Get in Touch Close Menu

Open Source Intelligence (OSINT)

Sapphire Cyber Security Services

Sapphire’s specialist OSINT team is tasked with analysing the information in the public domain about employees, management teams, suppliers and partners. It uses this data to build a picture of susceptible individuals hierarchies and targeting packages, and improve organisational awareness.

Informed: Get a clear picture of what your human attack surface looks like a threat actor for better visibility of human risk, as well as screening recruits and conducting due diligence.

Insightful: Run simulated attacks on individuals within your organisation to prepare target functions, such as finance, for real-world attacks.

Pragmatic: Foster a culture of security by combining simulated attacks with security awareness training.

1. What is Open Source Intelligence?

Open Source Intelligence, OSINT, refers to the practice of gathering publicly available or published information on a target. It is often used by an attacker when developing the reconnaissance phase of their targeting. OSINT can come from a variety of sources, including:

  • Academic publications, for example, research papers.
  • Media
  • Websites, social media, blogs
  • Public data such as open government documents

2. How would an attacker exploit open-source intelligence gathering?

In a threat context, OSINT is often used by an attacker looking to achieve a number of things:

i. Identify vulnerabilities to be exploited

ii. Understand suppliers for supply chain attacks

iii. Researching staff for social engineering attacks

3. What Information can be gathered by threat actors using OSINT?

A dedicated threat actor can collect the following information types on employees and companies:

  • Physical locations
  • Preferences and personal interests
  • Social network contacts
  • Preferred websites
  • Email addresses and aliases for personal approaches
  • Mobile information like device type, applications in use, and phone numbers
  • Software and hardware used
  • Issues with internal technology
  • Other PII

4. Why do you require OSINT services?

Finding the relevant information takes a significant amount of time and understanding of sources, especially if analysing a big group of people, such as a finance team at a large organisation. It is also often deemed to be outside of responsibilities by front line security teams, who do not have the necessary skills.