Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
Deep Dive
Exploring the Real-world Value of Open Source Intelligence
Taschenbuch von Rae L. Baker
Sprache: Englisch

44,30 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

Lieferzeit 1-2 Wochen

Kategorien:
Beschreibung
Learn to gather and analyze publicly available data for your intelligence needs

In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.

In addition to a wide breadth of essential OSINT subjects, you'll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes:
* Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies
* Methods for data analysis and collection relevant to today's dynamic intelligence environment
* Tools for protecting your own data and information against bad actors and potential adversaries

An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.
Learn to gather and analyze publicly available data for your intelligence needs

In Deep Dive: Exploring the Real-world Value of Open Source Intelligence, veteran open-source intelligence analyst Rae Baker explains how to use publicly available data to advance your investigative OSINT skills and how your adversaries are most likely to use publicly accessible data against you. The author delivers an authoritative introduction to the tradecraft utilized by open-source intelligence gathering specialists while offering real-life cases that highlight and underline the data collection and analysis processes and strategies you can implement immediately while hunting for open-source info.

In addition to a wide breadth of essential OSINT subjects, you'll also find detailed discussions on ethics, traditional OSINT topics like subject intelligence, organizational intelligence, image analysis, and more niche topics like maritime and IOT. The book includes:
* Practical tips for new and intermediate analysts looking for concrete intelligence-gathering strategies
* Methods for data analysis and collection relevant to today's dynamic intelligence environment
* Tools for protecting your own data and information against bad actors and potential adversaries

An essential resource for new intelligence analysts, Deep Dive: Exploring the Real-world Value of Open Source Intelligence is also a must-read for early-career and intermediate analysts, as well as intelligence teams seeking to improve the skills of their newest team members.
Über den Autor

RAE BAKER is a Senior OSINT Analyst on the Dynamic Adversary Intelligence team at Deloitte specializing in maritime intelligence, human intelligence, corporate reconnaissance, and U.S. sanctions research. Rae is also a licensed private investigator and owns Kase Scenarios, an immersive training experience geared toward readying individuals for real-life OSINT work.

