Skip to content

examples.md

Latest commit

 

History

History
82 lines (52 loc) · 6.4 KB

examples.md

File metadata and controls

82 lines (52 loc) · 6.4 KB

Table of Contents

This Readme, guide or how-to provides a comprehensive collection of tools and guidelines related to Operational Security (OPSEC) and Open-Source Intelligence (OSINT). These resources are applicable to various groups, including criminals, civilians, and law enforcement. Below are real-world examples illustrating how these tools and practices have been utilized across these groups:

Criminals: Leveraging OSINT for Malicious Activities

Sony Pictures Hack (2014)

Attackers conducted extensive OSINT to gather information about Sony's network infrastructure and employees1. They utilized publicly available data from social media profiles and company websites to craft targeted phishing emails, leading to a significant data breach.

Ashley Madison Breach (2015)

The "Impact Team"2 exploited OSINT techniques to access and leak sensitive user data from the Ashley Madison website. The breach exposed personal information of millions, leading to blackmail and public shaming.

Civilians: Utilizing OSINT for Advocacy and Investigation

Identification of Russian Soldiers in Ukraine Conflict 3 Online investigators used facial recognition tools like FindClone and PimEyes to identify Russian soldiers involved in the Ukraine conflict. By analyzing publicly available images and videos, they were able to match faces and uncover identities.

BBC Investigation into Cameroonian Military Abuses

The BBC4 employed OSINT techniques to verify the authenticity of a video showing Cameroonian soldiers executing civilians. By analyzing metadata, geolocation, and other open-source information, they confirmed the video's legitimacy.

Law Enforcement: Applying OSINT in Investigations

Tracking Stolen Property Online

Law enforcement agencies5 have increasingly used OSINT to monitor online marketplaces like Facebook Marketplace and OfferUp for stolen goods. By analyzing listings and user information, they can trace and recover stolen items.

Use of ShadowDragon's SocialNet

Agencies utilize tools like ShadowDragon's SocialNet6 to collect data from over 200 online sources. This assists in mapping social networks and identifying relationships between individuals, aiding in criminal investigations.

OPSEC Failures: Lessons from Real-World Mistakes

Guccifer 2.0's VPN Error

The hacker known as Guccifer 2.07 failed to activate a VPN before logging into a social media account, inadvertently revealing their real IP address. This mistake led to the identification of the hacker as a Russian GRU agent.

Silk Road's Ross Ulbricht

Ross Ulbricht8, the founder of the Silk Road marketplace, made critical OPSEC errors, such as using his personal email address in early communications. These mistakes facilitated law enforcement's efforts to trace and apprehend him.

These examples underscore the dual-edged nature of OSINT and OPSEC tools. While they offer powerful capabilities for information gathering and security, improper use or lapses in operational security can lead to significant consequences. Whether employed for malicious purposes, civic investigations, or law enforcement, adherence to best practices in OPSEC is crucial to safeguard individuals and operations.

References:

Footnotes

  1. “North Korean Regime-Backed Programmer Charged With Conspiracy To.” United States Department of Justice, 6 Feb. 2025, https://web.archive.org/web/20251006082434/https://www.justice.gov/archives/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and.

  2. Schifferle, L. W. (2016, December 14). Ashley Madison settles with FTC over data security. Federal Trade Commission. https://web.archive.org/web/20250801210212/https://www.ftc.gov/business-guidance/blog/2016/12/ashley-madison-settles-ftc-over-data-security

  3. Bhuiyan, Johana. “Ukraine Uses Facial Recognition Software to Identify Russian Soldiers Killed in Combat.” The Guardian, 24 Mar. 2022, www.theguardian.com/technology/2022/mar/24/ukraine-facial-recognition-identify-russian-soldiers.

  4. Human Rights Watch. "Cameroon: Soldiers Get 10 Years for Murder of Civilians." Human Rights Watch, 23 Sept. 2020, https://www.hrw.org/news/2020/09/23/cameroon-soldiers-get-10-years-murder-civilians.

  5. MPA, Brandon Burley. “OSINT Tools for Investigators to Track Criminal Activity Online.” Lexipol Media Group, 23 Aug. 2025, www.police1.com/investigations/thinking-like-a-criminal-how-osint-can-take-your-investigations-further.

  6. Department of Homeland Security. Freedom of Information Act (FOIA) Activity for the Week of March 20, 2025- March 26, 2025 DHS Privacy Office March 31, 2025 Weekly FOIA Report. 31 Mar. 2025, www.dhs.gov/sites/default/files/2025-07/25_0731_PRIV_Chief_FOIA_Officers_Weekly_Report_March_31_25_to_June_30_25.pdf.

  7. Department Of Justice. “Grand Jury Indicts 12 Russian Intelligence Officers for Hacking.” U.S. Department of Justice, 6 Feb. 2025, www.justice.gov/archives/opa/pr/grand-jury-indicts-12-russian-intelligence-officers-hacking-offenses-related-2016-election.

  8. “Ross Ulbricht, a/K/a ‘Dread Pirate Roberts,’ Sentenced in Manhattan.” U.S. Department of Justice, 29 May 2015, www.justice.gov/usao-sdny/pr/ross-ulbricht-aka-dread-pirate-roberts-sentenced-manhattan-federal-court-life-prison.