44,30 €*
Versandkostenfrei per Post / DHL
Lieferzeit 1-2 Wochen
In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.
In addition to a wide breadth of essential OSINT subjects, you'll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes:
* Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies
* Methods for data analysis and collection relevant to today's dynamic intelligence environment
* Tools for protecting your own data and information against bad actors and potential adversaries
An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.
In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.
In addition to a wide breadth of essential OSINT subjects, you'll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes:
* Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies
* Methods for data analysis and collection relevant to today's dynamic intelligence environment
* Tools for protecting your own data and information against bad actors and potential adversaries
An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.
RAE BAKER is a Senior OSINT Analyst on the Dynamic Adversary Intelligence team at Deloitte specializing in maritime intelligence, human intelligence, corporate reconnaissance, and U.S. sanctions research. Rae is also a licensed private investigator and owns Kase Scenarios, an immersive training experience geared toward readying individuals for real-life OSINT work.
Foreword xix
Preface xxi
Introduction xxv
Part I Foundational OSINT 1
Chapter 1 Open Source Intelligence 3
1.1 What Is OSINT? 3
1.2 A Brief History of OSINT 6
The Past 6
The Present 8
The Future 10
1.3 Critical Thinking 14
1.4 Mental Health 16
1.5 Personal Bias 17
1.6 Ethics 19
Chapter 2 The Intelligence Cycle 23
2.1 What Is the Intelligence Cycle? 23
2.2 Planning and Requirements Phase 24
2.3 Collection Phase 26
The Art of Pivoting 27
Overcoming OSINT Challenges 33
RESET Technique 33
Gap Analysis 34
Why We Have So Much Data 37
2.4 Documentation Methods 39
2.5 Processing and Evaluation Phase 44
Scoping 45
Data Enrichment 45
2.6 Analysis and Production Phase 47
Visualizations 47
2.7 Reporting 50
Report Tone 51
Report Design 51
Example Report 54
2.8 Dissemination and Consumption Phases 54
Tippers 55
Feedback Phase 55
Challenges in the Intelligence Cycle 55
Chapter 3 The Adversarial Mindset 57
3.1 Getting to Know the Adversary 57
3.2 Passive vs. Active Recon 64
Chapter 4 Operational Security 67
4.1 What Is OPSEC? 67
Threat Modeling 68
Persona Non Grata Method 68
Security or "Baseball" Cards 69
Attack Trees 71
4.2 Steps for OPSEC 72
Outlining the Five Steps of OPSEC 72
Step 1: Define Critical Information 72
Step 2: Analyze the Threat 72
Step 3: Determine Vulnerabilities 73
Step 4: Risk Assessment 73
Step 5: Apply Countermeasures 74
4.3 OPSEC Technology 77
Virtual Private Network 77
Why Use a VPN? 77
Choosing a VPN 78
VPN Concerns 78
Privacy Browsers 79
Tor 79
Freenet 80
I2p 82
Virtual Machine 83
Mobile Emulator 85
4.4 Research Accounts 85
4.5 Congratulations! 90
Part II OSINT Touchpoints 91
Chapter 5 Subject Intelligence 97
5.1 Overview 97
What Is Subject Intelligence? 98
Digital Footprint 98
Examining a Subject's Pattern of Life 102
5.2 Names 106
Subject Names 106
Naming Conventions 107
Arabic Naming Conventions 107
Chinese Naming Conventions 109
Russian Naming Conventions 109
Name Searching Techniques 110
5.3 Subject Usernames 110
Username Searching Techniques 111
Correlating Accounts and Subject Information by Username 112
5.4 Subject Emails 116
How to begin connecting accounts 117
Correlating Accounts and Subject Information by Email 117
Google Accounts 119
Correlating an Email with a Domain 120
Email Verification 122
Privacy Emails 124
Data Breaches 125
5.5 Subject Phone Numbers 129
Typing Phone Numbers to additional selectors 129
Correlating a Phone Number with a Subject 129
Phone Number Spoofing 131
5.6 Public Records and Personal Disclosures 132
