CySA + Measure Up #2

Question 1

Which of the following is not a collection source for OSINT?
Google
Company file server
Company web site
Social media

Answer 1

A company file server is not a source of open source intelligence (OSINT). A file server, properly secured, would be in a company’s internal network. It would be protected by perimeter security controls, and certainly not be open to the public. Since open source intelligence is by definition publicly available information gathered from this server is not OSINT.
Social media is a source of OSINT. This publicly available information can lead to social engineering. For example, an employee’s connections on LinkedIn might point to a company’s major vendors, and then targeted phishing emails could be sent using that information to appear legitimate.
Google and other search engines are a source of OSINT. Google is able to efficiently search engines are a source of OSINT. Google is able to efficiently search through a trove of publicly available information. Advanced users can leverage Google search filters, often referred to as Google Dorking, to do even more powerful OSINT searches.
A company web site is a source of OSINT. For example, companies might provide a list of upper leadership with pictures and email addresses to be approachable and human. However, this reveals a lot to attackers that they can use as OSINT to fuel targeted spear phishing attacks.