DEFINING

OSINT

AND ITS USES

IN CYBERSECURITY

DEFINING OSINT AND ITS USES

in CYBERSECURITY

WHAT IS OSINT?

An acronym standing for ‘open-source intelligence’, OSINT Although open-source intelligence has now spilled over

refers to the extraction and analysis of open-data – to commercial sectors, where it is leveraged in various ways,

information which is in the public domain and legally its importance for law enforcement agencies (LEAs) and
accessible to all. While the name evokes espionage,
intelligence bureaus has become ever more profound.

the publicly open nature of its sources gives OSINT broader With 80-90% of crucial modern intelligence data rumoured

and less secretive modes of application, setting it apart

to come from open sources, OSINT is now a cornerstone

from what we might think of as traditional intelligence. of modern reconnaissance and investigation processes.

A CONCISE HISTORY OF OSINT

The use of OSINT to inform military decision making In the advent of the internet and the colossal rise of social
emerged during WWII when the US government began media, OSINT took on a new meaning and nature. The sheer
amassing intelligence on their adversaries through fastidiously profusion of open data that became available for analysis
studying newspapers, magazines, radio broadcasts, photos transformed OSINT from a little-known reconnaissance method
and other media, in an attempt to discern enemy strategies into a full-blown international industry spanning both public

and objectives.
and private sectors.

This practice was referred to as Research and Analysis, and

the department which carried out such operations formed

a branch of the Office of Strategic Services (OSS) – later to be

known as the CIA.

2022 01
DEFINING OSINT AND ITS USES

in CYBERSECURITY

CYBERSECURITY: A GLOBAL CONCERN

The figures surrounding cybercrime over the last decade make Not only is cybercrime the biggest and most intractable
for a sobering read. The global cost of cybercrime has doubled problem for all businesses worldwide today, it is also one

since 2015, from $3 trillion to $6 trillion, and is forecast

of the foremost concerns facing mankind at large. In the World
to continue growing at 15% each year, to reach $10.5 trillion
Economic Forum’s 2022 Global Risks Report, cybersecurity
by 2025. This represents the greatest transfer of economic failure was listed as one of the top-five global threats, alongside
wealth in history, putting entire markets and industries at risk.
the coronavirus pandemic and climate change.

CYBERSECURITY: A GLOBAL CONCERN

COVID-19 SOCIAL CRYPTOCURRENCY BREACH

ENGINEERING ADOP TION IGNORANCE
The coronavirus pandemic With phishing accounting
The perceived anonymity Once a data breach has
has triggered a surge in for 80% of security breaches, provided by cryptocurrencies occurred, every second that
cybercrime, with lockdowns social engineering represents has led to a wave of fresh passes is expensive. However,
and other restrictions the most common, and opportunities for companies take around 197
compelling organizations to fastest-growing of all cybercriminals. Using services days to notice a breach, and a
employ cloud-based services cybercrime tactics. Phishing
such as crypto mixers, illicit further 69 days to contain one.
to support remote workers. is particularly difficult to assets and proceeds can be Leaks contained within 30
However, such systems have combat because it essentially readily legitimized, opening days will save an enterprise
many more vulnerabilities than taps into human error and
new possibilities for fraud over $1 million. Response time
native infrastructures, and can slip beneath the radar
actors and operations across is crucial for mitigating costs.
individuals are more fallible of the most thoroughgoing
a number of sectors.
targets than organizations. security system.

2022 02
DEFINING OSINT AND ITS USES

in CYBERSECURITY

USES OF OSINT IN THE FIGHT

AGAINST CYBERCRIME

T hreat
OSINT methods and technologies are commonly used to identify breach surfaces,
In tell igence which could take a multitude of forms across open platforms. For instance, an
employee’s social media account publishing adverts would be a clear indication

of hacked credentials which could give the hackers access to a company’s critical
assets by extension. Sweeps performed by open-source intelligence tools can quickly
home in on an array of such vulnerabilities.

