+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

Deep Dive. Exploring the Real-world Value of Open Source Intelligence. Edition No. 1

  • Book

  • 544 Pages
  • May 2023
  • John Wiley and Sons Ltd
  • ID: 5841966
Learn to gather and analyze publicly available data for your intelligence needs

In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.

In addition to a wide breadth of essential OSINT subjects, you’ll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes: - Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies - Methods for data analysis and collection relevant to today’s dynamic intelligence environment - Tools for protecting your own data and information against bad actors and potential adversaries

An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.

Table of Contents

Foreword xix

Preface xxi

Introduction xxv

Part I Foundational OSINT 1

Chapter 1 Open Source Intelligence 3

1.1 What Is OSINT? 3

1.2 A Brief History of OSINT 6

The Past 6

The Present 8

The Future 10

1.3 Critical Thinking 14

1.4 Mental Health 16

1.5 Personal Bias 17

1.6 Ethics 19

Chapter 2 The Intelligence Cycle 23

2.1 What Is the Intelligence Cycle? 23

2.2 Planning and Requirements Phase 24

2.3 Collection Phase 26

The Art of Pivoting 27

Overcoming OSINT Challenges 33

RESET Technique 33

Gap Analysis 34

Why We Have So Much Data 37

2.4 Documentation Methods 39

2.5 Processing and Evaluation Phase 44

Scoping 45

Data Enrichment 45

2.6 Analysis and Production Phase 47

Visualizations 47

2.7 Reporting 50

Report Tone 51

Report Design 51

Example Report 54

2.8 Dissemination and Consumption Phases 54

Tippers 55

Feedback Phase 55

Challenges in the Intelligence Cycle 55

Chapter 3 The Adversarial Mindset 57

3.1 Getting to Know the Adversary 57

3.2 Passive vs. Active Recon 64

Chapter 4 Operational Security 67

4.1 What Is OPSEC? 67

Threat Modeling 68

Persona Non Grata Method 68

Security or “Baseball” Cards 69

Attack Trees 71

4.2 Steps for OPSEC 72

Outlining the Five Steps of OPSEC 72

Step 1: Define Critical Information 72

Step 2: Analyze the Threat 72

Step 3: Determine Vulnerabilities 73

Step 4: Risk Assessment 73

Step 5: Apply Countermeasures 74

4.3 OPSEC Technology 77

Virtual Private Network 77

Why Use a VPN? 77

Choosing a VPN 78

VPN Concerns 78

Privacy Browsers 79

Tor 79

Freenet 80

I2p 82

Virtual Machine 83

Mobile Emulator 85

4.4 Research Accounts 85

4.5 Congratulations! 90

Part II OSINT Touchpoints 91

Chapter 5 Subject Intelligence 97

5.1 Overview 97

What Is Subject Intelligence? 98

Digital Footprint 98

Examining a Subject’s Pattern of Life 102

5.2 Names 106

Subject Names 106

Naming Conventions 107

Arabic Naming Conventions 107

Chinese Naming Conventions 109

Russian Naming Conventions 109

Name Searching Techniques 110

5.3 Subject Usernames 110

Username Searching Techniques 111

Correlating Accounts and Subject Information by Username 112

5.4 Subject Emails 116

How to begin connecting accounts 117

Correlating Accounts and Subject Information by Email 117

Google Accounts 119

Correlating an Email with a Domain 120

Email Verification 122

Privacy Emails 124

Data Breaches 125

5.5 Subject Phone Numbers 129

Typing Phone Numbers to additional selectors 129

Correlating a Phone Number with a Subject 129

Phone Number Spoofing 131

5.6 Public Records and Personal Disclosures 132

Methods for incorporating public records searches 132

Collecting Public Records Associated with a Subject 132

U.S. Official Public Record Sources 134

U.S. Unofficial Sources 142

Chapter 6 Social Media Analysis 145

6.1 Social Media 145

Key Parts of Social Media 146

Collecting Social Media Data on a Subject 148

Correlating Subject Social Media Accounts 149

Subject Associations and Interactions on Social Media 151

User Media and Metadata 156

Social Media Pivots at a Glance 159

6.2 Continuous Community Monitoring 160

Methods for the Continuous Monitoring of a Group 160

Facebook Groups 161

Telegram Channels 162

Reddit 164

4chan and 8kun 166

I Joined a Community, Now What? 167

