Tel: +44(0)1529 306284

Intelligence

Intelligence Services – OSINT

Open Source Intelligence or OSINT, is the application of information gathering from public sources. Relating to the collection, processing, analysis and exploitation of the data. We understand the diversity of data sources and how to apply information identified.

Sources information include; databases, published records, patent records and other data available to the public, effectively garnering such information, may require a variety of specialist techniques.

“The aggregation of data from a variety of sources invariably increases the value…”
Where sources of information are likely to include social media. It is especially relevant to ensure that any information garnered is both accurate and obtained in acceptable manner for litigation purposes. Simply acquiring a series of screenshots together with note making, may not be either sound or acceptable. Social media platforms are not designed to be ‘imaged or copied’ using conventional methods. Our tools and techniques are designed to meet those needs.

Most exercises typically fall into two areas of investigation, these are:

    • I. T. Security
    • Personal

These often form other elements of cases undertaken by CCC, examples of which would include, penetration testing, asset tracing or due diligence projects.

I.T. Security Assessment

The purpose of an intelligence gathering exercise as part of an I.T. security assessment is to establish the volume of information available within the public domain.

The amount of information provides an indication of the level of security that currently exists within an environment, together with potential areas of weakness. We have found that significant amounts of corporate information or ‘leaks’ into the public domain occur without the ‘owners’ knowledge. As mentioned, this information also provides attackers with potential areas to exploit. Conversely, little or no information in the public domain could indicate that applicable security measures are effective.

Intelligence | OSINT | Due Diligence | Computer Security | Computer Crime
Source data, targeted in this type of exercise typically includes but is not limited to:

    • DNS Records
    • Employee information, including email addresses
    • Geo-location and associated information
    • Internal phone numbers
    • IP address information
    • Mail exchange servers
    • Management structure
    • Network topography
    • Passwords
    • Press releases
    • Private information which may have been inadvertently published

Personal

The harvesting of data in relation to a specific individual(s), can be used in a variety of areas such as, human resources, vetting, due diligence and litigation. Personal information may include, addresses, affiliations, email addresses, social networking activity, telephone numbers, etc.

One of these subsets is Social Media Intelligence (SMI). This consists of the monitoring of social channels, conversations, tweets and trends. Some sources of social media include Facebook, Flickr, Instagram, Snapchat or Twitter.

SMI exercises, have significantly increased over recent years and have proved relevant in both prosecution and defence cases, involving:

    • Asset Tracing
    • Blackmail
    • Cyber Bullying
    • Fraud
    • Human Resources
    • Intellectual Property
    • Matrimonial
    • Negotiation
    • Tracing enquiries

“The aggregation of data from a variety of sources invariably increases the value…”

The purpose of an intelligence gathering exercise as part of an I.T. security assessment is to establish the volume of information available within the public domain.

For more information on intelligence services we are able to provide.
Tel: +44 (0) 1529 306284. or Email: contact@ccc-ltd.com
For examples of projects and cases undertaken: Click Here...