Acquire OSINT data sets and information
|Acquire OSINT data sets and information|
|Tactic||Technical Information Gathering|
Open source intelligence (OSINT) is intelligence gathered from publicly available sources. This can include both information gathered on-line, such as from search engines, as well as in the physical world.1
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Possible to gather technical intelligence about Internet accessible systems/devices by obtaining various commercial data sets and supporting business intelligence tools for ease of analysis. Commercial data set examples include advertising content delivery networks, Internet mapping/traffic collections, system fingerprinting data sets, device fingerprinting data sets, etc.
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: This activity is indistinguishable from legitimate business uses and easy to obtain. Direct access to the selected target is not required for the adversary to conduct this technique. There is a limited ability to detect this by looking at referrer fields on local web site accesses (e.g., a person who has accessed your web servers from Shodan).
Similar Techniques for Other Tactics
|Organizational Information Gathering||Acquire OSINT data sets and information|
|People Information Gathering||Acquire OSINT data sets and information|
|Technical Information Gathering||Acquire OSINT data sets and information|