I Am Unable to Join a Community, Can I Still Monitor Them? 168

6.3 Image and Video Analysis 169

How to Look at an Image/Video 169

Reverse Image Searching 172

Image- Based Geolocation 173

Image Analysis 173

Geolocation Steps 175

Image Analysis 177

Geolocation Steps 178

Image Analysis and Geolocation for Real- Time Events 181

6.4 Verification 184

Misinformation, Disinformation, and Malinformation 185

How Do We Verify If Content Is Mis/Dis/Mal? 186

Spotting a Bot Account or Bot Network 187

Visualizing and Analyzing Social Networks 190

Spotting Digitally Altered Content 193

Photo Manipulation 196

Video Manipulation 199

6.5 Putting It All Together 200

Chasing a Puppy Scam 200

Chapter 7 Business and Organizational Intelligence 209

7.1 Overview 209

What Is Organizational Intelligence? 209

7.2 Corporate Organizations 212

Understanding the Basics of Corporate Structure 213

Entity Types 213

7.3 Methods for Analyzing Organizations 215

Government Sources and Official Registers 216

Edgar 218

Annual Reports and Filings 219

Annual Report to Shareholders 220

Forms 10- K, 10- Q, and 8- K 220

Digital Disclosures and Leaks 220

Organizational Websites 221

Social Media for Organizations 225

Business Indiscretions and Lawsuits 226

Contracts 229

Government Contracts 229

Contract Reading 101 231

Power Mapping 239

Tips for Analyzing Organizations Outside the United States 243

Canada 243

United Kingdom 243

China 246

Russia 246

Middle East 249

7.4 Recognizing Organizational Crime 250

Shell Corporations 251

The “Tells” 252

7.5 Sanctions, Blacklists, and Designations 253

Organizations that designate sanctions 254

The United Nations Security Council 254

The Office of Foreign Assets Control 254

Other Blacklists 254

7.6 501(c)(3) Nonprofits 255

Primary Source Documents 256

IRS Form 990 256

IRS Tax Exempt Organization Search 257

Annual Reports 258

Consumer Reports and Reviews 259

Charity Navigator 259

7.7 Domain Registration and IP Analysis 260

An Organization’s IPs, Domain Names and Websites 261

What Is an IP address? 261

What Is a Domain Name? 261

What Is a Website, and Why Does All of This Matter? 261

Analyzing Organization Websites 262

Robots.txt 262

Website Design and Content 263

Website Metadata 264

Analyzing WHOIS Record Data 265

Analyzing IP Addresses 267

IP Addresses 101 267

What Can I Do with an IP Address? 269

Words of Caution 270

Chapter 8 Transportation Intelligence 273

8.1 Overview 273

What Is Transportation Intelligence? 273

The Criticality of Transportation Intelligence 274

Visual Intelligence 275

Spotters 275

Social Media Disclosures 276

Webcam 276

Satellite Imagery 278

Signal Detection 281

Understanding Navigational Systems 282

Dark Signals 284

Signal Spoofing 285

Identity Manipulation 287

GNSS Jamming 287

GNSS Meaconing 288

8.2 Vessels 289

Introduction to Maritime Intelligence 289

Types of Maritime Entities 289

Vessel Terminology 290

Maritime Discovery and Analysis Methods 291

Vessel Paths and Locations 292

Vessel Meetings 293

Port Calls 297

Maritime Entity Ownership and Operation 300

Maritime Critical Infrastructure and Entity Vulnerabilities 301

Ship-to-Shore Critical Infrastructure 302

8.3 Railways 305

Introduction to Railway Intelligence 305

Types of Railway Entities 306

Railway Terminology 307

Railway Discovery and Analysis Methods 308

Visual Identification of Rail Lines 308

Railway Routes and Schedules 314

Railway Entity Ownership and Operation 317

Railway Critical Infrastructure and Entity Vulnerabilities 318

8.4 Aircraft 323

Introduction to Aircraft Intelligence 323

Types of Aircraft 324

Parts of a Typical Jet 325

Aircraft and Air Travel Terminology 327

Aircraft Discovery and Analysis Methods 328

Identifying Aircraft 329

Flight Paths and Locations 346

Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349

Tracking Cargo 350

Notice to Air Missions (NOTAMs) 350

Air Traffic Control Communications 352

Aerodromes 352

Geolocation and Imagery Analysis of Aircraft 355

Aviation Entity Ownership and Operation 358

