So You Want to Be a Cyber Spook - Open Source Intelligence presented at Hacktivity 2012

by Jeff Bardin,

Tags: Security

Summary : Most organizations do not monitor their online postings with Cyber Operational Security in mind. Online postings across multiple protocols and web functions might allow your adversaries an opportunity to interpret or piece together critical information. Adversaries, hacktivists, cyber criminals, foreign intelligence services and hackers use multiple and overlapping collection efforts targeted against all sources of your organizational and employee information. Dossiers are created that determine the least path of resistance through your defenses. This talk covers the cyber intelligence lifecycle including examples of denial and deception. Open source intelligence (OSINT) is a critical aspect of asymmetric cyber warfare. It is part of the mosaic defense and one practiced as a method of unrestricted warfare.
Your countrys and organizations enemies scour blogs, forums, chat rooms and personal websites to piece together information that is used to harm your government and commercial organizations. Methods of cyber espionage, sock puppet creation, infiltration, data collection and analysis are covered. Case studies on creating your own personas while using OSINT tools will be discussed.