What is OSINT (Open Source Intelligence)?

what is osint open source intelligence.

Have you ever wondered how investigative journalists, government agencies, or law enforcement agencies can gather some obscure information?

You may have heard of a term called “open source intelligence” (OSINT). It may sound complicated and out of your reach, but that's not the case.


What is OSINT?

First, we need to break the term into two parts. On the internet, “open source” refers to any information that is publicly available online. “intelligence” means any information collected for prudent professional purposes. Together, they refer to information gathered from public resources on the internet.

According to Uncle Sam's state defense department, OSINT is defined as “intelligence generated from publicly available information and collected, exploited and disseminated in a timely manner to an appropriate audience for the purpose of addressing specific intelligence requirements”.

At the same time, you also need to be aware of information that does not belong to OSINT such as collecting information that is personal to you, such as text messages or emails between your friends.

A simple Google search doesn't count as OSINT. The practice goes beyond simply typing keywords into a search engine, and diving into what is known as the “deep web” sites or pages that are on the internet but cannot be accessed through regular search engines like Google or Yahoo.

The practice of OSINT is not new. Its origins can be traced back to the United States military during World War II, where the US established the so-called Foreign Broadcast Monitoring Service (FBMS) to collect, analyze, and access public information released by foreign organizations. Following the 9/11 attacks in 2001, the US government established the Open Source Center (OSC) under the CIA.

Before the internet, OSINT was collected through simpler sources, such as newspapers, magazines, television and radio recordings, photographs, and so on. With social media becoming an integral part of many, if not all personal and professional activities in the twenty-first century, gathering public information on social media platforms has become part of OSINT. A new term has also emerged to describe this, SOCMINT (social media intelligence), and is classified as part of OSINT.


Who Uses OSINT?

OSINT is used by professionals in various industries. As an example:

  * Journalists collect information on a subject to assist them in investigative reporting.

  * Cybersecurity professionals monitor and identify hackers.

  * Law enforcement officers collect evidence for criminal cases.

  * Businesses collect data about companies while conducting due diligence.

Many companies now offer OSINT training to employees. Some even have a dedicated team of analysts and market researchers conducting OSINT activities.


What is the Purpose of Using OSINT?

As the example above shows, OSINT is very important and widely used in a wide variety of industries. They serve the same purpose, which is to detect potentially suspicious or illegal activity. They are also used by companies to protect themselves and their clients from data and privacy breaches.

OSINT is generally a less expensive data collection method than traditional investigative methods. Many OSINT tools are subscription-based, and offer companies a variety of packages based on their needs.

The open-source intelligence on social media is constantly being updated. A person's recently updated public Facebook status, for example, will be more recent and therefore relevant than a news article written about them five years ago.

The statutory definition of OSINT also guarantees that it is a legal practice. Data protection laws that have been introduced in recent years, such as the European Union's General Data Protection Regulation, strengthen the legal basis for OSINT. As long as the company runs OSINT within the specified limits and in accordance with the law, all information obtained is valid and usable.


What Are the Disadvantages of OSINT?

OSINT sounds strong, but that doesn't mean it doesn't have weaknesses. Many professionals who use OSINT experience information overload, and it can be very time-consuming for them to filter every detail.

Furthermore, when running SOCMINT, it is very difficult to verify the validity of every single detail collected. One of the weaknesses of the OSINT tool is that many tools do not have a fact-checking function, so distinguishing true news from fake news is a difficult task.


Three OSINT Tools For Beginners

It's not just companies that can access OSINT tools. If you are interested in exploring the world of OSINT, here are some simple and popular tools that you can use.


1. Maltego

Founded in 2008, Maltego is the premier OSINT tool for those in the industry. This tool is able to monitor and map relationships between entities, providing visualization of results that make the work easier for researchers. It is also very useful for identifying malware.

Maltego operates under license with a variety of packages to choose from. The company also offers training and technical support to business clients.


2. TheHarvester

TheHarvester is used to search data about the company and assess its external threats on the internet. This tool collects data from more than twenty major search engines and websites, including Google, Bing, Yahoo, and Twitter, and gathers any intelligence it can find in the public domain.


3. Wayback Machine

Ever tried to search for a web page, only to find out that it doesn't exist anymore? Wayback Machine is here to support all of that. This site is basically an archive for the internet. Just enter the name of the page you are looking for, and the engine will return with every relevant page removed.


Summary

So what is OSINT? OSINT or open-source intelligence is the practice of gathering information from published or publicly available sources. In an age of social media where almost anything can be found online, OSINT seems like a powerful and comprehensive tool. But we must remember that in any form, by any method, performing a background check will always have risks.

The point of OSINT is not what you find, but what you do with what you find. As long as the collected intel is used professionally and ethically, OSINT can help protect vulnerable online communities from cybersecurity threats.


Hopefully, this article about What is OSINT (Open Source Intelligence)?, gives you a little insight. Also, read an article about What is Penetration Testing: Stages and Methods that you may need to know. Thank you.

Previous Post Next Post