What is OSINT (Open Source Intelligence)?

 Have you ever wondered how investigative journalists, government agencies or law enforcement agencies can collect some obscure information?

You may have heard of a term called “open source intelligence” (OSINT). It may sound complicated and beyond your reach, but that's not the case.

What is OSINT?

First, we need to break the term into two parts. On the internet, “open source” refers to any information that is publicly available online. “intelligence” means any information collected for a thoughtful professional purpose. Together, they refer to information gathered from public resources on the internet.

According to the U.S. Department of Defense, OSINT is defined as “intelligence that is generated from publicly available information and is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing specific intelligence requirements”.

At the same time, you also need to be aware of information that does not belong to OSINT such as collecting information that is personal to you, such as text messages or emails between your friends.

A simple Google search doesn't count as OSINT. The practice goes beyond typing keywords into a search engine, and diving into what is known as the “deep web” of sites or pages that exist on the internet, but are not accessible via regular search engines such as Google or Yahoo.

Where Does OSINT Come From?

OSINT practices are nothing new. Its origins can be traced back to the United States state military during World War II, where the US set up what it called the Foreign Broadcast Monitoring Service (FBMS) to collect, analyze, and access publicly released information by foreign organizations. Following the 9/11 attacks in 2001, the US government established the Open Source Center (OSC) under the CIA.

Before the internet, OSINT was collected through simpler sources, such as newspapers, magazines, television and radio recordings, photographs, and so on. With social media being an integral part of many, if not all personal and professional activities in the twenty-first century, gathering public information on social media platforms has become a part of OSINT. A new term has also emerged to describe this, SOCMINT (social media intelligence), and is classified as part of OSINT.

Who Uses OSINT?

OSINT is used by professionals in various industries. As an example:

* Journalists collect information about a subject to assist them in investigative reporting.

* Cybersecurity professionals monitor and identify hackers.

* Law enforcement officers collect evidence for crime cases.

* Businesses collect data about companies when conducting due diligence.

Many companies now offer OSINT training to employees. Some even have a dedicated team of analysts and market researchers conducting OSINT activities.

What is the Purpose of Using OSINT?

As the examples above show, OSINT is very important and widely used across a wide variety of industries. They serve the same purpose, which is to detect potentially suspicious or illegal activity. They are also used by companies to protect themselves and their clients from data and privacy breaches.

OSINT is generally a less expensive data collection method compared to traditional investigative methods. Many OSINT tools are subscription-based, and offer companies various plans based on their needs.

Open source intelligence on social media is constantly being updated. A person's recently updated public Facebook status, for example, will be more recent and therefore relevant than a news article written about them five years ago.

The statutory definition of OSINT also guarantees that it is a legal practice. Data protection laws that have been introduced in recent years, such as the European Union's General Data Protection Regulation, strengthen the legal basis for OSINT. As long as the company operates OSINT within prescribed limits and in accordance with the law, all information obtained is valid and usable.

What are the Cons of OSINT?

OSINT sounds strong, but that doesn't mean it doesn't have weaknesses. Many professionals who use OSINT suffer from information overload, and it would be too time consuming for them to sift through every detail.

Furthermore, when running SOCMINT, it is very difficult to verify the legitimacy of every detail collected. One of the drawbacks of OSINT tools is that many of the tools lack fact-checking functionality, making distinguishing true news from fake news a difficult task.

It's not just companies that can access OSINT tools. If you are interested in exploring the world of OSINT, here are some simple and popular tools you can use.

1. Maltego

Founded in 2008, Maltego is the ultimate OSINT tool for those in the industry. This tool is able to monitor and map relationships between entities, presenting visualization of results that make the work easier for researchers. It is also very useful for identifying malware.

Maltego operates under a license with a variety of packages to choose from. The company also offers training and technical support to business clients.

2. TheHarvester

TheHarvester is used to find data about companies and assess their external threats on the internet. This tool gathers data from more than twenty search engines and major websites, including Google, Bing, Yahoo, and Twitter, and gathers whatever intelligence it can find in the public domain.

3. Wayback Machine

Ever tried to find a web page, only to find that it doesn't exist anymore? The Wayback Machine is here to support all of that. This site is basically an archive for the internet. Just enter the name of the page you're looking for, and the engine will come back with every relevant page removed.

Conclusion

So what is OSINT? OSINT, or open source intelligence is the practice of gathering information from published or publicly available sources. In an age of social media where almost anything can be found online, OSINT seems like a powerful and comprehensive tool. But we must remember that in any form, by any method, conducting a background check will always carry risks.

The point of OSINT is not what you find, but what you do with what you find. As long as the intel gathered is used in a professional and ethical manner, OSINT can help protect vulnerable online communities from cybersecurity threats.

________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ ________

So many articles What is OSINT. Look forward to other interesting articles and don't forget to share this article with your friends. Thank you…

Resa Risyan

Just an ordinary person who wants to share a little knowledge, hopefully the knowledge I provide can be useful for all of us. Keep in mind! Useful knowledge is an investment in the afterlife.