The Tao of Open Source Intelligence

The Tao of Open Source Intelligence

STEWART K. BERTRAM
Copyright Date: 2015
Published by: IT Governance Publishing
Pages: 137
https://www.jstor.org/stable/j.ctt155j4bh
  • Cite this Item
  • Book Info
    The Tao of Open Source Intelligence
    Book Description:

    What is OSINT and what can it do for you?

    The Internet has become the defining medium for information exchange in the modern world, and the unprecedented success of new web publishing platforms such as those associated with social media has confirmed its dominance as the main information exchange platform for the foreseeable future.

    But how do you conduct an online investigation when so much of the Internet isn't even indexed by search engines? Accessing and using the information that's freely available online is about more than just relying on the first page of Google results.

    Open source intelligence (OSINT) is intelligence gathered from publically available sources, and is the key to unlocking this domain for the purposes of investigation.

    Product overview

    The Tao of Open Source Cyber Intelligenceprovides a comprehensive guide to OSINT techniques, for the investigator:

    It catalogues and explains the tools and investigative approaches that are required when conducting research within the surface, deep and dark webs.It explains how to scrutinise criminal activity without compromising your anonymity - and your investigation.It examines the relevance of cyber geography and how to get round its limitationsIt describes useful add-ons for common search engines, as well as considering Metasearch engines (including Dogpile, Zuula, PolyMeta, iSeek, Cluuz, and Carrot2) that collate search data from single-source intelligence platforms such as Google.It considers deep web social media platforms and platform-specific search tools, detailing such concepts as concept mapping, Entity Extraction tools, and specialist search syntax (Google Kung-Fu).It gives comprehensive guidance on Internet security for the smart investigator, and how to strike a balance between security, ease of use and functionality, giving tips on counterintelligence, safe practices, and debunking myths about online privacy.

    OSINT is a rapidly evolving approach to intelligence collection, and its wide application makes it a useful methodology for numerous practices, including within the criminal investigative community.

    The Tao of Open Source Cyber Intelligenceis your guide to the cutting edge of this information collection capability.

    About the author

    Stewart K. Bertram is a career intelligence analyst who has spent over a decade working across the fields of counterterrorism, cyber security, corporate investigations and geopolitical analysis. The holder of a Master's degree in Computing and a Master of Letters in Terrorism studies, Stewart is uniquely placed at the cutting edge of intelligence and investigation, where technology and established tradecraft combine. Stewart fuses his academic knowledge with significant professional experience, having used open source intelligence on such diverse real-world topics as the terrorist use of social media in Sub-Saharan Africa and threat assessment at the London Olympic Games. Stewart teaches courses on open source intelligence as well as practising what he preaches in his role as a cyber threat intelligence manager for some of the world's leading private-sector intelligence and security agencies.

    eISBN: 978-1-84928-729-6
    Subjects: Technology

Table of Contents

  1. Front Matter
    (pp. 2-4)
  2. PREFACE
    (pp. 5-6)
  3. ABOUT THE AUTHOR
    (pp. 7-7)
  4. ACKNOWLEDGEMENTS
    (pp. 8-8)
  5. DEDICATION
    (pp. 9-9)
  6. Table of Contents
    (pp. 10-11)
  7. INTRODUCTION: “WHAT CAN OPEN SOURCE INTELLIGENCE DO FOR ME?”
    (pp. 12-20)

    …is probably the main question that you had in mind when you picked up this book.

    After spending more than a decade working within the field of intelligence and security, and five years teaching open source intelligence (OSINT) techniques to hundreds of professionals within the military, police, counter fraud, academia, non-governmental organisation (NGO) and government sectors, I have been asked that question a thousand times and I can honestly say that I am no closer to giving an accurate answer now than when I was originally asked the question.

    Although modern OSINT is many things, it’s perhaps easier to fully...

  8. CHAPTER 1: THE SURFACE WEB
    (pp. 21-56)

    The Surface Web is the most open and permissive of the three layers of cyberspace. Easily reachable via the most basic computer or mobile phone hardware, the Surface Web is something that almost everyone in the Western world and growing numbers in the developing world are becoming intimately familiar with. The Surface Web is the backbone for everyday business services such as email, web browsing, entertainment and commerce of all descriptions. With such a broad set of online resources available and the ease of access, the Surface Web is almost always the starting point of any OSINT project. Despite its...

  9. CHAPTER 2: DEEP WEB
    (pp. 57-82)

    Compared to the Surface Web and the Dark Web, the Deep Web is the most topographically complex of the three cyber domains, both in terms of the technology used to create the Deep Web and the way people use it. Although easily accessible with the web browsing software that is used to access the Surface Web, finding the valuable information that is locked within the Deep Web is more of an art than the science of Surface Web mining. A good way to conceptualise the investigative approach to the Deep Web is that information within this layer of cyberspace that...

  10. CHAPTER 3: THE DARK WEB
    (pp. 83-98)

    The Dark Web is the most secretive and potentially dangerous of the three layers of cyberspace that this book examines. Only reachable with specialist pieces of browsing software, this is the layer of cyberspace that you were warned about. The Dark Web is the place where drugs and guns are for sale in eBay-style marketplaces, where thousands of images of child pornography are stored in Wikipedia-style sites and where the worst of terrorists and serious organised criminals gather in the virtual world. The most obvious category of OSINT practitioner who will venture into this space is the one who has...

  11. CHAPTER 4: INTERNET SECURITY FOR THE SMART INVESTIGATOR
    (pp. 99-126)

    So far the author has sought to demonstrate the ‘art of the possible’ of a mature OSINT capability, and this book has paid little attention to the issue of operational security. This is partly due to the author’s ‘risk positive’ approach to intelligence and investigative work in general, but largely due to the fact that to fully appreciate the risks associated with OSINT research one must fully understand the potential of the capability. You as the reader may at this point be asking: ‘What are the risks involved in OSINT, and why should I care?’

    The answer depends on how...

  12. CONCLUSION
    (pp. 127-129)

    …was the opening line to this book. I hope you are now at least aware of how OSINT can benefit your professional practice, whatever that may be.

    Documenting knowledge in writing is relatively easy, as is reading and understanding documented knowledge; however, turning abstract knowledge into tangible gains in professional practice is a challenge. This is the challenge that you now face: taking abstract concepts and lists of tools and rehearsing and reconceptualising them within a personal framework, so that they become integrated into the day-to-day professional practice of the investigator. It is within this process that many investigators become...

  13. ANNEX A: TIPS FOR BUILDING A CREDIBLE SOCK PUPPET
    (pp. 130-132)
  14. ITG RESOURCES
    (pp. 133-137)