Verona Security Group
OSINT and its importance.
We at Verona Security Group always have a great desire to learn and keep up to date on news, especially technological ones, which is why on November 30, 2021 we participated in the conference dedicated to OSINT, an acronym that stands for Open Source Intelligence. So we thought, why not share the information we have acquired with those who were not at the conference?
Below we will therefore illustrate what OSINT is, who is interested in using this method and how it works.
With Open Source Intelligence we refer to all sources of information that are available to the public, online and offline, which grow every year and are legally accessible without violating copyright or privacy laws, no authorization is needed and it is immediate.
OSINT was born as an intelligence discipline and today is a fundamental element both for police activities and for the world of corporate intelligence, and at high levels it allows the contrast of national intelligence.
The main organizations that use OSINT services are:
• The Government, especially the military departments;
• International organizations, such as the United Nations or the International Red Cross;
• Military agencies;
• Terrorist organizations.
The information that can be obtained through OSINT is, for example, everything found on the Internet, from forums to social profiles, metadata and digital files, geolocation data, IP addresses and people's search engines. Not only that, OSINT also includes traditional mass media (television, radio), specialized magazines, photos and videos including metadata and geospatial information.
It can also be used for investigation, both public and private.
An area in which it is very useful is that of social networks, and it is possible to acquire information about people even if they have no social profile or if the profile is shielded / private because third parties who are connected to the interested party are analyzed, for example the profiles of friends. In this way, it is not only possible to obtain information on a person who does not have social profiles or has them private, but also to verify whether the information declared by a person on his public profile is true or not, therefore it is possible to perform a profiling activity.
Let's look at a practical example: if a person declares to live in Naples, and I don't find any photos on his/her profile, I can check where his/her closest friends live, which are those with whom he/she has more interactions, I can look for photos inside of their profiles where they are together and I might find that they are all from Rome and there are also some photos in Rome. The logical conclusion is that the subject probably does not live in Naples but in Rome.
Furthermore, real investigations can be carried out on individual photographs, using various existing tools because for everything we want to search or identify, there is probably a dedicated tool that does it. For example, I can determine the period in which a particular photograph was taken by analyzing the shadows, the light, the clothes worn by the subject and even analyzing the plants, starting from the type of plant, when it blooms, etc.
A widely used and widespread data mining software to perform the Open Source Intelligence activity is Maltego, which is able to:
• Do query searches for keywords;
• Do query searches for the purpose of building databases, within which further active searches can be done;
• Lead people back from e-mail addresses, thus finding all social profiles. The same thing can be done starting from a telephone number;
• Perform facial recognition, that is, starting from an image and a name, it is possible to trace all social profiles and carry out the tracking activity;
• Profiling a private Facebook profile through TAGs;
• Identify the friends of a private Instagram profile;
• Carry out the Geosearch: starting from coordinates, you can download posts on social media and then analyze who produced them, thus mapping an organization for example.