By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Open-source intelligence (OSINT) is the collection of data from publicly available sources to be used in the context of intelligence. Within the intelligence world, the term “open” refers to overt, meaning sources available publicly, opposed to clandestine or covert sources.
OSINT is not a new concept. It has been in use for decades. However, with the arrival of instant communication and fast information transmission, a significant amount of predictive and actionable intelligence can now be obtained from unclassified public sources.
OSINT should not be confused with public intelligence or open-source software.
The U.S. Director of National Intelligence and the U.S. Department of Defense (DOD) define OSINT as information produced from publicly available information collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement.
In short, open source acquisition involves procuring written, verbal or electronically transmitted material that can be obtained legally without any type of clandestine collection techniques.
Background of OSINT
OSINT’s originates with the pre-Central Intelligence Agency (CIA). The formation of the 1941 Foreign Broadcast Monitoring Service (FBMS) was born during World War II and evolved into the 1967 Foreign Broadcast Intelligence Service (FBIS), the predecessor of the Open Source Center of today.
Acquired by the CIA in 1947, FBIS emerged as the only recognized service organization trained and equipped to monitor and process foreign broadcasts for the benefit of all government agencies needing the service.
Coverage worldwide, to the extent it exists today, was beyond the dreams of those who lived in that era.
In 2005, following the 9/11 attacks, the Director of National Intelligence Agency, Porter J. Goss, announced the creation of the DNI Open Source Center. The Center is designed to collect information available from databases, radio, television, video, geospatial data, photographs and commercial imagery.
OSINT Information Flow Categories
- Media to include newspapers, obituaries, magazines, television, and radio worldwide.
- Internet includes, but not limited to, online publications, discussion groups, blogs, citizen video (user created content and video), Facebook, YouTube, Twitter and other social media websites.
- Commercial Data includes commercial imagery, industrial and financial assessments and databases.
- Grey Literature: patents, working papers, business and corporate documents, newsletters, technical papers, and unpublished works.
- Professional and Academic publications obtained through journals, symposia, academic papers, journals, theses, and dissertations.
- Public Government Data: telephone directories, press conferences, websites, speeches, budgets, hearings and other public government reports.
There are various disciplines of OSINT and the methods and applications are almost endless.
The New OSINT
Ten years ago, open source information was scarce; however, in recent years OSINT has taken on an entirely new meaning.
Back in the day, people were primarily found by searching a phone book. Today, people are increasingly comfortable with sharing their personal information and a treasure trove of information for those who want it.
According to Statistica, it is estimated there will be 2.77 billion social network users around the globe in 2019. Social media has become an excellent and consistent source of information.
While, decades ago the problem was shortage of open source information, the biggest difficulty now, is filtering through an overabundance of information.
Some examples of OSINT resources are:
- Internet directories containing personal information, residences, relatives, demographics, employment, contact information.
- Social networking sites provide personal information, friends, family members, interests, photographs, videos, and activities.
- Online reviews provide interests, purchases, activities and lifestyle.
- User contributed information could be a blog, hobbies, opinions, and expertise.
- Academic sites provide information related to education, business conferences, associations, and academic papers.
- Company websites have personnel listings, backgrounds, location, duties, services, and contact information.
- News sources provide topical information, reports, events, personal history, obituaries, and contact information.
- Government sources provide personal information, criminal background, court activity, minutes, locations, demographics, tax records and other financial data.
Social Media Monitoring and Geofencing
Companies like Echosec, based in Victoria B.C., offers a web platform to draw what is called a “Geofence” allowing users to pinpoint a location of interest on a map and obtain information within selected parameters, then filter searches by keyword, hashtag, or username within the geofence.
Echosec’s real-time social media mapping connects virtual communities to real-world locations and gives new meaning to Geographic Information System Mapping (GIS). A powerful research tool combining GIS and OSINT.
This is becoming a popular method of analysis for retail, branding, journalism, private investigation, and finance, collecting what Echosec calls “hyperlocal insights” for better business and breaking news stories.
