That catchy tune by Rockwell is applicable in today’s society. Social media and other online presences allow for Open Source Intelligence (OSINT) to proliferate. OSINT is a process that allows for the collection of information on a subject by using publicly accessible resources. This includes news, websites, blogs, forums, public databases and directories, articles and social media sites.
Examples of OSINT use can be using a search engine to ask questions. Or viewing tutorials on YouTube. Visit public forums for information. Search for friends or accounts to follow on social media platforms. Utilize OSINT tools to assist with monitoring of emerging threats. These are legitimate uses of OSINT that are common.
But how can OSINT be weaponized? Cyber crooks can collect data online in order to find vulnerabilities within a network. Then the information can be used in an attack to exploit these deficiencies and gain access to the infrastructure. Hackers may target social media websites, such as LinkedIn, in order to obtain information about employees of a particular organization. Using social engineering tactics, the miscreant may be able to obtain sensitive details that can foster their attack. There is danger of a personal nature as well. Evil doers may wish to stalk or harass an individual. By scouring publicly available details on social media sites they may be able to glean intelligence to fuel these efforts.
How can you avoid being investigated and discovered by bad actors using OSINT and targeting you?
Defend your network by staying on top of patches and firmware updates. Ensure you have a strong cybersecurity plan. Monitor user accounts and follow security best practices. Set your privacy settings on your social media accounts. Never share information about yourself that you would not want exposed to others. Delete or unsubscribe to old/unused social media accounts. Monitor your online presence by occasionally performing online searches to see what information is exposed. Of course, it is difficult to defend against what others may post about you. Control can be challenging.
If you are online, in any form, you can run but you cannot hide. What the world finds out about you is largely up to you.