The terms misinformation, disinformation and propaganda have become common, especially following the rise of social and digital media. Individuals, communities, organizations, and governments are impacted by the effects of misinformation, disinformation and propaganda. Within the Intelligence Community (IC) it is important to identify, monitor, assist and counter such narratives that have negative impacts. The use of OSINT as a tool allows organisations and governments to remain vigilant and resilient to ensure they can mitigate the consequences posed by misinformation, disinformation, and pr ..read more

In this blog entry we will look at how to use social media to identify bot-nets and other coordinated activity. The subject matter for this test case will be the US political landscape and attempts, both foreign and national to influence voters using coordinated messaging. While we are using this to explore threats to National political landscapes it can just as easily be setup to identify coordinated behaviour in cyber security, such as the use of Twitter botnets to provide Command and Control (C&C) to malware. It should be noted before we proceed that this blog and test case was not don ..read more

Use case The intent of this exercise was three-fold: Can Russian naval vessel movements be detected/monitored using social media? Can chatter from Russian Naval personnel be found, particularly posts made onboard a vessel with location services enabled; and Can intelligence about the vessel’s capabilities, mission or crew be derived from OSINT. Methodology Our tools were configured to detect mentions of Russian naval vessel names and the different classes of vessels, e.g. frigate, destroyer, submarine etc. This was done in both English and Russian languages. Filters were also set up to detec ..read more

In February 2022 an updated version of the information security standard ISO 27002:2022 was released by the International Organisation for Standardisation (ISO), with an updated version of ISO 27001 expected later this year. The ISO 27k standards are best practices that are internationally agreed upon by experts and provide the requirements for certified information security management systems (ISMS). The standards enable organisations of any kind to manage the security of their assets such as intellectual property, financial details, employee information or third party data. ISO 27002 define ..read more

Part 3: The risks posed to the Australian Market by the Conti Group This is the third part of a three-part investigative series on the Russian based Ransomware-as-a-Service (RaaS) group Conti. Each blog in the series, and our in-depth downloadable reports, focus on different aspects of Conti Group. The three parts of this series include: Part 1: Conti Group’s Financial Structure and Transaction History Part 2: Conti Group’s Organisational Structure, HR and Recruitment Processes Part 3: The Risks Conti Group Pose to the Australian Market Who are Conti Group? Conti is a ransomware-as-a-service ..read more

Part 1: Conti Group’s Organisational Structure, HR and Recruitment This is the second part of a three-part investigative series on the Russian based Ransomware-as-a-Service (RaaS) group Conti. Each blog in the series, and our in-depth downloadable reports, focus on different aspects of Conti Group. The three parts of this series include: Part 1: Conti Group’s Financial Structure and Transaction History Part 2: Conti Group’s Organisational Structure, HR and Recruitment Processes Part 3: The Risks Conti Group Pose to the Australian Market Who are Conti Group? Conti is a ransomware-as-a-service ..read more

Part 1: Conti Group’s Financial Structure and Transaction History This is the first part of a three-part investigative series on the Russian based Ransomware-as-a-Service (RaaS) group Conti. Each blog in the series, and our in-depth downloadable reports, focus on different aspects of Conti Group. The three parts of this series include: Part 1: Conti Group’s Financial Structure and Transaction History Part 2: Conti Group’s Organisational Structure, HR and Recruitment Processes Part 3: The Risks Conti Group Pose to the Australian Market Who are Conti Group? Conti Group is a Russian Federation b ..read more

On September 6th news broke regarding the release of Islamic States new magazine entitled Rumiyah… While early detection is key such events also present additional opportunities to identify persons of interest (POIs) that may not have previously been known. OSINT solutions provide that ability. In this blog post we will see how social media can be used to quickly identify POIs and other sources of intelligence such as propaganda and news repositories used by Islamic State supporters. It should be noted that before we proceed that throughout this use case we have redacted the usernames and li ..read more

Risk scoring is a way of generating a number which tells you how risky something is. Risk relates to the likelihood and consequence of an event occurring. A simple risk scoring model involves assigning a value to the likelihood and consequence of a risk eventuating. These risk values are then added together to provide an overall risk score. What are the benefits of risk scoring? Time. A risk score can be used as an initial check to determine if a risk requires further investigation. When resources are limited, risk scores can help you focus your efforts. For example, when assessing candidates ..read more

In this blog entry we will explore how to quickly identify credible sources of information using social media and location based intelligence. In the world of Open Source Intelligence there can be a lot of “noise”. This is particularly true during an event, or directly after an event. Identifying a credible source of information to help you gain situational awareness can be difficult during these periods. Having a source on the ground getting a first-hand view of what has or is happening can give you great insight into the situation. In this example, we will use location based intelligence to ..read more