Why Open Source Intelligence?
Threats to cyber security are diverse, complex and at an unprecedented scale. Examples include stealing intellectual property and commercially sensitive data, such as key negotiating positions. Such attacks exploit information security weaknesses through the targeting of staff, premises, partners and supply chains both at home and abroad.
Any targeted attack of this nature always begins with background research or reconnaissance. This is known as Open Source Intelligence.
Threat actors will investigate how your organisation appears ‘from the outside’.
They will look for vulnerable staff, potential weaknesses in physical premises,
and flaws in your Internet-facing technology.
They will identify your premises and review them online to produce a shortlist
for examination in person.
Your registered domains, address ranges and Internet hosts will be discovered,
potentially exposing the software in use, and public-facing systems such as Outlook
Web Access will be identified.
Internet searches will reveal email addresses and associated employee information
from sites such as LinkedIn, which provide the raw material for spear phishing and
social engineering attacks.
What’s involved in Open Source Intelligence?
We use Open Source Intelligence techniques to profile your company and your employees. These techniques discover information that is publicly accessible, without contacting your company or your employees to elicit information.
Our goal is to provide you with a snapshot of the external view of your organisation from an unfriendly perspective.
Our Open Source Intelligence service consists of three elements: gathering information about your organisation, gathering technical information about your publicly-visible applications and infrastructure, and gathering information about your staff. Understanding how your organisation appears ‘from the outside’ will give you the information you need to ensure that your business is less vulnerable to attacks, whether existing or emerging.