OSINT – How do you protect your identity and your business?

Your digital footprint is becoming incredibly sought after. With a combination of Facebook, LinkedIn, Instagram, forums and more, it is now easier than ever to build a portfolio of an individual or business. Your information is used to register for every online service imaginable. This information is valuable and sharing of this can be quite intrusive depending on the service you register for. There is a well used quote “If something is free, you are the product”, and this applies to many scenarios in the digital environment. With a host of services, your information is gathered during registration for use in marketing, and often sold to third parties.

Without proactive control over your data, you can quickly leave yourself susceptible for Open Source Intelligence (OSINT). OSINT is the method of harvesting publicly available information on an individual or business by digging into their social media, looking at common online usernames and aliases to find out as much information as possible about an individual. Findings from this type of OSINT can be used for blackmail, fraud or may even be sold to another individual to misuse.

OSINT is widely used by hackers and nefarious individuals on the internet, but did you also know that it is misunderstood?  OSINT is mainly used for good reasons by governments and companies to improve the internet and keep it safe for public use. An example of this could be for marketing reasons to make your shopping and browsing experience that little bit more personalised and easier, showing you ads or products that you are interested in.


Public law defines OSINT using the below points:

  • Is produced from publicly available information
  • Is collected, analysed, and disseminated in a timely manner to an appropriate audience
  • Addresses a specific intelligence requirement

The key takeaway from the above is to note the term “publicly available”. As you will know, the internet hosts an abundance of information, the vast majority of which would be deemed as publicly available. But what you may not know is that only 1%  of web pages and information on the internet is available through search engines that the majority of people use today such as Google and Bing.  This means that 99% of webpages and databases are in what’s called the “deep web” which would still be “publicly available”, therefore if you had the tools and knowledge to navigate these unindexed webpages there is near infinite amounts of information and data that can be harvested and utilised.

Below are some key points to define whether information would be considered open source (publicly available):

  • Published or broadcast for a public audience (for example, news media content)
  • Available to the public by request (for example, census data)
  • Available to the public by subscription or purchase (for example, industry journals)
  • Could be seen or heard by any casual observer
  • Made available at a meeting open to the public
  • Obtained by visiting any place or attending any event that is open to the public

As we mentioned previously OSINT can be used for good. Our cyber security team CYBX use OSINT as part of their ethical hacking penetration testing services, which you can learn more about here. Our team of security professionals will use open source intelligence to identify vulnerabilities and weaknesses for a clients network and infrastructure, and their employees, in order to provide them with the fixes and remediations needed before threat actors are able to exploit them.

Weaknesses and vulnerabilities that we look for, include:

  • Accidental leaks of sensitive information through social media
  • Open ports or unsecured internet-connected devices
  • Unpatched software, such as websites running old versions of common CMS products
  • Leaked or exposed assets, such as proprietary code on paste bins

On the other side of the coin when the above is done by cyber criminals and threat actors before a penetration test has been performed on a vulnerable business, threat actors use open source intelligence tools and techniques to identify potential targets and exploit weaknesses in target networks. Once a vulnerability is identified, it is often an extremely quick and simple process to exploit it and achieve a variety of malicious objectives.

This is the main reason why so many small and medium-sized enterprises get hacked each year (approximately 1 in 4). It isn’t because hackers specifically take an interest in a certain businesses such as yours, but rather because vulnerabilities in their network or website architecture are found using simple OSINT techniques. Cyber criminals also seek out information about individuals and organisations that can be used to inform social engineering campaigns using phishing (email), vishing (phone or voicemail), and SMiShing (SMS). Often, seemingly innocuous information shared through social networks and blogs can be used to develop highly convincing social engineering campaigns, which in turn are used to trick well-meaning users into compromising their organisation’s network or assets.

Publicly available tools allow users to enter a domain where the tool scans the internet and search engines to find information such as Email addresses found on the website and also IP addresses. All this information can be used for good or bad as mentioned above.

Our advice is to be vigilant with the information you give out online. You wouldn’t put your confidential letters in a bin without shredding them, or at least ripping them apart – so why share all of this information and allow it to be publicly visible online? This information can be collated and used for identity theft, fraud or blackmail; all it takes is a dedicated individual with enough motivation to harvest your information. If you must use your personal information for services, make sure that this is set to private so you cannot be easily traced, or better yet, reduce which services you register for to make your digital footprint smaller.

What should I change immediately you may ask? Make sure your social media profiles such as Facebook and Twitter do not include private information such as address, contact number and date of birth. This information can go much further than you think when it gets into the wrong hands! This information can quickly be used and sold to your detriment. Our second major tip is to ensure vulnerabilities in your network, software and infrastructure are found and remediated before cyber criminals can use OSINT to find them.

If you have questions or concerns don’t hesitate to contact our team who are ready to support you in improving your cyber resilience.