Data Leak Even with the most throughgoing precautions, companies must prepare for potential
Detect ion breaches, since they are almost inevitable. Open data is a uniquely effective resource
for finding evidence of a leak or security breach connected to the target. Indications
of data leaks appear online, but are often buried in the general flood of open data.
OSINT tools can continually monitor sources across the Surface, Deep, and Dark Web
so that when a breach does occur, it is identified promptly. This can save companies
millions of dollars.

date of breach 30 days

$3.09m C ost of breach i g n ora n ce $4.25m

Digi tal
Quality cybersecurity assessments often hinge on OSINT methods of profiling and link
Footprin t ing
analysis: by bringing together a subject’s interests, connections, affiliations, modes

of interaction, a detailed picture of the subject emerges. Such pictures can map out

a thorough description of a system’s vulnerabilities, cross-check data for reliability,

and embody evidence.

Inciden t
IR is a procedure for ensuring that an organization can effectively respond to security
Response breaches or cyberattacks as they arise. The process involves investigation, mitigation,
and recovery from security breaches, as well as prevention against future incidents.

By filtering open sources for the most up-to-date data iterations, OSINT solutions
allow security breaches to be accurately understood, greatly facilitating the challenge

of containment, and informing ever more effective preventative measures.

Social Corporate security units often leverage open data to determine employee
Engineering susceptibility to threat actors. By scanning employee accounts across social media
Coun termeasures and other services such as Outlook, Dropbox, etc., the subject’s activities can be
checked for phishing content, and the employee can also be assessed for their
capacity to deal with such threats.

Blockchain While there is a perceived anonymity to bitcoin and other cryptos, by using OSINT
Analysis tools to explore blockchains intelligently, laundering systems can be unpacked, and
transactions can be linked to other identifiers on the Surface Web, or even user crypto
addresses themselves. Also, because malicious addresses tend to appear in scam
reports, ongoing investigations, and social media discussions within the crypto
community, OSINT tools can quickly flag up suspect crypto entities.

2022 03
DEFINING OSINT AND ITS USES

in CYBERSECURITY

A SHIFTING LANDSCAPE

CHALLENGES SOLUTIONS

AMOUNT
OSINT investigators have to scour huge IT companies and governmental
OF DATA
volumes of data at demanding speeds. departments have developed
The gathering process is complex, automated solutions specifically

involving the identification, collection, for these purposes. By gaining access

and organization of vast reams

to a wide array of powerful search
of information. This then needs to be functions, users have far greater control
thoroughly filtered and subtly analysed over the way information is extracted:
to deliver actionable intelligence. relevant data can be zeroed in on, while
Furthermore, such processes must be superfluous material can be filtered
fast enough to deal with the speeds
away. This makes the gathering process,
of data generation, and decision making quicker, easier, and more focused,
in the contemporary digital age. resulting in greater overall productivity.

DATA Open sources require thorough OSINT technologies allow information

RELIABILITY verification from a range of data points to be cross-checked through

to be trusted. Since misinformation and the comparison of multiple sources.

propaganda is rife throughout the web, This process leads to a higher degree

open data gatherers face a minefield

of verification or invalidation which

of false or warped data that can mislead in turn, indicates the degree of reliability
investigations. for many types of information.

WORKFLOW
People continually need to vet the output The ever broadening use and versatility
SPEED
generated by OSINT to establish how of AI technologies such as machine
AND QUALITY
reliable the retrieved data actually is. learning and natural language
Such routine work consumes time and processing can take care of many
human resources, and often has
aspects of data retrieval, organization
a detrimental impact on a case’s and processing. AI models can quickly
progress. A major difficulty is that sort diverse, nebulous data into
investigators suffer from research coherent, workable material.

fatigue and make increasingly ineffective This means investigators can devote
decisions. Furthermore, since open data more energy and headspace to the
is naturally diverse, making connections decision-making process, which results
to ascertain accurate and current results in faster data extraction, more
can compound these pressures. sophisticated analysis, and ultimately
refined, superior intelligence.

DATA
Traditional databases used for criminal In providing totally up-to-date data

RELEVANCE investigations are often outdated, on people, events, and businesses,

particularly in the police service. open sources can be essential to

Consequently, a lot of data employed

the efficacy of investigative techniques.
in cases has either ceased to be
By qualitatively enriching collected data,
of relevance, or is actually erroneous. OSINT tools can provide a live, holistic
This can significantly curb investigation picture of what is actually happening.
processes and result accuracy.

