The Links Between OSINT (Open Source Intelligence) and Ransomware
The Information We Give Away to Strangers – For Free
Today’s lexicon is peppered with new words such as “phishing,” “vishing,” “spear phishing” and even “whaling.” While there are differences between these, they all amount to the same thing – the use of our personal information by threat actors to trick us into clicking, downloading or installing malicious code. Once infected, our computers, systems and devices become compromised in a mind-numbing ways – none of them good for us.
For all of the technological defensive mechanisms we can put into place, by far and without question, the single greatest risk-factor is – – us! Yes, we are the greatest threat to ourselves because threat actors need our help to infiltrate our own computers, systems and devices.
How do we help threat actors? By giving them our own personal information — for free.
The term “OSINT” refers to “Open Source Intelligence” which means all the free information about YOU which you’ve happily and willingly made available to strangers and threat actors alike, such as: Your name, your maiden name, your place of birth, date of birth, and marital status. The names of your family members, including elderly parents and young children, as well as all of their respective dates of birth, places of birth etc. We tell strangers where we work, when we work, who we work with, as well as our work email addresses, phone numbers, and extensions. We also announce the locations of our favorite restaurants, our gym, our children’s school, our hobbies and more.
From all of this personal information, threat actors create fake links for us to click on, or they easily guess our passwords, or trick us into giving up other crucial information which inevitably leads to the corruption or theft of our information, accounts, and worse.