The risks of online exposure: the role of Open-Source Intelligence

(To Lorenzo Baldari)
02/04/24

The current world is increasingly oriented towards the digitalisation of assets, such as currencies, physical and intellectual properties, smart contracts and, more generally, data. Organizations, through their web pages, expose data which for the end user represents a point of arrival, perhaps useful for contacting staff in specific cases, while, for an attacker, these constitute a starting point for "squeezing" and extract useful information. To date, in fact, through simple online searches, it is possible to access a huge quantity of information and data, cataloged in pages listed on search engines: this material is comparable to a gold mine in the eyes of a malevolent actor, which, by exploiting tools and techniques for the correlation of these, is able to acquire extremely relevant details about the perimeter of its target.

Open Source Intelligence (OSINT)

Open-Source Intelligence (OSINT) is that branch of Intelligence disciplines that refers to the practice of collecting, analyzing and using information from so-called "open" sources, providing a spectrum of tools and techniques useful for extrapolating knowledge. The main requirement, therefore, is linked to the free availability and public nature of this material and of the information sources that expose it, leaving out of context everything that is covered by state secrets or that instead involves a payment or a form of exchange .

How a Threat Actor can you use OSINT techniques and tools?

The possibility of accessing this material in free form allows a threat actors to better understand the attack surface of the organization, natural person or asset considered as a target, contextualizing the details and details.

Using OSINT techniques, a malicious actor is able to recover the email addresses associated with natural persons, verifying their presence in data breach note: this practice, in fact, allows you to draw up wordlists modeled on the basis of specific cases or to carry out a theft attempt on the digital user in question.

Further scenarios involve the acquisition of multimedia material coming, perhaps, from the target organization's website: an attacker, in fact, could extrapolate details about the technologies and software used for their creation or processing, narrowing the range of operating systems and potential security holes to exploit to gain access.

The scenarios are the most disparate and complex, leading the world of Cyber ​​Security to be framed within an increasingly transversal and multidisciplinary context: this approach also raises the need for a continuous training in the field, as well as tracing the footsteps towards greater awareness towards all those who, using the web, use their digital identity every day, unaware of the IT risks associated with it.