Google, Yahoo, Bing and other traditional link-crawling search engines do not typically access the information professionals using OSINT research techniques and resources can provide.
Geolocation is one of the most valuable resources used today. For example, videos and photographs shared publicly often contain information where the photographs originated.
Most of us post pictures of ourselves and our friends, tagging each other during a vacation at the beach or out on the town. A geotagged picture is a post that attaches a “geotag” which is the physical location to the post. It allows users insight to their followers, where they are, and what they are doing.
Social media and Geo-location monitoring of open-source information has been more frequently used by law enforcement and private investigators to conduct investigations. Whether a missing person investigation or background check, basic and even critical investigations can benefit from OSINT.
For example, a person is reported missing and frequently posts photographs on Snapchat, Instagram and Facebook. Investigators can access the geotags and see where the person was last and often see who they were with, allowing the investigating agency the ability to immediately expand their investigation.
Open Source Private Investigations
Many private investigators are now specializing in open-source intelligence and social media investigations, referred to as Social Media Intelligence (SOCMINT). While much of the information is available publicly, there are many reasons why an individual would choose to hire a private investigator.
Simply, private investigators know how to search, where to search and what to search for, making hiring a private investigator a more efficient choice. Private investigators know if the information is online, in a state repository, library or the courthouse.
Information that can be obtained includes but is not limited to the following:
- Voter registration
- Bankruptcy records
- Corporate records
- Property records
- Probate records
- Divorce records
- Marriage records
- Court records
- Criminal records
- Due diligence
- Business information
- Financial information
Whether a private individual or a business, obtaining the right information often leads the investigation in a specific direction. Private investigators of today are the next-generation of private intelligence providing services such as:
- Fraud Investigations
- Competitive Intelligence
- Intelligence Collection
- Internet Investigations
- Email Tracing
- IP Investigations
- Financial Investigations
- Asset Investigations
- Pre-investment Investigations
- Difficult to locate
- Missing Persons
- Background Investigations
Knowing when to use a private investigation firm can help hasten an investigation. The service of these firms can make life easier because it requires more than just knowing how to use the Internet. And when all resources are exhausted, a good old “gum shoe” detective can investigate – boots on the ground.
Protecting Your Business with OSINT
Thomas Lauth of Lauth Investigations International uses his nearly 20 years experience working with both private and business sectors. “Open-souce Intelligence or OSINT isn’t a common term used in the business world; however, I can assure you it is a dynamic method of information gathering for businesses in this day and age,” said Lauth.
(Open-source intelligence is being used more frequently to protect company’s information.)
The importance of OSINT is business can’t be exaggerated. It is a matter of gathering intelligence from publicly available sources and analyzing that information for connections and actionable intelligence that would not be normally publicized. In fact, there may be information about your own company available publicly that can make it easier for someone who is considered an “insider threat” or conducting a social engineering campaign to obtain proprietary or damaging information.
“Conducting periodic OSINT for your business, assessing the risks, and addressing vulnerabilities can save a company from failure,” add Lauth. “It is a recommended and necessary action item for all successful businesses.”
OSINT is contained in company websites, reviews, Google searches, along with newspapers, geo-location data within images, company reports and other publicly available data. Often overlooked is social media. Companies and employees often provide more information to hackers or “insider threats” than realized.
Criminals can exploit easily obtained information to conduct scams or a social engineering campaign against a business. In fact, criminals use OSINT too – only for their own devious purposes.
To exploit weak links, criminals or “black hats” can spend weeks, even months researching employee email addresses, current projects, employees that manage money and monitor their social media. They will even study the way employees communicate with each other, gathering the information to create convincing phishing scams and social engineering attacks.
The information collected to conduct these criminal activities is not obtained by hacking into the company, it is obtained by gathering publicly available information.
“The trick is to stay one step ahead of the criminals,” said Lauth. “When working with clients, we ensure we identify vulnerabilities and the process is conducted effectively, efficiently and confidentially.”
The bottom line, by exercising due diligence, using OSINT, and reviewing your own publicly available information, you can protect yourself and your company.