Identify business relationships

Business relationship information includes the associates of a target and may be discovered via social media sites such as LinkedIn or public press releases announcing new partnerships between organizations or people (such as key hire announcements in industry articles). This information may be used by an adversary to shape social engineering attempts (exploiting who a target expects to hear from) or to plan for technical actions such as exploiting network trust relationship. [1] [2]

ID: T1272

Tactic: People Information Gathering

Version: 1.0

Similar Techniques by Tactic

TacticTechnique
Organizational Information GatheringIdentify business relationships

Examples

NameDescription
APT16

APT16 spearphished journalists, apparently targeting those interested in contact information for DPP members or politicians.[3]

Detection

Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Searching publicly available sources that cannot be monitored by a defender. Much of this information is widely known and difficult to obscure.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Made easier by today's current social media.

References

  1. Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.
  2. Gregory Scasny. (2015, September 14). Understanding Open Source Intelligence (OSINT) and its relationship to Identity Theft. Retrieved March 1, 2017.