Staying ahead of cyber threats in OSINT
Conducting OSINT investigations comes with inherent cybersecurity risks. With online privacy and anonymity as core principles of ethical OSINT, practitioners must continuously take steps to stay ahead of emerging technological threats. This requires vigilance in keeping up with the latest security issues, learning from past incidents, and improving personal practices.
Keeping up with privacy and security news
Monitoring cybersecurity and privacy news is essential for understanding the ever-evolving risk landscape. Subscribe to threat advisory services such as the following to receive timely notifications on vulnerabilities and new attack methods:
- CIS Cybersecurity Threats (https://www.cisecurity.org/cybersecurity-threats)
- US-CERT bulletins (https://www.cisa.gov/news-events/bulletins)
One of my personal favorites is in fact the US-CERT bulletins. Not only do they not favor any vendor, but their bulletins are really thorough.
Figure 2.14 – US-CERT bulletins
If you want to be like the cool kids in cyber security, you need to also be reading security blogs and news sites such as these:
- Krebs on Security (https://krebsonsecurity.com/
- Privacy News Online (https://www.privateinternetaccess.com/blog/)
- SCHMOOZE OSINT (https://www.sangoma.com/
These resources will help you to stay current on relevant developments.
You should also follow leading information security voices on social media and attend conferences such as DEF CON, Blackhat, or Bsides when possible.
Learning from past breaches and incidents
Studying major past breaches through post-mortem analyses reveals important lessons. The 2016 LinkedIn breach (https://www.forbes.com/sites/daveywinder/2024/01/23/massive-26-billion-record-leak-dropbox-linkedin-twitterx-all-named/?sh=2ab1fc93ab58) exposed how hacked third-party data enabled new attacks through information cascades. High-profile doxing and harassment campaigns such as Gamergate (https://www.nytimes.com/interactive/2019/08/15/opinion/what-is-gamergate.html) spotlight the real-world damages when OSINT is weaponized. Examining practices employed by rogue investigators also explains risks such as social engineering that ethical OSINT researchers must avoid.