Inhaltsverzeichnis

Foreword xix

Preface xxi

Introduction xxv

Part I Foundational OSINT 1

Chapter 1 Open Source Intelligence 3

1.1 What Is OSINT? 3

1.2 A Brief History of OSINT 6

The Past 6

The Present 8

The Future 10

1.3 Critical Thinking 14

1.4 Mental Health 16

1.5 Personal Bias 17

1.6 Ethics 19

Chapter 2 The Intelligence Cycle 23

2.1 What Is the Intelligence Cycle? 23

2.2 Planning and Requirements Phase 24

2.3 Collection Phase 26

The Art of Pivoting 27

Overcoming OSINT Challenges 33

RESET Technique 33

Gap Analysis 34

Why We Have So Much Data 37

2.4 Documentation Methods 39

2.5 Processing and Evaluation Phase 44

Scoping 45

Data Enrichment 45

2.6 Analysis and Production Phase 47

Visualizations 47

2.7 Reporting 50

Report Tone 51

Report Design 51

Example Report 54

2.8 Dissemination and Consumption Phases 54

Tippers 55

Feedback Phase 55

Challenges in the Intelligence Cycle 55

Chapter 3 The Adversarial Mindset 57

3.1 Getting to Know the Adversary 57

3.2 Passive vs. Active Recon 64

Chapter 4 Operational Security 67

4.1 What Is OPSEC? 67

Threat Modeling 68

Persona Non Grata Method 68

Security or "Baseball" Cards 69

Attack Trees 71

4.2 Steps for OPSEC 72

Outlining the Five Steps of OPSEC 72

Step 1: Define Critical Information 72

Step 2: Analyze the Threat 72

Step 3: Determine Vulnerabilities 73

Step 4: Risk Assessment 73

Step 5: Apply Countermeasures 74

4.3 OPSEC Technology 77

Virtual Private Network 77

Why Use a VPN? 77

Choosing a VPN 78

VPN Concerns 78

Privacy Browsers 79

Tor 79

Freenet 80

I2p 82

Virtual Machine 83

Mobile Emulator 85

4.4 Research Accounts 85

4.5 Congratulations! 90

Part II OSINT Touchpoints 91

Chapter 5 Subject Intelligence 97

5.1 Overview 97

What Is Subject Intelligence? 98

Digital Footprint 98

Examining a Subject's Pattern of Life 102

5.2 Names 106

Subject Names 106

Naming Conventions 107

Arabic Naming Conventions 107

Chinese Naming Conventions 109

Russian Naming Conventions 109

Name Searching Techniques 110

5.3 Subject Usernames 110

Username Searching Techniques 111

Correlating Accounts and Subject Information by Username 112

5.4 Subject Emails 116

How to begin connecting accounts 117

Correlating Accounts and Subject Information by Email 117

Google Accounts 119

Correlating an Email with a Domain 120

Email Verification 122

Privacy Emails 124

Data Breaches 125

5.5 Subject Phone Numbers 129

Typing Phone Numbers to additional selectors 129

Correlating a Phone Number with a Subject 129

Phone Number Spoofing 131

5.6 Public Records and Personal Disclosures 132

Methods for incorporating public records searches 132

Collecting Public Records Associated with a Subject 132

U.S. Official Public Record Sources 134

U.S. Unofficial Sources 142

Chapter 6 Social Media Analysis 145

6.1 Social Media 145

Key Parts of Social Media 146

Collecting Social Media Data on a Subject 148

Correlating Subject Social Media Accounts 149

Subject Associations and Interactions on Social Media 151

User Media and Metadata 156

Social Media Pivots at a Glance 159

6.2 Continuous Community Monitoring 160

Methods for the Continuous Monitoring of a Group 160

Facebook Groups 161

Telegram Channels 162

Reddit 164

4chan and 8kun 166

I Joined a Community, Now What? 167

I Am Unable to Join a Community, Can I Still Monitor Them? 168

6.3 Image and Video Analysis 169

How to Look at an Image/Video 169

Reverse Image Searching 172

Image- Based Geolocation 173

Image Analysis 173

Geolocation Steps 175

Image Analysis 177

Geolocation Steps 178

Image Analysis and Geolocation for Real- Time Events 181

6.4 Verification 184

Misinformation, Disinformation, and Malinformation 185

How Do We Verify If Content Is Mis/Dis/Mal? 186

Spotting a Bot Account or Bot Network 187

Visualizing and Analyzing Social Networks 190

Spotting Digitally Altered Content 193

Photo Manipulation 196

Video Manipulation 199

6.5 Putting It All Together 200

Chasing a Puppy Scam 200

Chapter 7 Business and Organizational Intelligence 209

7.1 Overview 209

What Is Organizational Intelligence? 209

7.2 Corporate Organizations 212

Understanding the Basics of Corporate Structure 213

Entity Types 213

7.3 Methods for Analyzing Organizations 215

Government Sources and Official Registers 216

Edgar 218

Annual Reports and Filings 219

Annual Report to Shareholders 220

Forms 10- K, 10- Q, and 8- K 220

Digital Disclosures and Leaks 220

Organizational Websites 221

Social Media for Organizations 225

Business Indiscretions and Lawsuits 226

Contracts 229

Government Contracts 229

Contract Reading 101 231

Power Mapping 239