Methods for incorporating public records searches 132
Collecting Public Records Associated with a Subject 132
U.S. Official Public Record Sources 134
U.S. Unofficial Sources 142
Chapter 6 Social Media Analysis 145
6.1 Social Media 145
Key Parts of Social Media 146
Collecting Social Media Data on a Subject 148
Correlating Subject Social Media Accounts 149
Subject Associations and Interactions on Social Media 151
User Media and Metadata 156
Social Media Pivots at a Glance 159
6.2 Continuous Community Monitoring 160
Methods for the Continuous Monitoring of a Group 160
Facebook Groups 161
Telegram Channels 162
Reddit 164
4chan and 8kun 166
I Joined a Community, Now What? 167
I Am Unable to Join a Community, Can I Still Monitor Them? 168
6.3 Image and Video Analysis 169
How to Look at an Image/Video 169
Reverse Image Searching 172
Image- Based Geolocation 173
Image Analysis 173
Geolocation Steps 175
Image Analysis 177
Geolocation Steps 178
Image Analysis and Geolocation for Real- Time Events 181
6.4 Verification 184
Misinformation, Disinformation, and Malinformation 185
How Do We Verify If Content Is Mis/Dis/Mal? 186
Spotting a Bot Account or Bot Network 187
Visualizing and Analyzing Social Networks 190
Spotting Digitally Altered Content 193
Photo Manipulation 196
Video Manipulation 199
6.5 Putting It All Together 200
Chasing a Puppy Scam 200
Chapter 7 Business and Organizational Intelligence 209
7.1 Overview 209
What Is Organizational Intelligence? 209
7.2 Corporate Organizations 212
Understanding the Basics of Corporate Structure 213
Entity Types 213
7.3 Methods for Analyzing Organizations 215
Government Sources and Official Registers 216
Edgar 218
Annual Reports and Filings 219
Annual Report to Shareholders 220
Forms 10- K, 10- Q, and 8- K 220
Digital Disclosures and Leaks 220
Organizational Websites 221
Social Media for Organizations 225
Business Indiscretions and Lawsuits 226
Contracts 229
Government Contracts 229
Contract Reading 101 231
Power Mapping 239
Tips for Analyzing Organizations Outside the United States 243
Canada 243
United Kingdom 243
China 246
Russia 246
Middle East 249
7.4 Recognizing Organizational Crime 250
Shell Corporations 251
The "Tells" 252
7.5 Sanctions, Blacklists, and Designations 253
Organizations that designate sanctions 254
The United Nations Security Council 254
The Office of Foreign Assets Control 254
Other Blacklists 254
7.6 501(c)(3) Nonprofits 255
Primary Source Documents 256
IRS Form 990 256
IRS Tax Exempt Organization Search 257
Annual Reports 258
Consumer Reports and Reviews 259
Charity Navigator 259
7.7 Domain Registration and IP Analysis 260
An Organization's IPs, Domain Names and Websites 261
What Is an IP address? 261
What Is a Domain Name? 261
What Is a Website, and Why Does All of This Matter? 261
Analyzing Organization Websites 262
[...] 262
Website Design and Content 263
Website Metadata 264
Analyzing WHOIS Record Data 265
Analyzing IP Addresses 267
IP Addresses 101 267
What Can I Do with an IP Address? 269
Words of Caution 270
Chapter 8 Transportation Intelligence 273
8.1 Overview 273
What Is Transportation Intelligence? 273
The Criticality of Transportation Intelligence 274
Visual Intelligence 275
Spotters 275
Social Media Disclosures 276
Webcam 276
Satellite Imagery 278
Signal Detection 281
Understanding Navigational Systems 282
Dark Signals 284
Signal Spoofing 285
Identity Manipulation 287
GNSS Jamming 287
GNSS Meaconing 288
8.2 Vessels 289
Introduction to Maritime Intelligence 289
Types of Maritime Entities 289
Vessel Terminology 290
Maritime Discovery and Analysis Methods 291
Vessel Paths and Locations 292
Vessel Meetings 293
Port Calls 297
Maritime Entity Ownership and Operation 300
Maritime Critical Infrastructure and Entity Vulnerabilities 301
Ship-to-Shore Critical Infrastructure 302
8.3 Railways 305
Introduction to Railway Intelligence 305
Types of Railway Entities 306
