Redazione RHC : 26 July 2025 19:39
The web contains a sea of information.
Between social networks, newspapers, specialized magazines, images, radio, and television… we use and produce a sea of public domain data, from which we can learn, understand, and use intelligently.
Information doesn’t have to be secret to be valuable.
Whether in the blogs we browse, the shows we watch, or the magazines we buy at the newsstand, there is an infinite supply of information that contributes to our understanding of the world and the phenomena that surround it.
Because the internet knows everything and, above all, remembers everything…
With the name Open Source Intelligence, abbreviated to OSINT, the Intelligence Community refers to information that is freely available access.
We’ve talked about social networks and mass media, but public sources also include government reports, political debates, conferences—in short, anything publicly accessible, whether from a magazine purchased at a newsstand or searchable through a standard internet search engine.
What we call OSINT has actually existed for hundreds of years, but with the advent of radio communications and then the internet, everything is now easier: obtaining large amounts of information from unclassified public sources.
Consider that on February 26, 1941, at a cost of $150,000 at the time, American President Roosevelt started an office called the Forein Broadcast Monitoring Service in Portland, Oregon, which later became the Foreign Broadcast Intelligence Service in 1941, after the surprise attack by the Imperial Japanese Navy on the Americans at Pearl Harbor.
This office, in fact, had the mandate to record, translate, transcribe, and analyze the shortwave propaganda radio programs broadcast to the United States by the Axis powers.
This office is obviously obsolete today, but unlike SIGINT, signals intelligence, HUMINT, human intelligence, and all other INT, OSINT for the Americans is not the responsibility of a single intelligence agency but of the entire apparatus of the United States such as the Central Intelligence Agency (CIA) and the National Security Agency (NSA) and so on.
Open Source Intelligence (not to be confused with open source software) is a discipline now closely linked to the world of Cyber Intelligence, and allows, through public sources, the generation of “knowledge,” through phases of validation, confirmation, and attribution of the so-called “source of dissemination.”
But what do you actually get with an OSINT analysis?
Well… let’s say it can be used for both legitimate and malicious purposes. Illicit activities.
Typically, all countries use these techniques to facilitate decision-making and validate both internal and external threats before taking targeted action.
For example, while a single threatening tweet might not be cause for concern, the same tweet would be interpreted differently if it were linked to a threat group known to be active in a specific sector.
One of the most important things to understand about open-source intelligence is that it is often used in combination with other subtypes of analysis such as closed-source intelligence (such as internal telemetry, underground communities and therefore darknets, or so-called CLOSINT) and external intelligence-sharing communities, to filter and verify the results.
But cybercriminals can also benefit from these techniques, for example to identify potential targets and exploit weaknesses in the networks of large organizations.
This process is the main reason why so many small and medium-sized businesses are hacked every year. It’s not because threat groups are particularly interested or aggressive in an organization, but rather because vulnerabilities in their network or website architecture are easily isolated, using simple open source intelligence techniques. In short, because they’re easy targets.
Analysis systems such as Shodan, ZoomEye, Censys, but also trivially various databreach collections or simple Google Dork, can identify In a short time and effortlessly, an organization can be attacked with ransomware and generate profit.
Because in almost all profit-making hacks, it’s the vulnerabilities themselves that sign the internet’s white paper—an attack, not the names of the organizations.
Open-source intelligence doesn’t just enable technical attacks on IT systems and networks. Cybercriminals can search for information on people and organizations that can be used to launch sophisticated social engineering campaigns using phishing, vishing, and much more.
Often, seemingly innocuous information shared via social networks and blogs can be used to develop highly convincing targeted social engineering campaigns, such as spear phishing, which in turn are used to trick users into compromising their organization’s network or resources.
So, let’s always remember that everything is on the internet, and the internet remembers everything.
Public images, information on social networks, metadata, and databases published following a data breach are indelible traces that can be used to launch attacks against our organizations and ourselves.
Proper use of digital technology (we always return, as you see, to digital civic education) is essential today to prevent our world from being invaded by potential attackers or simply by the curious.
Redazione