Intelligence Services or OSINT
Intelligence or OSINT (Open Source Intelligence), is the application of information gathering from public sources. Relating to the collection, processing, analysis and exploitation of the data. We understand the diversity of data sources and how to apply information identified.
Sources information include; databases, published records, patent records, the dark web and other publicly available sources. Effectively garnering information may require a variety of specialist techniques.
“The aggregation of information, from a variety of sources, exponentially increases the cumulative value…”
Particularly, where sources of information include the dark web or social media may be need for litigation purposes. It will be necessary to ensure that the information obtained, is both accurate and acquired in acceptable manner. Simply acquiring a series of screenshots together with note making, may not be either sound or acceptable.
Social media platforms are not designed to be easily imaged or copied using conventional methods. We have both the tools and techniques to meet those needs.
Exercises typically fall into one of two broad areas of investigation, I. T. Security or Personal. These often form elements of other cases undertaken by CCC. such as risk assessment, penetration testing in relation to I.T. and various investigations, such as, asset tracing and due diligence exercises on a personal or corporate requirement.For examples of intelligence-based assignments →
I.T. Security Assessment
The amount of information available is likely to provide an indication of the level of security that currently exists within an environment, identifying potential areas of weakness.
We have found that significant amounts of corporate information leak into the public domain without the owner’s knowledge.
When identifying targets this is one of the first exercise an attacker will undertake, with a view to identifying areas to try and exploit. It follows that establishing that only agreed information is in the public domain would indicate that applicable security measures are effective.
Source data targeted in this type of exercise typically includes but is not limited to:
- DNS Records
- Employee data
- Email addresses
- Internal phone numbers
- IP address information
- Inadvertently published private data
- Mail exchange servers
- Management structure
- Network topography
- Press releases
The harvesting of data in relation to a specific individual(s) can be for a variety of purposes, including: human resources, vetting, due diligence, litigation.
Personal information may include, addresses, affiliations, email addresses, social networking activity, telephone numbers, etc.
A subset of OSINT known as SMI (Social Media Intelligence). This consists of the monitoring of social channels, conversations, tweets and trends.
Some sources of social media include Facebook, Flickr, Instagram, Snapchat or Twitter.
SMI exercises, have significantly increased over recent years and have proved relevant in the prosecution and defence of a number of cases, involving:
- Asset Tracing
- Cyber Bullying
- Human Resources
- Intellectual Property
- Tracing enquiries
“The aggregation of data from a variety of sources invariably increases intelligence…”
Our expertise and experience, uniquely combines electronic forensic skills, with an understanding of corporate finance.
Asset Tracing – Audit – Computer Security – Digital Forensics – Due Diligence – eDiscovery – Fraud Investigation
Intelligence Gathering -Passwords Analysis – Penetration Testing – Wireless Security
Services underpinned with expertise and experience.