Detecting Corporate Data Leak Exposures With OSINT

Do you want to know one of the biggest cybersecurity risks out there for individuals and organizations? Publicly accessible information.

Every other week, you read about some massive organization that had their data hacked and released on the web. Sometimes, this data was out there on the dark web for months and months before anyone noticed, only becoming evident when the information was somehow used against them. But by the time that the organization is forced to take action, it’s often too late for anything but damage control.

How does this information get out there? Well…

What is Open Source Intelligence?

Having robust security measures in place can result in a false sense of security for many organizations and individuals. They might believe that all of their data is safe within the walls of their well-defended network. The reality is that there’s a ton of valuable intelligence that can be gathered from publicly available sources, and it’s 100% legal.

This can include data that has been leaked or even information that was made publicly available by you, your employees, or your organization as a whole. By using social engineering, bad actors can trawl job postings, reviews, public posts, press releases, LinkedIn profiles, and more to gather information that can be used to infiltrate your organization. Once they have this information, they can use phishing techniques and get someone to open an email attachment that could give them access to your network and data.

From there, they can drop that information into the dark web without your knowledge. Some people say that the human factor is the weak link in cybersecurity. Thankfully, with proper training and awareness, that link can be strengthened.

This isn’t the only way that confidential information about your company or your clients can get onto the web though. Often, misconfiguring your security solution or cloud storage can result in information that you think is protected to be spread around the internet, freely and legally.

So, what if there has already been a theft of sensitive information? How can you find out? Through an Open Source Intelligence (OSINT) Data Leak Assessment.

ComSec’s Data Leak Assessments

Wouldn’t it be great if there was a computer program that could automatically search the entire internet, looking for potentially leaked information? At the moment, that’s unfortunately just science fiction.

Here is the thing about doing leak assessments; you need a real person’s eyes on the system to get it done right. Automation is great for a lot of things, but if you want to make sure that your data is secure, you need someone knowledgeable doing the search. This is why ComSec has started to offer Corporate Data Leak Assessments. These assessments are done by our OSINT expert, working in conjunction with your team.

The whole point of an OSINT Data Leak Assessment is to assess the type and amount of sensitive data that can be accessed on the internet through legal and ethical means. Here’s the process:

First, you provide us with your company’s standard for documents that you deem sensitive. We use that information to develop a list of keywords (with your team’s input). We then create custom search engines designed to conduct tailored searches of the internet (including the deep web and the dark web) for your company’s information and data. Finally, we provide you with a comprehensive report of our findings, giving you an idea if your sensitive data is freely available online.

Once you have this information, you can use it to examine your network’s security controls, correct any issues, and take action to remove the discovered information from the internet. While a single Data Leak Assessment can help you find out about past leaks, you can improve your reaction time immeasurably if you implement periodic or incremental scans, which we would be happy to do!

Data Leak Assessments are just one of the ways that we are working to protect your confidential information. We offer several other services that can help secure your network and prevent intrusions before they even happen. If you’d like to learn more about these services, check them out here. And if you have any questions about our OSINT Data Leak Assessments, please feel free to contact us today!

About the Author:

J.D. LeaSure, CCISM, is the President / CEO of ComSec LLC, a global provider of world class counterespionage and TSCM / Cyber TSCM™ services. www.ComSecLLc.com