Have you ever wondered how investigative journalists, government agencies, or law enforcement agencies are able to gather some ambiguous information?
You may have heard of a term called “open source intelligence” (OSINT). It probably sounds complicated and out of scope, but it is not.
What is Open Source Intelligence (OSINT)?
First, we need to divide the term into two parts.
On the Internet, “open source” means any information that is publicly available online. “Intelligence” means any information collected for an unobtrusive, professional purpose. Together, they refer to data collected from public resources on the Internet.
According to the U.S. Department of Defense, OSINT is defined as “information that is produced from publicly available information and that is collected, exploited, and disseminated in a timely manner to the appropriate public to meet a particular intelligence requirement.”
At the same time, you need to emphasize what OSINT is not: collecting private information for you, such as text messages between friends or email chains between your colleagues.
A simple Google search is not exactly OSINT. The practice goes beyond typing keywords into a search engine and dives into the so-calleddeep network”— Sites or pages that are on the Internet but cannot be accessed through your regular search engine, such as Google or Yahoo.
Where did OSINT come from?
OSINT’s practice is not new. Its origins can be traced back to the U.S. military during World War II, when the government established the Foreign Broadcasting Control Service (FBMS) to collect, analyze, and use public information published by foreign organizations.
Following the attacks of 11 September 2001, the US Government set up an Open Source Center (OSC) under the auspices of the CIA.
Before the Internet, OSINT was compiled from more traditional sources such as newspapers, magazines, television and radio recordings, photographs, and so on. As social media is part of many if not all personal and professional activities in the 21st century, gathering public information on social media platforms has become part of OSINT. This has also been described by the new term SOCMINT (Social Media Intelligence) and is classified as a subset of OSINT.
Geographical location is also considered part of OSINT, and can be collected.
Who uses OSINT?
OSINT is used by professionals in various industries. As examples:
Journalists gather information on the subject to assist them in investigative reporting.
Cyber security professionals monitor and identify hackers.
Law enforcement agencies gather evidence of a criminal case.
Companies collect information about the company when performing a due diligence audit.
Many companies now offer OSINT training to employees. Some even have their own team of analysts and market researchers who perform OSINT activities.
What is the value of OSINT?
As the examples above show, OSINT is important in many industries. They have a common purpose, which is to detect possible suspicious or illegal activity. Companies also use them to protect themselves and their customers from breaches of information and privacy.
People who use the OSINT system also do not require the stress of tight relationships, such as the processing of information from human sources.
OSINT is generally a cheaper method of data collection compared to traditional research methods. Many OSINT tools are subscription-based and offer companies different packages according to their needs.
Open source information on social media is constantly being updated. For example, a person’s recently updated public Facebook status would be newer and more relevant compared to a news article about them written five years ago.
The OSINT definition of the law also guarantees that it is a legal practice. Data protection laws introduced in recent years, such as the EU’s General Data Protection Regulation, strengthen the legal basis for OSINT. As long as companies perform OSINT within the limits and in accordance with the law, all information obtained is lawful and usable.
What are the disadvantages of OSINT?
OSINT sounds strong, but it is not without weaknesses. Many professionals who use the OSINT experience overload the data and it is very time consuming to filter all the details.
Next, when performing SOCMINT, it is very difficult to verify the legality of all the details collected. One disadvantage of OSINT tools is that many do not have fact-checking functions, which makes it difficult to separate truthful news from fakes.
Not only companies can use OSINT tools. If you are interested in exploring the world of OSINT, here are a few simple and popular tools you can use.
Founded in 2008, Maltego is an OSINT tool for professionals. The tool is able to track and map links between entities by presenting a visualization of its results, which facilitates the work of researchers. It is also very useful in identifying malware.
Maltego operates under a license from which you can choose different bundles. The company also provides training and technical support to corporate customers.
The harvester is used to search for information about a company and assess its external threats on the Internet. The tool collects information from more than twenty mainstream search engines and websites, including Google, Bing, Yahoo and Twitter, and compiles all the information it can find in the public sector.
Have you ever tried to search a website just to find out it no longer exists? The Wayback Machine is supported here.
The site is basically an internet archive. Just enter the name of the page you are looking for and the machine will return with each relevant deleted page.
Open source intelligence
In the age of social media, when virtually everything can be found online, OSINT seems to be a comprehensive and effective tool. But we should remember that in any form and by any method, conducting background checks always carries risks.
The central thing about OSINT is not what you find, but what you do with what you find. As long as the collected intelligence is used professionally and ethically, OSINT can help protect vulnerable online communities from cyber security threats.
The five best-known organized cybercrime groups
About the author