One of the key things we do at Fivecast is to “lower the technical bar of entry” for our clients into the world of Open-Source Intelligence (OSINT).
Sounds nice. But what does it actually mean? How is that going to help your team’s intelligence mission?
To explain let me start with a few fundamentals. The internet is often described as the combination of Surface, Deep and Dark Webs. What this means in practice is that you can point your internet browser at the Surface Web, search for what you need and it all comes back for you to sift through. Simple right? We don’t need help to do that!
Well, that depends.
A lot of complexity lurks behind that simple internet search. It gets logged, recorded, indexed and A LOT of other users take note of what you just did. These ‘users’ monitor your internet searches for a range of very valid reasons – to optimize your user-experience – to get you to your desired data quicker the next time around. It could be an advertising company sweeping up user interest to sell more things. All perfectly normal in a digital world.
You should always assume every site you visit on any web is logging the fact you were there.
But there are other much more nefarious users also taking careful note of what you did. As a basic example, those familiar with packet analyzers will know how powerful these can be for any hacking operations.
Is there one lurking on your network? Where is your internet endpoint? Are you using a properly configured VPN? What does your internet digital “footprint” look like to the outside? Are the identities of your team members being exposed there?
Does your team have the skills and knowledge to confidently know the answers to these questions? If not, we should talk.
Are your teams exposing a digital footprint to their online targets?
Let’s remember, I’m just talking about a simple search from an internet browser here. Things get exponentially more complex (and dangerous) if you’re accessing Deep and Dark Web content as part of your intelligence mission. In those parts of the web, the surveillance of your browsing – what, when, how and WHO your teams are looking at – is far more focussed, the risks more severe, and as analysts and investigators you need high levels of tradecraft to operate effectively here – without risking exposure to a range of dangerous actors, not least of which could be your targets.
Here I’ve covered a few fundamental considerations for your team’s online footprint that, if not managed carefully, could see your activities exposed to a range of nefarious actors. A genuine threat to the success of intelligence operations, your organization’s reputation, or worse, the safety of your people.
It makes no sense to tackle these risks alone. At Fivecast our powerful ONYX collection and analysis platform – backed by industry leading technical and tradecraft support – can take the technical risk away from your OSINT mission. Freeing up your analysts and investigations to do what they do best, without having to constantly look over their virtual shoulder to see who’s lurking behind.
Email firstname.lastname@example.org to request the Fivecast OSINT Information Security Paper.