Aviation Critical Infrastructure and Entity Vulnerabilities 361

8.5 Automobiles 362

Introduction to Automotive Intelligence 362

Types of Automobile Entities 362

Automobile Terminology 363

Automobile Discovery and Analysis Methods 364

Identifying Automobiles 364

Tips for Monitoring and Analyzing Automobile Routes 371

Automobile Entity Ownership and Operation 374

Automobile Security and Technology 375

Chapter 9 Critical Infrastructure and Industrial Intelligence 379

9.1 Overview of Critical Infrastructure and Industrial Intelligence 379

What Is Operational Technology? 384

What Is IoT and IIoT? 385

9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387

Planning the Analysis 388

Five Possible Information Gathering Avenues 388

Visualizations 390

Plotting Locations with Google Earth Pro 391

Using Premade Visualizations 397

Public Disclosures 402

Contracts 402

Social Media 402

Job Advertisements 404

Company Disclosures 404

Infrastructure Search Tools 405

Censys.io 405

Kamerka 406

9.3 Wireless 408

Overview of Wireless Networks 408

Mobile Networks 409

War Driving 410

Low- Power Wide- Area Networks 412

Long Range Radio (LoRa) 412

Wireless SSID, BSSID, MAC 413

Service Set Identifier (SSID) 413

Basic Service Set Identifier (BSSID) 413

Extended Service Set Identifier (ESSID) 413

Media Access Control (MAC) Address 413

9.4 Methods for Analyzing Wireless Networks 415

Information Gathering Techniques 415

Here are some pivots for wireless network information gathering 415

Wi- Fi Searching Techniques 418

WiGLE 418

Plotting Wireless Locations with Google Earth Pro 421

Tower Searching Techniques 423

Chapter 10 Financial Intelligence 425

10.1 Overview 425

Financial Organizations 426

Financial Intelligence Units 426

Financial Crimes Enforcement Network 426

The Financial Action Task Force 426

The Federal Deposit Insurance Corporation 427

International Monetary Fund 427

Federal Financial Institutions Examination Council 427

The Office of Foreign Assets Control 428

10.2 Financial Crime and Organized Crime, Together Forever < 3 429

Transnational Criminal Organizations 430

Politically Exposed Person 432

Anti- Money Laundering 433

The Counter Financing of Terrorism 435

Tax Evasion, Tax Fraud, and Embezzlement 437

10.3 Methods for Analysis 438

Financial Identifiers 440

Issuer Identification Number 440

Routing Number (ABA Routing Numbers) 440

Society for Worldwide Interbank Financial Organization 440

Value- Added Tax 441

BIN- Bank Identification Number 441

Location- Based Resources 443

Drug Financing Analysis Resources 446

Organized Crime Analysis Resources 448

Negative News String Searching 449

Chapter 11 Cryptocurrency 451

11.1 Overview of Cryptocurrency 451

The Basics of Cryptocurrency 453

How Is Cryptocurrency Used and Transferred? 453

What Is a Cryptocurrency Wallet? 454

What Is Blockchain? 455

Types of Cryptocurrencies 457

Coin and Token Quick Reference 457

Bitcoin 458

Ether 458

Binance 458

Tether 459

Solana 459

Dogecoin 459

Monero (XMR) 459

What Is Cryptocurrency Mining and Minting? 460

Types of Verification 461

Public Blockchains vs. Private Blockchains 463

Why Tracking Cryptocurrency Matters 463

Money Laundering 464

Fraud, Illegal Sales, and CSAM/CSEM 467

11.2 The Dark Web 471

Overview of the Dark Web 471

Darknet Marketplaces 473

11.3 Methods for Cryptocurrency Analysis 475

Where to Begin? 475

Starting with a Subject of Interest 476

Starting with a Wallet of Interest 478

Tracing Cash- Outs at the Exchange Point 481

Following Cryptocurrency Mining Scripts 483

Starting with a Transaction of Interest 485

Chapter 12 Non-fungible Tokens 489

12.1 Overview of Non-fungible Tokens 489

NFT Crimes 490

Ponzi Schemes and Rug Pulls 490

Fake NFTs 491

Get Rich Quick 491

Phishing 491

12.2 Methods for Analyzing NFTs 491

By Wallet Number or Address 491

By Image 494

What Is ENS? 496

Look for Metadata 497

Chapter 13 What’s Next? 499

13.1 Thank You for Diving In with Me 499

Important Reminders 500

Index 503

Authors

Rae L. Baker