5 Reasons Why Every Organization Needs An OSINT Team
The number of businesses in the world is rising, and with that rise comes an increasing threat level. Countless new technologies create new areas of vulnerability for both cyber and information-based businesses, as well as brick and mortars. More often than not, businesses straddle both realms with the rise of e-commerce and electronic banking solutions.
Open source intelligence (OSINT), is increasingly important for organizations for a number of reasons. In this article we outline the top 5 reasons today’s organizations need to embrace OSINT techniques into their security processes.
1. Detect Data Breaches Early On
In 2019, Information security is more important than ever. OSINT analysts are experts at navigating buried data from search engines and web pages, and uncovering online intelligence quickly. These experts are deft at handling the tools and techniques required to conduct OSINT investigations and catch leaks. Businesses are at a constant risk of confidential information being leaked, such as customer personal information, intellectual property, and more.
2. Protect Brand Reputation And Preserve Trust
Nothing damages a company more than losing brand trust. Preserving the integrity of your brand is a multifaceted job, and a team employing OSINT resources can certainly help. Getting ahead of data leaks, as outlined above, is paramount for protecting customer information and ensuring they have every reason to trust you and your company. Gathering and analyzing open source data like public social media can also be crucial to help you monitor mentions of your brand name in particular locations in order to stay ahead of online slander.
3. Gather And Understand Public Sentiment, React, And Respond
Whether your organization is looking to understand the public perception in a particular region for business expansion, or there has been a public-facing incident that requires crisis communication, data collected through OSINT research can be an invaluable asset for making better informed decisions. Social media and dark web are key places to go for open source information gathering regarding public opinion.
4. Real Time Incident Response - Violence, Theft, Crisis
Any time there is a large number of people gathering in a particular place, there are risks to consider. Events as benign as sports games and festivals can quickly become heated and dangerous. These are often places where we are most vulnerable, as we are accessible to predators. Teams responding to incidents need access to real time information about the situation so they can keep people safe.
Properly trained OSINT teams understand how to take the information at hand to both prevent incidents, as well as to aid in the response after the incident.
Incidents can range from reputation management issues during new product releases, to physical incidents like burglaries and break-ins, in-store violence surrounding Black Friday or other events, to more serious issues such as natural disasters, active shooters, or other soft-target violence.
5. Protect Executives In Specific Locations - At Home Or Abroad
For the highly variable task of executive protection, rapid access to OSINT tools can advise your team on factors like:
- Is there a fire or other event happening in the city where I’m sending my executive?
- Have airports, roadways, or other means of egress really been closed?
- Is there a shareholders meeting with high risk individuals who need protection?
- Is my VIP’s data leaked on the dark web?
Real World Threats
"Every day a new security threat is unleashed on unassuming victims, whose financial security, reputations, and brands can be destroyed with a few key strokes on the dark web," said Cynthia Hetherington, founder and president of Hetherington Group, a leader in investigative due diligence, corporate intelligence, and cyber investigations. "An OSINT investigator not only needs a keen eye but also a well-trained eye, which comes from staying on top of the latest breaches, platforms, and cyber threats. At Hg, we cut through volumes of open source data using OSINT tools and techniques to keep our work precision-driven."
One company, we’ll call them “Company A”, learned a valuable lesson when an OSINT savvy criminal used social media to physically breach their offices.
The individual did a quick search on the company’s social media feed and discovered a video which showed the inside of their offices and revealed seemingly harmless pieces of information such as the type of vending machines they had.
This information was enough for the criminal to pretend he was there to fix the vending machines. The fact that he knew every detail about the machines was enough for the company to trust that he was who he said he was. Once inside, the criminal found notes on desks containing passwords and other information. Luckily for “Company A”, this particular breach was actually a penetration tester who was able to aid the company in improving their security and prevent a future breach by an actual criminal. This is an example of how criminals use OSINT, and why companies need to use it too.
Another example was in 2018, when researchers found an open Fedex server containing over 119,000 documents which included driver’s licences, passports, and more.
While these particular researchers reported the server, they may or may not have been the first to find it. If a bad actor had discovered it previously, they could be using it maliciously without the company’s knowledge. With a well-trained OSINT team, this could have been found much sooner and secured before anyone got their hands on it.
Echosec And Beacon Make Open Source Data Discovery Effortless.
When gathering open source data for threat intelligence, Echosec and Beacon allow you to add in filters to narrow down your results. You can see all the relevant metadata like dates and times, authors, source URLs, and in the case of Beacon, even phone numbers and email addresses when applicable. It is then simple to search for your business and other related entities to see what information there is out there about them, whether it be leaked information from an employee, credentials, bad reviews, false statements made against you, anything is possible.
No matter what kind of business you have, you can likely benefit from using OSINT. You may already be applying OSINT tactics without even realizing it. Organizations are exploited every day because they are not prepared for attacks. These practices are essential for today's informational security and asset protection.
OSINT analysts are experts at finding and preventing threats to organizations. The range of online information that could harm your business is endless. Empowering a team to use OSINT tools and techniques will go a long way to ensuring your organization is a step ahead of online threats.
Echosec is an industry leading data discovery company. Book a demo to learn about our open source intelligence solutions.