Tips for Analyzing Organizations Outside the United States 243

Canada 243

United Kingdom 243

China 246

Russia 246

Middle East 249

7.4 Recognizing Organizational Crime 250

Shell Corporations 251

The "Tells" 252

7.5 Sanctions, Blacklists, and Designations 253

Organizations that designate sanctions 254

The United Nations Security Council 254

The Office of Foreign Assets Control 254

Other Blacklists 254

7.6 501(c)(3) Nonprofits 255

Primary Source Documents 256

IRS Form 990 256

IRS Tax Exempt Organization Search 257

Annual Reports 258

Consumer Reports and Reviews 259

Charity Navigator 259

7.7 Domain Registration and IP Analysis 260

An Organization's IPs, Domain Names and Websites 261

What Is an IP address? 261

What Is a Domain Name? 261

What Is a Website, and Why Does All of This Matter? 261

Analyzing Organization Websites 262

[...] 262

Website Design and Content 263

Website Metadata 264

Analyzing WHOIS Record Data 265

Analyzing IP Addresses 267

IP Addresses 101 267

What Can I Do with an IP Address? 269

Words of Caution 270

Chapter 8 Transportation Intelligence 273

8.1 Overview 273

What Is Transportation Intelligence? 273

The Criticality of Transportation Intelligence 274

Visual Intelligence 275

Spotters 275

Social Media Disclosures 276

Webcam 276

Satellite Imagery 278

Signal Detection 281

Understanding Navigational Systems 282

Dark Signals 284

Signal Spoofing 285

Identity Manipulation 287

GNSS Jamming 287

GNSS Meaconing 288

8.2 Vessels 289

Introduction to Maritime Intelligence 289

Types of Maritime Entities 289

Vessel Terminology 290

Maritime Discovery and Analysis Methods 291

Vessel Paths and Locations 292

Vessel Meetings 293

Port Calls 297

Maritime Entity Ownership and Operation 300

Maritime Critical Infrastructure and Entity Vulnerabilities 301

Ship-to-Shore Critical Infrastructure 302

8.3 Railways 305

Introduction to Railway Intelligence 305

Types of Railway Entities 306

Railway Terminology 307

Railway Discovery and Analysis Methods 308

Visual Identification of Rail Lines 308

Railway Routes and Schedules 314

Railway Entity Ownership and Operation 317

Railway Critical Infrastructure and Entity Vulnerabilities 318

8.4 Aircraft 323

Introduction to Aircraft Intelligence 323

Types of Aircraft 324

Parts of a Typical Jet 325

Aircraft and Air Travel Terminology 327

Aircraft Discovery and Analysis Methods 328

Identifying Aircraft 329

Flight Paths and Locations 346

Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349

Tracking Cargo 350

Notice to Air Missions (NOTAMs) 350

Air Traffic Control Communications 352

Aerodromes 352

Geolocation and Imagery Analysis of Aircraft 355

Aviation Entity Ownership and Operation 358

Aviation Critical Infrastructure and Entity Vulnerabilities 361

8.5 Automobiles 362

Introduction to Automotive Intelligence 362

Types of Automobile Entities 362

Automobile Terminology 363

Automobile Discovery and Analysis Methods 364

Identifying Automobiles 364

Tips for Monitoring and Analyzing Automobile Routes 371

Automobile Entity Ownership and Operation 374

Automobile Security and Technology 375

Chapter 9 Critical Infrastructure and Industrial Intelligence 379

9.1 Overview of Critical Infrastructure and Industrial Intelligence 379

What Is Operational Technology? 384

What Is IoT and IIoT? 385

9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387

Planning the Analysis 388

Five Possible Information Gathering Avenues 388

Visualizations 390

Plotting Locations with Google Earth Pro 391

Using Premade Visualizations 397

Public Disclosures 402

Contracts 402

...
Details
Erscheinungsjahr: 2023
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Foreword xixPreface xxiIntroduction xxvPart I Foundational OSINT 1Chapter 1 Open Source Intelligence 31.1 What Is OSINT? 31.2 A Brief History of OSINT 6The Past 6The Present 8The Future 101.3 Critical Thinking 141.4 Mental Health 161.5 Personal Bias 171.
ISBN-13: 9781119933243
ISBN-10: 1119933242
Sprache: Englisch
Herstellernummer: 1W119933240
Einband: Kartoniert / Broschiert
Autor: Baker, Rae L.
Hersteller: Wiley John + Sons
Maße: 232 x 187 x 31 mm
Von/Mit: Rae L. Baker
Erscheinungsdatum: 18.05.2023
Gewicht: 0,988 kg
Artikel-ID: 125660486
Über den Autor

RAE BAKER is a Senior OSINT Analyst on the Dynamic Adversary Intelligence team at Deloitte specializing in maritime intelligence, human intelligence, corporate reconnaissance, and U.S. sanctions research. Rae is also a licensed private investigator and owns Kase Scenarios, an immersive training experience geared toward readying individuals for real-life OSINT work.

