Deep OSINT: Unlocking the Power of the Deep & Dark Web
2024-4-2 22:59:12 Author: securityboulevard.com(查看原文) 阅读量:6 收藏

Over the past decade, the Deep & Dark Web has emerged as a staggering repository of tens of billions of exposed identities adding up to more than one trillion identity assets exposed, an unprecedented volume that defied all expectations. These identities stem mostly from massive breaches, leakages affecting some of the world’s largest companies and organizations.

Classic Open Source Intelligence (OSINT) primarily depends on publicly available information that individuals consciously choose to share or make public. It involves gathering data from sources like social media, public records, websites, and publications. In this approach, investigators primarily work with data that authors, individuals, or organizations have intentionally put into the public domain. Classic OSINT very often depends on the mistakes or disclosures made by the subjects themselves, as they control what they choose to publish.

In stark contrast Deep OSINT data consists of information that was never intended for such widespread disclosure. It was very hard to imagine 10 years ago that our private information would be share in such scale. That is why Deep OSINT is so powerful in finding connection of bad actors: it’s information that they it was unintended, and they never thought that it would be made public.

Actor Investigations and the Role of Deep OSINT

What makes this reservoir of data truly remarkable is that it encapsulates the digital histories of most internet users spanning the last 15 years. This treasure trove of information has opened new horizons for large-scale investigations into actors operating on the internet.

Examples of this investigations are Reuters investigations of North Korean IT workers using fake names, sham LinkedIn profiles, counterfeit work papers and mock interview scripts,  and the many investigations that Brian Krebs has held taking down criminal networks

It’s crucial to emphasize that this resource should only be harnessed in the realms of fraud and crime investigations, where it can be an invaluable tool in the pursuit of justice and security.

Deep OSINT’s Critical Role in Fraud Detection

Automating these investigations at scale using AI allows the assessment of thousands or even millions of profiles for fraud detection.

In the fight against fraud, deep OSINT plays a pivotal role through:

  • Advanced KYC (Know Your Customer)
  • KYE (Know Your Employee) screening and Insider Detection,
  • Synthetic identity fraud detection, which spots fictitious identities created by merging real and fake information.

By harnessing the power of a data lake consisting of over one trillion assets, Constella Intelligence provides an unparalleled level of detection abilities, crucial in today’s intricate cyber threat landscape.

Deep OSINT as the New Frontier in Cyber Investigations and Fraud

Fraud detection Security service providers and enterprises can benefit immensely from deep OSINT capabilities. As evidenced by Constella Intelligence, whose expertise in AI-driven identity risk intelligence and deep OSINT investigations has set a benchmark in the industry, the integration of deep OSINT into security measures is not just an option—it is a necessity for robust digital defense mechanisms.

*** This is a Security Bloggers Network syndicated blog from Constella Intelligence authored by Laura Bruck. Read the original post at: https://constella.ai/deep-osint-unlocking-the-power-of-the-deep-dark-web/


文章来源: https://securityboulevard.com/2024/04/deep-osint-unlocking-the-power-of-the-deep-dark-web/
如有侵权请联系:admin#unsafe.sh