December 29, 2020
Open-source intelligence (OSINT) is nothing new – gathering publicly available information has been a key strategy for decades, especially in the intelligence world. As technology has become a non-negotiable part of everyday life, online presence went from nice-to-have to an absolute must both for private users and businesses. The dark web evolved and became the everyday mecca of cybercriminals. Next came the Covid-19 crisis which not only pushed up internet use but also transformed the way we use it. Thus, today, the importance of OSINT is more profound than ever.
Latest cybersecurity reports suggest retailers are an increasingly popular attack target, right behind financial services providers. Many retailers have begun to use OSINT to protect against such attacks, yet without the right OSINT strategy and the targeted tools, these companies are still vastly vulnerable.
What sets retailers apart from other types of businesses is their synchronous online and offline presence – web assets in addition to brick-and-mortar ones. This combination creates a whole other layer of challenges for retail security teams as attacks can be simultaneous, sequential, or bidirectional in their impact.
Access to publicly available data on online platforms can give retailers not just a panoramic view into customer satisfaction and sentiment, but also a deep understanding of active threats against their online and offline assets. Because these platforms use location as a key metric, data from these platforms become even more valuable.
As Covid-19 spreads, so do fraud and scams. We also see an increase in social media activity. Users turn to the best-known platforms as well as newer, niche, less regulated ones to report anything from critical local events to consumer-targeted phishing attacks. A day doesn’t go by without new reports of massive data breaches, scamming, or cybercrime occurring somewhere, implicating a loved retail brand. In such an environment, OSINT is even more important.
4 Situations Where OSINT Tools Come to the Rescue
With data from a variety of sources, OSINT supports the fight against real-world security risks as demonstrated in the scenarios below. Note that the common goal in each scenario is to access relevant data asap.
OSINT gets brand-relevant information from social media, including not just the mainstream platforms but also those that are less-regulated and/or are on the deep dark web. OSINT gathers data from marketplace listings where stolen items are for sale, from user posts that detail others’ or their own latest theft adventures, and from online discussion groups and pages where the subject is theft, shoplifting etc., among other sources. This information helps the retailer to adapt their online and in-store security practices in a timely fashion, locate suspects, and support law enforcement in their efforts.
- Gift Card Fraud
Like in theft, information on potential and/or existing gift card fraud is collected through social media, less regulated platforms as well as the dark web. These include relevant discussions, and marketplace listings and activity. This information helps the retailer to better understand fraudsters’ strategies and make the necessary adjustments to increase gift card security, online and offline.
- Scams and Cyberattacks
OSINT combs through social media and the dark web, in addition to paste sites and breached data repositories to find customer complaints, service disruption alerts, instances of account compromise as reported by users, all in order to identify breaches, DDoS attacks, scams, and other cyberattacks or imminent threats. It also uses personally identifiable information (PII) from staff or customers to boost its findings. With this information, the retailer is better equipped to respond early to indications of a data breach and improve security practices.
- Covid-19 and Other Real-World Crises
Once more, OSINT goes through social media, less regulated platforms, and the dark web forums, to identify news articles, breaking news alerts, relevant images and videos, and user posts from ground zero, as well as marketplace listings with scam or stolen products, and those forums that prey on chaos to leverage a cyberattack.
With this information, the retailer has a better grasp of the crisis – whether natural or manmade – and how its unfolding affects the retailer’s online and physical presence. It responds to the situation better and increases security, online, and offline.
The How’s and Why’s of Retail OSINT
In a crisis situation – or even on a calm peaceful day – it’s simply impossible to manually go through billions of social media posts, marketplace listings, and discussions and locate the critical security information the retailer needs. There are certain search and tracking tools that help reduce noise but it’s like putting a band-aid on a broken leg. The situation is much more complicated when it comes to the dark web, not to mention dangerous.
A good OSINT solution allows retailers to access the information they need through a single platform with the right targeted tools. Whether the retailer is interested in upholding a good brand reputation, avoid or manage a real-world crisis, prevent cyberattacks, minimize cyber threats, or all of these at once, a good OSINT solution is key.
To learn more about what OSINT can do for your retail business, schedule a consultation today.