Inhaltsverzeichnis

Foreword xix

Preface xxi

Introduction xxv

Part I Foundational OSINT 1

Chapter 1 Open Source Intelligence 3

1.1 What Is OSINT? 3

1.2 A Brief History of OSINT 6

The Past 6

The Present 8

The Future 10

1.3 Critical Thinking 14

1.4 Mental Health 16

1.5 Personal Bias 17

1.6 Ethics 19

Chapter 2 The Intelligence Cycle 23

2.1 What Is the Intelligence Cycle? 23

2.2 Planning and Requirements Phase 24

2.3 Collection Phase 26

The Art of Pivoting 27

Overcoming OSINT Challenges 33

RESET Technique 33

Gap Analysis 34

Why We Have So Much Data 37

2.4 Documentation Methods 39

2.5 Processing and Evaluation Phase 44

Scoping 45

Data Enrichment 45

2.6 Analysis and Production Phase 47

Visualizations 47

2.7 Reporting 50

Report Tone 51

Report Design 51

Example Report 54

2.8 Dissemination and Consumption Phases 54

Tippers 55

Feedback Phase 55

Challenges in the Intelligence Cycle 55

Chapter 3 The Adversarial Mindset 57

3.1 Getting to Know the Adversary 57

3.2 Passive vs. Active Recon 64

Chapter 4 Operational Security 67

4.1 What Is OPSEC? 67

Threat Modeling 68

Persona Non Grata Method 68

Security or "Baseball" Cards 69

Attack Trees 71

4.2 Steps for OPSEC 72

Outlining the Five Steps of OPSEC 72

Step 1: Define Critical Information 72

Step 2: Analyze the Threat 72

Step 3: Determine Vulnerabilities 73

Step 4: Risk Assessment 73

Step 5: Apply Countermeasures 74

4.3 OPSEC Technology 77

Virtual Private Network 77

Why Use a VPN? 77

Choosing a VPN 78

VPN Concerns 78

Privacy Browsers 79

Tor 79

Freenet 80

I2p 82

Virtual Machine 83

Mobile Emulator 85

4.4 Research Accounts 85

4.5 Congratulations! 90

Part II OSINT Touchpoints 91

Chapter 5 Subject Intelligence 97

5.1 Overview 97

What Is Subject Intelligence? 98

Digital Footprint 98

Examining a Subject's Pattern of Life 102

5.2 Names 106

Subject Names 106

Naming Conventions 107

Arabic Naming Conventions 107

Chinese Naming Conventions 109

Russian Naming Conventions 109

Name Searching Techniques 110

5.3 Subject Usernames 110

Username Searching Techniques 111

Correlating Accounts and Subject Information by Username 112

5.4 Subject Emails 116

How to begin connecting accounts 117

Correlating Accounts and Subject Information by Email 117

Google Accounts 119

Correlating an Email with a Domain 120

Email Verification 122

Privacy Emails 124

Data Breaches 125

5.5 Subject Phone Numbers 129

Typing Phone Numbers to additional selectors 129

Correlating a Phone Number with a Subject 129

Phone Number Spoofing 131

5.6 Public Records and Personal Disclosures 132

Methods for incorporating public records searches 132

Collecting Public Records Associated with a Subject 132

U.S. Official Public Record Sources 134

U.S. Unofficial Sources 142

Chapter 6 Social Media Analysis 145

6.1 Social Media 145

Key Parts of Social Media 146

Collecting Social Media Data on a Subject 148

Correlating Subject Social Media Accounts 149

Subject Associations and Interactions on Social Media 151

User Media and Metadata 156

Social Media Pivots at a Glance 159

6.2 Continuous Community Monitoring 160

Methods for the Continuous Monitoring of a Group 160

Facebook Groups 161

Telegram Channels 162

Reddit 164

4chan and 8kun 166

I Joined a Community, Now What? 167

I Am Unable to Join a Community, Can I Still Monitor Them? 168

6.3 Image and Video Analysis 169

How to Look at an Image/Video 169

Reverse Image Searching 172

Image- Based Geolocation 173

Image Analysis 173

Geolocation Steps 175

Image Analysis 177

Geolocation Steps 178

Image Analysis and Geolocation for Real- Time Events 181

6.4 Verification 184

Misinformation, Disinformation, and Malinformation 185

How Do We Verify If Content Is Mis/Dis/Mal? 186

Spotting a Bot Account or Bot Network 187

Visualizing and Analyzing Social Networks 190

Spotting Digitally Altered Content 193

Photo Manipulation 196

Video Manipulation 199

6.5 Putting It All Together 200