Railway Terminology 307
Railway Discovery and Analysis Methods 308
Visual Identification of Rail Lines 308
Railway Routes and Schedules 314
Railway Entity Ownership and Operation 317
Railway Critical Infrastructure and Entity Vulnerabilities 318
8.4 Aircraft 323
Introduction to Aircraft Intelligence 323
Types of Aircraft 324
Parts of a Typical Jet 325
Aircraft and Air Travel Terminology 327
Aircraft Discovery and Analysis Methods 328
Identifying Aircraft 329
Flight Paths and Locations 346
Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349
Tracking Cargo 350
Notice to Air Missions (NOTAMs) 350
Air Traffic Control Communications 352
Aerodromes 352
Geolocation and Imagery Analysis of Aircraft 355
Aviation Entity Ownership and Operation 358
Aviation Critical Infrastructure and Entity Vulnerabilities 361
8.5 Automobiles 362
Introduction to Automotive Intelligence 362
Types of Automobile Entities 362
Automobile Terminology 363
Automobile Discovery and Analysis Methods 364
Identifying Automobiles 364
Tips for Monitoring and Analyzing Automobile Routes 371
Automobile Entity Ownership and Operation 374
Automobile Security and Technology 375
Chapter 9 Critical Infrastructure and Industrial Intelligence 379
9.1 Overview of Critical Infrastructure and Industrial Intelligence 379
What Is Operational Technology? 384
What Is IoT and IIoT? 385
9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387
Planning the Analysis 388
Five Possible Information Gathering Avenues 388
Visualizations 390
Plotting Locations with Google Earth Pro 391
Using Premade Visualizations 397
Public Disclosures 402
Contracts 402
...Erscheinungsjahr: | 2023 |
---|---|
Genre: | Importe, Informatik |
Rubrik: | Naturwissenschaften & Technik |
Medium: | Taschenbuch |
Inhalt: | Foreword xixPreface xxiIntroduction xxvPart I Foundational OSINT 1Chapter 1 Open Source Intelligence 31.1 What Is OSINT? 31.2 A Brief History of OSINT 6The Past 6The Present 8The Future 101.3 Critical Thinking 141.4 Mental Health 161.5 Personal Bias 171. |
ISBN-13: | 9781119933243 |
ISBN-10: | 1119933242 |
Sprache: | Englisch |
Herstellernummer: | 1W119933240 |
Einband: | Kartoniert / Broschiert |
Autor: | Baker, Rae L. |
Hersteller: | Wiley John + Sons |
Verantwortliche Person für die EU: | Produktsicherheitsverantwortliche/r, Europaallee 1, D-36244 Bad Hersfeld, gpsr@libri.de |
Maße: | 232 x 187 x 31 mm |
Von/Mit: | Rae L. Baker |
Erscheinungsdatum: | 18.05.2023 |
Gewicht: | 0,988 kg |
RAE BAKER is a Senior OSINT Analyst on the Dynamic Adversary Intelligence team at Deloitte specializing in maritime intelligence, human intelligence, corporate reconnaissance, and U.S. sanctions research. Rae is also a licensed private investigator and owns Kase Scenarios, an immersive training experience geared toward readying individuals for real-life OSINT work.
Foreword xix
Preface xxi
Introduction xxv
Part I Foundational OSINT 1
Chapter 1 Open Source Intelligence 3
1.1 What Is OSINT? 3
1.2 A Brief History of OSINT 6
The Past 6
The Present 8
The Future 10
1.3 Critical Thinking 14
1.4 Mental Health 16
1.5 Personal Bias 17
1.6 Ethics 19
Chapter 2 The Intelligence Cycle 23
2.1 What Is the Intelligence Cycle? 23
2.2 Planning and Requirements Phase 24
2.3 Collection Phase 26
The Art of Pivoting 27
Overcoming OSINT Challenges 33
RESET Technique 33
Gap Analysis 34
Why We Have So Much Data 37
2.4 Documentation Methods 39
2.5 Processing and Evaluation Phase 44
Scoping 45
Data Enrichment 45
2.6 Analysis and Production Phase 47
Visualizations 47
2.7 Reporting 50
Report Tone 51
Report Design 51
Example Report 54
2.8 Dissemination and Consumption Phases 54
Tippers 55
Feedback Phase 55
Challenges in the Intelligence Cycle 55
Chapter 3 The Adversarial Mindset 57
3.1 Getting to Know the Adversary 57
3.2 Passive vs. Active Recon 64
Chapter 4 Operational Security 67
4.1 What Is OPSEC? 67
Threat Modeling 68
