Hostile Profiling: Security Vulnerabilities from Open Sources – 2019 OSMOSIS Session Topic

David Benford

It is well known that there are many vulnerabilities around social media usage for both users and their organizations. In very recent times there has been a shift around how non-social data is shared online via both free and commercial platforms. When this data is combined with social media intelligence, it offers a powerful weapon for nefarious individuals, not forgetting hostile state actors and even the tabloid press to use against an individual, their family and their employer and colleagues.

Once effectively gathered, this intelligence can be used to locate an individual, identify patterns of life and target them accordingly. Many people are unaware of how they are sharing their personal details and what types of data may appear online. This is a particular risk for law enforcement, military, security services, diplomats and high profile people.

This dynamic presentation will demonstrate the methods used by hostile agents to digitally profile targets, their friends, families and colleagues through open sources. The subject matter will cover everything from the types of data users, sometimes unwittingly, share online that can create both privacy and security vulnerabilities. It will also offer some solutions around mitigation of such attacks.

Learning Objectives:

  • Have an improved understanding of how OSINT can be used by nefarious actors
  • An understanding of possible attack vectors derived from analysis of OSINT
  • An overview of how hostile actors can profile and how to help mitigate it