BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Linking The OSINT To The Employees

This article is more than 5 years old.

Getty

While surveying the types of Open Source Intelligence (OSINT) that comes from it, social media continues to be a goldmine of OSINT. As a society, we walk around with computers in our pockets and we are more connected and intimate in sharing our lives than ever before. In my previous article, I talked about the OSINT of Instagram. This article will discuss LinkedIn.

LinkedIn was developed as a business-oriented social network in 2002 before it was sold to Microsoft in 2016. Unlike Facebook, Twitter, Instagram, etc., it was designed to be a place for people to connect on a professional level. Instead of adding celebrities, friends and family, the expectation was that people would add business partners, colleagues, vendors and customers.

While I assume you probably have more than one person in your LinkedIn connections list that uses it more like Facebook and shares political material or memes, unfortunately, that is not even the most concerning types of post or content. I am sure this will feel like a recurring theme, but I will reiterate. People overshare information. In the technology space, people routinely post questions for technical support (as if it is a forum like Stack Overflow or a similar forum) or talk very specifically about their achievements or problems.

Since LinkedIn does have a job search function and there are options to let recruiters know one is in the market for a new position, there will be verbosity in some people's experience in their profiles. Like resumes, these profiles will contain specific information about technologies used (and version numbers), specific projects, specific teams and clients that the person may have worked with. In researching this article, I selected a connection and viewed their profile to see what I could collect from them. While they did not mention any specific technologies, they had uploaded their resume with their home address, email address, phone number and security clearance level on it. The resume did mention that their employer just opened a new failover data center in Sacremento and who the contractor was.

Selecting a more technical connection for the next sample, a Senior Security Analyst at a large consulting firm, I was able to find out that they were using iSensor, Cisco Firewalls, Cisco IDS/IPS, Sourcefire, Fortigate, Sonic Wall, Logvault, Palo Alto Firewalls and Carbon Black. In a previous role, this person also worked on networking infrastructure for VOIP. Wouldn't you know that they listed the vendor that they used while at their previous employer (which was named)? This is all too common.

Due to the nature of the platform, people use it to acquire customers and land their next jobs. Because salespeople are attempting to work, they will provide a lot of information about the product or service that they are pushing. These same people are expert social engineers that ask probing questions like "What problems do you face at work?" or "What keeps you up at night?" Given that salespeople typically attempt to appear to be likable (we know that not all are), they are attempting to use one of Dr. Robert Cialdini's 6 Principles of Persuasion: Likeability. The complete list of principles are as follows (I will write a later article about these principles):

  1. Authority
  2. Urgency/Scarcity
  3. Commitment and Consistency
  4. Social Proof
  5. Reciprocity
  6. Likability

I also like to use a free open source tool, called InSpy to help enumerate information from LinkedIn. This is a python based tool that will enumerate employees of a target company, scrape their names and will use the API from Hunter.io to assemble a list of email addresses with the observed syntax from Hunter. The output of this tool prints the results to the screen and writes the results to an HTML file. The file will contain names, titles and email addresses.

In conclusion, training, the same mitigation as I mentioned with Instagram, still applies. It is the best first line of defense. Additionally, performing analysis and using tools like InSpy to see what is out there about your company is an additional measure of value. Since you are only searching for your company information, this should not be something that will cause employees to lose trust in you as their employer.

Another recommendation for employees is to use an abbreviation or acronym of your company name (if your company is not routinely known by the abbreviation or acronym). I had to do this in a previous position because my title made salespeople think that I had purchasing power. My email was getting blown up repeatedly and the receptionist at the time was adamant about putting the calls through to me despite my manager asking her not to. To be able to make it stop without doing something crazy, I just changed my employer name to an acronym of an abbreviation of the company name. This eventually made the emails to stop and the phone calls to slow down more and more over time.