OSINT: How hackers exploit your online footprint

19.04.21

Blog, Cyber

Have you ever been tempted to google yourself or perhaps someone else, like a job applicant or new acquaintance? In the world of Cybersecurity we call this sort of practise OSINT (an abbreviation of Open Source Intelligence); an assortment of techniques to gain as much information on a person or organisation as possible.

These techniques range from google searches, scouring social media, browsing public directories (such as the Electoral Register) or employing powerful automated tools like Maltego.

OSINT is a targeted and remarkably efficient process that’s been codified in textbooks and training courses. OSINT’s most eager practitioners are not academics though; cybercriminals rely on OSINT as one of the most potent tools in their armoury.

Whilst most people think of hacking as being a highly technical enterprise, most cyberattacks rely on one key element for success: Human Error.

The biggest challenge for any cybercriminal is gaining access to their target. Cybersecurity systems like passphrases and firewalls are very good at keeping hackers out and attacking them directly is normally futile.

It is far simpler and more effective to trick a victim into giving up their credentials or into opening some kind of malicious application.

This kind of attack is known as Social Engineering and principally takes the form of Phishing Emails. A good Phishing Email needs to be carefully crafted towards the victim. Ideally it should appear to be from someone the victim knows and contain specific information that isn’t obviously publicly available.

If the recipient can be convinced of an email authenticity, they will usually carry out whatever action the attacker requests – it is an abuse of trust and of course relies on gathering plenty of information beforehand to ensure the attack is as convincing as possible.

OSINT provides an extremely effective way for an attacker to learn a lot about their target. The more information a hacker can gain, the more likely they are to pull off a successful phishing attack.

First of all, you need to find out what information is already out there and if possible, limit access to it.

That means ensuring all your personal social media is set to private and checking to make sure you haven’t been the victim of any data breaches that may have occurred in the past.

If you’re an organisation you should consider what information you’re making publicly available. Does your website have a personal profile for each employee? Could there be list of your clients sitting in a cloud drive somewhere? Tracking down all this information can be time consuming but ultimately will go a long way in keeping you safe online.