Persona Non Grata Method 68
Security or "Baseball" Cards 69
Attack Trees 71
4.2 Steps for OPSEC 72
Outlining the Five Steps of OPSEC 72
Step 1: Define Critical Information 72
Step 2: Analyze the Threat 72
Step 3: Determine Vulnerabilities 73
Step 4: Risk Assessment 73
Step 5: Apply Countermeasures 74
4.3 OPSEC Technology 77
Virtual Private Network 77
Why Use a VPN? 77
Choosing a VPN 78
VPN Concerns 78
Privacy Browsers 79
Tor 79
Freenet 80
I2p 82
Virtual Machine 83
Mobile Emulator 85
4.4 Research Accounts 85
4.5 Congratulations! 90
Part II OSINT Touchpoints 91
Chapter 5 Subject Intelligence 97
5.1 Overview 97
What Is Subject Intelligence? 98
Digital Footprint 98
Examining a Subject's Pattern of Life 102
5.2 Names 106
Subject Names 106
Naming Conventions 107
Arabic Naming Conventions 107
Chinese Naming Conventions 109
Russian Naming Conventions 109
Name Searching Techniques 110
5.3 Subject Usernames 110
Username Searching Techniques 111
Correlating Accounts and Subject Information by Username 112
5.4 Subject Emails 116
How to begin connecting accounts 117
Correlating Accounts and Subject Information by Email 117
Google Accounts 119
Correlating an Email with a Domain 120
Email Verification 122
Privacy Emails 124
Data Breaches 125
5.5 Subject Phone Numbers 129
Typing Phone Numbers to additional selectors 129
Correlating a Phone Number with a Subject 129
Phone Number Spoofing 131
5.6 Public Records and Personal Disclosures 132
Methods for incorporating public records searches 132
Collecting Public Records Associated with a Subject 132
U.S. Official Public Record Sources 134
U.S. Unofficial Sources 142
Chapter 6 Social Media Analysis 145
6.1 Social Media 145
Key Parts of Social Media 146
Collecting Social Media Data on a Subject 148
Correlating Subject Social Media Accounts 149
Subject Associations and Interactions on Social Media 151
User Media and Metadata 156
Social Media Pivots at a Glance 159
6.2 Continuous Community Monitoring 160
Methods for the Continuous Monitoring of a Group 160
Facebook Groups 161
Telegram Channels 162
Reddit 164
4chan and 8kun 166
I Joined a Community, Now What? 167
I Am Unable to Join a Community, Can I Still Monitor Them? 168
6.3 Image and Video Analysis 169
How to Look at an Image/Video 169
Reverse Image Searching 172
Image- Based Geolocation 173
Image Analysis 173
Geolocation Steps 175
Image Analysis 177
Geolocation Steps 178
Image Analysis and Geolocation for Real- Time Events 181
6.4 Verification 184
Misinformation, Disinformation, and Malinformation 185
How Do We Verify If Content Is Mis/Dis/Mal? 186
Spotting a Bot Account or Bot Network 187
Visualizing and Analyzing Social Networks 190
Spotting Digitally Altered Content 193
Photo Manipulation 196
Video Manipulation 199
6.5 Putting It All Together 200
Chasing a Puppy Scam 200
Chapter 7 Business and Organizational Intelligence 209
7.1 Overview 209
What Is Organizational Intelligence? 209
7.2 Corporate Organizations 212
Understanding the Basics of Corporate Structure 213
Entity Types 213
7.3 Methods for Analyzing Organizations 215
Government Sources and Official Registers 216
Edgar 218
Annual Reports and Filings 219
Annual Report to Shareholders 220
Forms 10- K, 10- Q, and 8- K 220
Digital Disclosures and Leaks 220
Organizational Websites 221
Social Media for Organizations 225
Business Indiscretions and Lawsuits 226
Contracts 229
Government Contracts 229
Contract Reading 101 231
Power Mapping 239
Tips for Analyzing Organizations Outside the United States 243
Canada 243
United Kingdom 243
China 246
Russia 246
Middle East 249
7.4 Recognizing Organizational Crime 250
Shell Corporations 251
The "Tells" 252
7.5 Sanctions, Blacklists, and Designations 253
Organizations that designate sanctions 254
The United Nations Security Council 254
The Office of Foreign Assets Control 254
Other Blacklists 254
7.6 501(c)(3) Nonprofits 255
Primary Source Documents 256
IRS Form 990 256
