared, open source code. The infamous Capital One breach is a good example of this kind of attack.

Google hacking, also known as Google dorking, lets cybercriminals use advanced Google search techniques to find security vulnerabilities in apps, specific information about individuals, files containing user credentials, and much more.

Shodan and Censys are search platforms for Internet-connected devices and industrial control systems and platforms. Search queries can be refined to find specific devices with known vulnerabilities, accessible elastic search databases, and much more.

Businesses that using OSINT to identify opportunities and analyze competitors should widen their application of OSINT to cybersecurity.

OSINT Framework, a collection of OSINT tools, is a good starting point for enterprises to use the power of OSINT. It helps penetration testers and security researchers find and collect freely available and potentially exploitable data.

Tools like Censys and Shodan are primarily designed for pen-testing, too. They permit enterprises to identify and secure their Internet-connected assets.

WE are quick to overshare information – everywhere. Employers should educate employees about safe and responsible social media usage.  Employee cybersecurity awareness training is critical and should be a semi-annual activity, along with simulated cyberattacks and phishing simulations.

Open source intelligence is much more of a danger to individuals and businesses than they imagine!

Hat tip to Dave Ries.

Sharon D. Nelson, Esq., PresidentSensei Enterprises, Inc.
3975 University Drive, Suite 225Fairfax, VA 22030
Email:   Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology