Identify business relationships
Business relationship information includes the associates of a target and may be discovered via social media sites such as LinkedIn or public press releases announcing new partnerships between organizations or people (such as key hire announcements in industry articles). This information may be used by an adversary to shape social engineering attempts (exploiting who a target expects to hear from) or to plan for technical actions such as exploiting network trust relationship.  
Similar Techniques by Tactic
|Organizational Information Gathering||Identify business relationships|
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Searching publicly available sources that cannot be monitored by a defender. Much of this information is widely known and difficult to obscure.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Made easier by today's current social media.
- Rotem Kerner. (2015, October). RECONNAISSANCE: A Walkthrough of the “APT” Intelligence Gathering Process. Retrieved March 1, 2017.
- Gregory Scasny. (2015, September 14). Understanding Open Source Intelligence (OSINT) and its relationship to Identity Theft. Retrieved March 1, 2017.