Summary of "Operations Security (OPSEC) tradecraft tips for online Open Source Intelligence (OSINT) Research"
Summary of "Operations Security (OPSEC) Tradecraft Tips for Online Open Source Intelligence (OSINT) Research"
Speaker: Nicodemus (also known as the Dutch Ocean Guy), an all-source analyst with over two decades of experience in law enforcement, specializing in open source intelligence and covert operations. He is currently a project manager at Bellingcat and co-founder of the Ocean Curious Project.
Main Ideas and Concepts:
- Importance of Operational Security (OPSEC):
- Derived from military practices, OPSEC is crucial for protecting sensitive information from adversaries.
- Everyone has something to protect, whether it's personal data, financial information, or professional secrets.
- Understanding Risks:
- Recognizing potential threats from adversaries, which could be individuals, organizations, or even nation-state actors.
- Assessing the impact of compromised information on personal safety and organizational integrity.
- Vulnerabilities in Online Research:
- The need to be aware of what information is publicly available about oneself and how it can be exploited.
- Examples include social media oversharing and data leaks from apps that collect personal information without user consent.
- Practical OPSEC Measures:
- Conducting ego searches to identify what information is available online about oneself.
- Using multiple search engines (e.g., Google, Bing, Yandex) to uncover different data points.
- Digital Footprint Awareness:
- Understanding what information devices share while browsing (IP address, geolocation, etc.).
- Using browser extensions to enhance privacy (e.g., HTTPS Everywhere, Privacy Badger, uBlock Origin).
- Behavioral Considerations:
- Adopting normal online behavior to blend in and avoid drawing attention.
- Being mindful of the language used and the way one interacts online to avoid revealing identity or intent.
- Tools and Techniques:
- Suggestions for browser extensions and settings to improve security (e.g., VPNs, incognito mode, script blockers).
- Recommendations for managing personal data, including using burner phones and avoiding linking personal accounts to work activities.
- Maintaining a Low Profile:
- The importance of blending in with the crowd and not standing out as a target.
- Creating plausible backstories for online identities to avoid suspicion.
- Ongoing Learning and Adaptation:
- Staying updated with OSINT techniques and tools through communities, newsletters, and social media.
Methodology and Instructions:
- Conduct Ego Searches:
- Use various search engines to find personal information that may be publicly available.
- Enhance Browsing Security:
- Install browser extensions such as:
- HTTPS Everywhere: Ensures connections to websites are secure.
- Privacy Badger: Blocks trackers.
- uBlock Origin: Blocks ads and potentially malicious content.
- Install browser extensions such as:
- Use VPNs:
- Always use a trusted VPN to encrypt internet traffic and mask IP address.
- Manage Digital Identity:
- Create separate identities for personal and professional use.
- Avoid using personal email or phone numbers for work-related accounts.
- Be Cautious with Sharing:
- Scrub metadata from photos before sharing.
- Avoid posting real-time location updates on social media.
- Practice Situational Awareness:
- Always think before acting online; consider the potential risks of any action.
Featured Speakers/Sources:
- Nicodemus (Dutch Ocean Guy)
- Bellingcat
- Ocean Curious Project
- Mikka Huffman (SANS SEC487 course)
- Michael Barcell (OSINT techniques)
This summary encapsulates the key points and lessons shared in the webinar, emphasizing the critical nature of operational security in online investigations and open source intelligence research.
Category
Educational