2022 04
DEFINING OSINT AND ITS USES

in CYBERSECURITY

INDUSTRY POTENTIAL
As the necessity of OSINT techniques and tools has become The OSINT industry now comprises multi-million euro markets
ever more widespread and apparent, the field has seen
in all major regions of the globe – figures which are expected
an immense increase in investment. Huge commercial interest increase over the next decade to reach an estimated growth
from Law Enforcement, Cybersecurity, and Corporate Security value of 17.9% by 2028.
sectors have propelled the industry to its current, booming
international status, which is only set to continue expanding.

15% 18%

e urop e SL
12% custom e r s
22%
25% 247 18%
n a SL gb

custom e r s us

36 nl
26%
106 96 22 DE
fr

35 10%
23% 17 ch

24
es
IT
16 30 8% 13%
il

13% 9% 17 apac SL
mx
In
custom e r s 21%
12
m e a SL
16
39% 100
19% custom e r s
34%
53 9%
7%
5% 10% sg

11
17% Id

22
latam SL 21% br

custom e r s
40
15
39%
za

16% 11

EUROPE
CAGR: 19.3%

2020: Euro 697.35 Million

2028: Euro 2594.03 Million

NORTH AMERICA MEA

CAGR: 18.2%
CAGR: 17.0%

2020: Euro 1263.35 Million

2020: Euro 258.08 Million

2028: Euro 4370.4 Million

2028: Euro 819.80 Million

latAM APAC
CAGR: 10.7%
CAGR: 20.9%

2020: Euro 485.52 Million

2020: Euro 496.71 Million

2028: Euro 1002.22 Million 2028: Euro 2071.75 Million

* Note: The CAGR values in the figure have been Business Consulting Cybersecurity Edu Energy
estimated for the period of 2020-2028.
Finance Government and LEAs Healthcare IT (non-cybersecurity)
** Source: The Insight Partners Analysts Manufacturer Media / Journalism NGO Private Security
Retail & FMCG Companies Telecom Companies Other

2022 05
DEFINING OSINT AND ITS USES

in CYBERSECURITY

GROWTH DRIVERS

01
Global
02 03 04
The Explosion
Migration
The Maturity

Digitization and of Cybercrime to the Cloud of the Crypto

Data Trading Market
In IBM’s 2021 data breach The 2022 Global Risks Report Between 2020 and 2021
With a $3 trillion market
report, the tech giant by the World Economic Forum the internet population grew capital and Compound
announced a rise in costs
highlighted cybersecurity from 4.5 billion users to 5.2 Annual Growth Rate of more
from USD 3.86 million to USD failure as one of the top-five billion. This exponential than 60% recorded in 2021,
4.24 million, a rate of expense global threats, along with expansion, along with
cryptocurrencies have proved
which is only set to increase. coronavirus and climate the movement of valuable to make up a thriving market.
The task of monitoring and change. With cybercrime investigation data from Combined with other factors
countering data trading and expanding at a rate of 15% physical devices to servers, such as the merging of
leaks is a major challenge from year to year and costs now means the place to be cryptos with the orthodox
which OSINT tools can expected to hit $10 trillion by looking for leads and evidence financial market and
mitigate on a daily basis.
2025, OSINT tech is of is the online realms of social commercial banking, as

paramount importance to media and other platforms. well as the popularization

keep these figures in check.

of cryptocurrency mixers

as laundering tools,
blockchains have become

an indispensable resource

for LEAs and investigation

bureaus alike.

2022 06
DEFINING OSINT AND ITS USES

in CYBERSECURITY
ABOUT SOCIAL LINKS
Since the company’s foundation in 2015, Social Links has been With many clients from among the S&P 500 as well as
empowering LEAs, governmental bodies, businesses, and organizations operating at the highest levels of state, we have
commercial enterprises to harness OSINT in accomplishing established ourselves as a key company within the OSINT
core objectives, saving vast resources, and making the modern industry and continue to develop products that operate

digital world a safer place. at the forefront of a range of sectors including law enforcement,
national security, cybersecurity, insurance, banking, due
diligence, and more.

Our product line

sl sl private sl

professional platform api

AN ALL-IN-ONE OSINT TOOL FOR An enterprise-grade on-premise A suite of data extraction and analysis
CONDUCTING IN-DEPTH INVESTIGATIONS OSINT platform with customization methods across social media,
ACROSS SOCIAL MEDIA, BLOCKCHAINS, options, private data storage, and blockchains, messengers, and the
AND THE Dark Web our widest range of search methods Dark Web connected directly to your
in-house platform via our API

book a demo

2022 07