IRS Tax Exempt Organization Search 257
Annual Reports 258
Consumer Reports and Reviews 259
Charity Navigator 259
7.7 Domain Registration and IP Analysis 260
An Organization's IPs, Domain Names and Websites 261
What Is an IP address? 261
What Is a Domain Name? 261
What Is a Website, and Why Does All of This Matter? 261
Analyzing Organization Websites 262
[...] 262
Website Design and Content 263
Website Metadata 264
Analyzing WHOIS Record Data 265
Analyzing IP Addresses 267
IP Addresses 101 267
What Can I Do with an IP Address? 269
Words of Caution 270
Chapter 8 Transportation Intelligence 273
8.1 Overview 273
What Is Transportation Intelligence? 273
The Criticality of Transportation Intelligence 274
Visual Intelligence 275
Spotters 275
Social Media Disclosures 276
Webcam 276
Satellite Imagery 278
Signal Detection 281
Understanding Navigational Systems 282
Dark Signals 284
Signal Spoofing 285
Identity Manipulation 287
GNSS Jamming 287
GNSS Meaconing 288
8.2 Vessels 289
Introduction to Maritime Intelligence 289
Types of Maritime Entities 289
Vessel Terminology 290
Maritime Discovery and Analysis Methods 291
Vessel Paths and Locations 292
Vessel Meetings 293
Port Calls 297
Maritime Entity Ownership and Operation 300
Maritime Critical Infrastructure and Entity Vulnerabilities 301
Ship-to-Shore Critical Infrastructure 302
8.3 Railways 305
Introduction to Railway Intelligence 305
Types of Railway Entities 306
Railway Terminology 307
Railway Discovery and Analysis Methods 308
Visual Identification of Rail Lines 308
Railway Routes and Schedules 314
Railway Entity Ownership and Operation 317
Railway Critical Infrastructure and Entity Vulnerabilities 318
8.4 Aircraft 323
Introduction to Aircraft Intelligence 323
Types of Aircraft 324
Parts of a Typical Jet 325
Aircraft and Air Travel Terminology 327
Aircraft Discovery and Analysis Methods 328
Identifying Aircraft 329
Flight Paths and Locations 346
Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349
Tracking Cargo 350
Notice to Air Missions (NOTAMs) 350
Air Traffic Control Communications 352
Aerodromes 352
Geolocation and Imagery Analysis of Aircraft 355
Aviation Entity Ownership and Operation 358
Aviation Critical Infrastructure and Entity Vulnerabilities 361
8.5 Automobiles 362
Introduction to Automotive Intelligence 362
Types of Automobile Entities 362
Automobile Terminology 363
Automobile Discovery and Analysis Methods 364
Identifying Automobiles 364
Tips for Monitoring and Analyzing Automobile Routes 371
Automobile Entity Ownership and Operation 374
Automobile Security and Technology 375
Chapter 9 Critical Infrastructure and Industrial Intelligence 379
9.1 Overview of Critical Infrastructure and Industrial Intelligence 379
What Is Operational Technology? 384
What Is IoT and IIoT? 385
9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387
Planning the Analysis 388
Five Possible Information Gathering Avenues 388
Visualizations 390
Plotting Locations with Google Earth Pro 391
Using Premade Visualizations 397
Public Disclosures 402
Contracts 402
...Erscheinungsjahr: | 2023 |
---|---|
Genre: | Importe, Informatik |
Rubrik: | Naturwissenschaften & Technik |
Medium: | Taschenbuch |
Inhalt: | Foreword xixPreface xxiIntroduction xxvPart I Foundational OSINT 1Chapter 1 Open Source Intelligence 31.1 What Is OSINT? 31.2 A Brief History of OSINT 6The Past 6The Present 8The Future 101.3 Critical Thinking 141.4 Mental Health 161.5 Personal Bias 171. |
ISBN-13: | 9781119933243 |
ISBN-10: | 1119933242 |
Sprache: | Englisch |
Herstellernummer: | 1W119933240 |
Einband: | Kartoniert / Broschiert |
Autor: | Baker, Rae L. |
Hersteller: | Wiley John + Sons |
Verantwortliche Person für die EU: | Produktsicherheitsverantwortliche/r, Europaallee 1, D-36244 Bad Hersfeld, gpsr@libri.de |
Maße: | 232 x 187 x 31 mm |
Von/Mit: | Rae L. Baker |
Erscheinungsdatum: | 18.05.2023 |
Gewicht: | 0,988 kg |