OSINT tools: What cybercriminals know about you and your company

OSINT stands for “Open Source Intelligence” and refers to the collection, analysis and use of information that comes from freely accessible and mostly open sources. This includes databases, social media, websites, forums, blogs and many other online sources. Information available offline from newspapers, magazines, books and other publications can also be part of OSINT. Companies and individuals can use OSINT to research potential customers, employees or partners – and to identify their own security risks.

What data can one collect with OSINT?

The development of OSINT dates back to the 1930s, when the FBI began collecting and analysing newspapers and other sources to solve crimes. With the advent of the internet and the accompanying explosion of available information, OSINT has evolved greatly over the past decades. Tools and techniques help to quickly and effectively collect, store, analyse and enhance data by linking it into information that is more applicable. [1]

The information available ranges from personal data, activities and interests to information on locations, financial data, structures, investors and employees of companies to technical data such as IP addresses, domains, providers, software or platforms.

Seen in isolation, most of the data is not critical. However, when combined, they can be used, for example, with the support of flight surveillance tools [2], to create movement profiles, map supply and support chains of companies, or carry out identity theft and targeted phishing.

Automated search for freely accessible devices

In addition to “manual” research, various tools and platforms automatically search the internet for free information and network it with other data depending on the focus.

A well-known example is the platform shodan.io, which lists devices and services with at least one open port. Among them are webcams, routers, control systems, switches or Raspberry-Pi mini-computers that are accessible via standard passwords. Companies can use the service to search for their own vulnerabilities and to be notified when a publicly accessible system becomes visible in their own network. [3]

Other platforms or tools focus on other areas, such as forums or social media.

Uncover your own vulnerabilities with OSINT

Not every cyberattack uses highly technical methods. Criminals also prefer to take the path of least resistance – and they also take advantage of freely accessible information. It is therefore worthwhile for companies to do their own research and keep an eye on their own freely accessible data, networks or users. This also requires creative thinking: It is often only a combination of different data that allows deriving relevant information and applying it in terms of cybersecurity.

Using OSINT tools requires practice and regular research into new sources and tools that are constantly evolving. Creativity helps to exploit all possibilities. However, some platforms offer good possibilities to check in an uncomplicated way which data of one’s own person or company is openly available.

You might also be interested in:

IoT botnet attacks on the rise: practical tips for minimising risk
Optimize API security
Tips to better secure smart home devices

Sources: