Learn to gather and analyze publicly available data for your intelligence needs
In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.
In addition to a wide breadth of essential OSINT subjects, you’ll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes:
Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies
• Methods for data analysis and collection relevant to today’s dynamic intelligence environment
• Tools for protecting your own data and information against bad actors and potential adversaries
An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.
Author(s): Rae L. Baker
Edition: 1
Publisher: Wiley
Year: 2023
Language: English
Commentary: Publisher's PDF
Pages: 544
City: Hoboken, NJ
Tags: Image Analysis; Social Media; Critical Thinking; Business Intelligence; OSINT; Cryptocurrency; VPN; Threat Models; Intelligence; Tor; Video Analysis; NFT; OPSEC; Organizational Intelligence; Transportation Intelligence; Financial Intelligence
Cover
Deep Dive
Copyright Page
About the Author
About the Technical Editor
Acknowledgments
Contents at a Glance
Contents
Foreword
Preface
Who is this book for?
What can you learn?
Areas of Focus
Part I: Foundational OSINT
Part II: OSINT Touchpoints
Subject Intelligence
Social Media Analysis
Business and Organizational Intelligence
Transportation Intelligence
Critical Infrastructure and Industrial Intelligence
Financial Intelligence
Cryptocurrency
Non-fungible Tokens
Why learn OSINT skills?
Introduction
How I got started in OSINT
Part 1 Foundational OSINT
Chapter 1 Open Source Intelligence
1.1 What Is OSINT?
1.2 A Brief History of OSINT
The Past
The Present
The Future
1.3 Critical Thinking
1.4 Mental Health
1.5 Personal Bias
1.6 Ethics
Chapter 2 The Intelligence Cycle
2.1 What Is the Intelligence Cycle?
2.2 Planning and Requirements Phase
2.3 Collection Phase
The Art of Pivoting
Overcoming OSINT Challenges
RESET Technique
Gap Analysis
Why We Have So Much Data
2.4 Documentation Methods
2.5 Processing and Evaluation Phase
Scoping
Data Enrichment
2.6 Analysis and Production Phase
Visualizations
2.7 Reporting
Report Tone
Report Design
Example Report
2.8 Dissemination and Consumption Phases
Tippers
Feedback Phase
Challenges in the Intelligence Cycle
Chapter 3 The Adversarial Mindset
3.1 Getting to Know the Adversary
3.2 Passive vs. Active Recon
Chapter 4 Operational Security
4.1 What Is OPSEC?
Threat Modeling
Persona Non Grata Method
Security or “Baseball” Cards
Attack Trees
4.2 Steps for OPSEC
Outlining the Five Steps of OPSEC
Step 1: Define Critical Information
Step 2: Analyze the Threat
Step 3: Determine Vulnerabilities
Step 4: Risk Assessment
Step 5: Apply Countermeasures
4.3 OPSEC Technology
Virtual Private Network
Why Use a VPN?
Choosing a VPN
VPN Concerns
Privacy Browsers
Tor
Pros
Cons
Freenet
Pros
Cons
I2P
Pros
Cons
Virtual Machine
Mobile Emulator
4.4 Research Accounts
4.5 Congratulations!
Part 2 OSINT Touchpoints
Chapter 5 Subject Intelligence
5.1 Overview
What Is Subject Intelligence?
Digital Footprint
Examining a Subject’s Pattern of Life
5.2 Names
Subject Names
Naming Conventions
Arabic Naming Conventions
Chinese Naming Conventions
Russian Naming Conventions
Name Searching Techniques
5.3 Subject Usernames
Username Searching Techniques
Correlating Accounts and Subject Information by Username
5.4 Subject Emails
How to begin connecting accounts
Correlating Accounts and Subject Information by Email
Google Accounts
Correlating an Email with a Domain
Email Verification
Privacy Emails
Data Breaches
5.5 Subject Phone Numbers
Typing Phone Numbers to additional selectors
Correlating a Phone Number with a Subject
Phone Number Spoofing
5.6 Public Records and Personal Disclosures
Methods for incorporating public records searches
Collecting Public Records Associated with a Subject
U.S. Official Public Record Sources
U.S. Unofficial Sources
Chapter 6 Social Media Analysis
6.1 Social Media
Key Parts of Social Media
Collecting Social Media Data on a Subject
Correlating Subject Social Media Accounts
Subject Associations and Interactions on Social Media
User Media and Metadata
Social Media Pivots at a Glance
6.2 Continuous Community Monitoring
Methods for the Continuous Monitoring of a Group
Facebook Groups
Telegram Channels
Reddit
4chan and 8kun
I Joined a Community, Now What?
I Am Unable to Join a Community, Can I Still Monitor Them?
6.3 Image and Video Analysis
How to Look at an Image/Video
Reverse Image Searching
Image-Based Geolocation
Image Analysis
Geolocation Steps
Image Analysis
Geolocation Steps
Image Analysis and Geolocation for Real-Time Events
6.4 Verification
Misinformation, Disinformation, and Malinformation
How Do We Verify If Content Is Mis/Dis/Mal?
Spotting a Bot Account or Bot Network
Visualizing and Analyzing Social Networks
Spotting Digitally Altered Content
Photo Manipulation
Video Manipulation
6.5 Putting It All Together
Chasing a Puppy Scam
Chapter 7 Business and Organizational Intelligence
7.1 Overview
What Is Organizational Intelligence?
7.2 Corporate Organizations
Understanding the Basics of Corporate Structure
Entity Types
7.3 Methods for Analyzing Organizations
Government Sources and Official Registers
EDGAR
Annual Reports and Filings
Annual Report to Shareholders
Forms 10-K, 10-Q, and 8-K
Digital Disclosures and Leaks
Organizational Websites
Social Media for Organizations
Business Indiscretions and Lawsuits
Contracts
Government Contracts
Contract Reading 101
Power Mapping
Tips for Analyzing Organizations Outside the United States
Canada
United Kingdom
Case Study:
China
Russia
Middle East
7.4 Recognizing Organizational Crime
Shell Corporations
The “Tells”
7.5 Sanctions, Blacklists, and Designations
Organizations that designate sanctions
The United Nations Security Council
The Office of Foreign Assets Control
Other Blacklists
7.6 501(c)(3) Nonprofits
Primary Source Documents
IRS Form 990
IRS Tax Exempt Organization Search
Annual Reports
Consumer Reports and Reviews
Charity Navigator
7.7 Domain Registration and IP Analysis
An Organization’s IPs, Domain Names and Websites
What Is an IP address?
What Is a Domain Name?
What Is a Website, and Why Does All of This Matter?
Analyzing Organization Websites
Robots.txt
Website Design and Content
Website Metadata
Analyzing WHOIS Record Data
Analyzing IP Addresses
IP Addresses 101
What Can I Do with an IP Address?
Words of Caution
Chapter 8 Transportation Intelligence
8.1 Overview
What Is Transportation Intelligence?
The Criticality of Transportation Intelligence
Visual Intelligence
Spotters
Social Media Disclosures
Webcam
Satellite Imagery
Signal Detection
Understanding Navigational Systems
Dark Signals
Signal Spoofing
Identity Manipulation
GNSS Jamming
GNSS Meaconing
8.2 Vessels
Introduction to Maritime Intelligence
Types of Maritime Entities
Vessel Terminology
Maritime Discovery and Analysis Methods
Vessel Paths and Locations
Vessel Meetings
Port Calls
Maritime Entity Ownership and Operation
Ship-to-Shore Critical Infrastructure
Maritime Critical Infrastructure and Entity Vulnerabilities
Ship-to-Shore Critical Infrastructure
8.3 Railways
Introduction to Railway Intelligence
Types of Railway Entities
Railway Terminology
Railway Discovery and Analysis Methods
Visual Identification of Rail Lines
Railway Routes and Schedules
Railway Entity Ownership and Operation
Railway Critical Infrastructure and Entity Vulnerabilities
8.4 Aircraft
Introduction to Aircraft Intelligence
Types of Aircraft
Parts of a Typical Jet
Aircraft and Air Travel Terminology
Aircraft Discovery and Analysis Methods
Identifying Aircraft
Flight Paths and Locations
Limiting Aircraft Data Displayed and Private ICAO Addresses Listings
Tracking Cargo
Notice to Air Missions (NOTAMs)
Air Traffic Control Communications
Aerodromes
Geolocation and Imagery Analysis of Aircraft
Aviation Entity Ownership and Operation
Aviation Critical Infrastructure and Entity Vulnerabilities
8.5 Automobiles
Introduction to Automotive Intelligence
Types of Automobile Entities
Automobile Terminology
Automobile Discovery and Analysis Methods
Identifying Automobiles
Tips for Monitoring and Analyzing Automobile Routes
Automobile Entity Ownership and Operation
Automobile Security and Technology
Chapter 9 Critical Infrastructure and Industrial Intelligence
9.1 Overview of Critical Infrastructure and Industrial Intelligence
What Is Operational Technology?
What Is IoT and IIoT?
9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems
Planning the Analysis
Five Possible Information Gathering Avenues
Visualizations
Plotting Locations with Google Earth Pro
Using Premade Visualizations
Public Disclosures
Contracts
Social Media
Job Advertisements
Company Disclosures
Infrastructure Search Tools
Censys.io
Kamerka
9.3 Wireless
Overview of Wireless Networks
Mobile Networks
War Driving
Low-Power Wide-Area Networks
Long Range Radio (LoRa)
Wireless SSID, BSSID, MAC
Service Set Identifier (SSID)
Basic Service Set Identifier (BSSID)
Extended Service Set Identifier (ESSID)
Media Access Control (MAC) Address
9.4 Methods for Analyzing Wireless Networks
Information Gathering Techniques
Here are some pivots for wireless network information gathering
Wi-Fi Searching Techniques
WiGLE
Plotting Wireless Locations with Google Earth Pro
Tower Searching Techniques
Chapter 10 Financial Intelligence
10.1 Overview
Financial Organizations
Financial Intelligence Units
Financial Crimes Enforcement Network
The Financial Action Task Force
The Federal Deposit Insurance Corporation
International Monetary Fund
Federal Financial Institutions Examination Council
The Office of Foreign Assets Control
10.2 Financial Crime and Organized Crime, Together Forever <3
Transnational Criminal Organizations
Politically Exposed Person
Anti-Money Laundering
The Counter Financing of Terrorism
Tax Evasion, Tax Fraud, and Embezzlement
10.3 Methods for Analysis
Financial Identifiers
Issuer Identification Number
Routing Number (ABA Routing Numbers)
Society for Worldwide Interbank Financial Organization
Value-Added Tax
BIN-Bank Identification Number
Location-Based Resources
Drug Financing Analysis Resources
Organized Crime Analysis Resources
Negative News String Searching
Chapter 11 Cryptocurrency
11.1 Overview of Cryptocurrency
The Basics of Cryptocurrency
How Is Cryptocurrency Used and Transferred?
What Is a Cryptocurrency Wallet?
What Is Blockchain?
Types of Cryptocurrencies
Coin and Token Quick Reference
Bitcoin
Ether
Binance
Tether
Solana
Dogecoin
Monero (XMR)
What Is Cryptocurrency Mining and Minting?
Types of Verification
Public Blockchains vs. Private Blockchains
Why Tracking Cryptocurrency Matters
Money Laundering
Fraud, Illegal Sales, and CSAM/CSEM
11.2 The Dark Web
Overview of the Dark Web
Darknet Marketplaces
11.3 Methods for Cryptocurrency Analysis
Where to Begin?
Starting with a Subject of Interest
Baselining
Starting Wide
Narrowing Focus
Layering
Starting with a Wallet of Interest
Baselining
Starting Wide
Narrowing Focus
Layering
Tracing Cash-Outs at the Exchange Point
Following Cryptocurrency Mining Scripts
Starting with a Transaction of Interest
Baselining
Starting Wide
Narrowing Focus
Layering
Chapter 12 Non-fungible Tokens
12.1 Overview of Non-fungible Tokens
NFT Crimes
Ponzi Schemes and Rug Pulls
Fake NFTs
Get Rich Quick
Phishing
12.2 Methods for Analyzing NFTs
By Wallet Number or Address
By Image
What Is ENS?
Look for Metadata
Chapter 13 What’s Next?
13.1 Thank You for Diving In with Me
Important Reminders
Take Care of Yourself
Use Your Skill for Good
Never Stop Learning
Always Maintain Good OPSEC
Index
EULA