Chasing a Puppy Scam 200

Chapter 7 Business and Organizational Intelligence 209

7.1 Overview 209

What Is Organizational Intelligence? 209

7.2 Corporate Organizations 212

Understanding the Basics of Corporate Structure 213

Entity Types 213

7.3 Methods for Analyzing Organizations 215

Government Sources and Official Registers 216

Edgar 218

Annual Reports and Filings 219

Annual Report to Shareholders 220

Forms 10- K, 10- Q, and 8- K 220

Digital Disclosures and Leaks 220

Organizational Websites 221

Social Media for Organizations 225

Business Indiscretions and Lawsuits 226

Contracts 229

Government Contracts 229

Contract Reading 101 231

Power Mapping 239

Tips for Analyzing Organizations Outside the United States 243

Canada 243

United Kingdom 243

China 246

Russia 246

Middle East 249

7.4 Recognizing Organizational Crime 250

Shell Corporations 251

The "Tells" 252

7.5 Sanctions, Blacklists, and Designations 253

Organizations that designate sanctions 254

The United Nations Security Council 254

The Office of Foreign Assets Control 254

Other Blacklists 254

7.6 501(c)(3) Nonprofits 255

Primary Source Documents 256

IRS Form 990 256

IRS Tax Exempt Organization Search 257

Annual Reports 258

Consumer Reports and Reviews 259

Charity Navigator 259

7.7 Domain Registration and IP Analysis 260

An Organization's IPs, Domain Names and Websites 261

What Is an IP address? 261

What Is a Domain Name? 261

What Is a Website, and Why Does All of This Matter? 261

Analyzing Organization Websites 262

[...] 262

Website Design and Content 263

Website Metadata 264

Analyzing WHOIS Record Data 265

Analyzing IP Addresses 267

IP Addresses 101 267

What Can I Do with an IP Address? 269

Words of Caution 270

Chapter 8 Transportation Intelligence 273

8.1 Overview 273

What Is Transportation Intelligence? 273

The Criticality of Transportation Intelligence 274

Visual Intelligence 275

Spotters 275

Social Media Disclosures 276

Webcam 276

Satellite Imagery 278

Signal Detection 281

Understanding Navigational Systems 282

Dark Signals 284

Signal Spoofing 285

Identity Manipulation 287

GNSS Jamming 287

GNSS Meaconing 288

8.2 Vessels 289

Introduction to Maritime Intelligence 289

Types of Maritime Entities 289

Vessel Terminology 290

Maritime Discovery and Analysis Methods 291

Vessel Paths and Locations 292

Vessel Meetings 293

Port Calls 297

Maritime Entity Ownership and Operation 300

Maritime Critical Infrastructure and Entity Vulnerabilities 301

Ship-to-Shore Critical Infrastructure 302

8.3 Railways 305

Introduction to Railway Intelligence 305

Types of Railway Entities 306

Railway Terminology 307

Railway Discovery and Analysis Methods 308

Visual Identification of Rail Lines 308

Railway Routes and Schedules 314

Railway Entity Ownership and Operation 317

Railway Critical Infrastructure and Entity Vulnerabilities 318

8.4 Aircraft 323

Introduction to Aircraft Intelligence 323

Types of Aircraft 324

Parts of a Typical Jet 325

Aircraft and Air Travel Terminology 327

Aircraft Discovery and Analysis Methods 328

Identifying Aircraft 329

Flight Paths and Locations 346

Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349

Tracking Cargo 350

Notice to Air Missions (NOTAMs) 350

Air Traffic Control Communications 352

Aerodromes 352

Geolocation and Imagery Analysis of Aircraft 355

Aviation Entity Ownership and Operation 358

Aviation Critical Infrastructure and Entity Vulnerabilities 361

8.5 Automobiles 362

Introduction to Automotive Intelligence 362

Types of Automobile Entities 362

Automobile Terminology 363

Automobile Discovery and Analysis Methods 364

Identifying Automobiles 364

Tips for Monitoring and Analyzing Automobile Routes 371

Automobile Entity Ownership and Operation 374

Automobile Security and Technology 375

Chapter 9 Critical Infrastructure and Industrial Intelligence 379

9.1 Overview of Critical Infrastructure and Industrial Intelligence 379

What Is Operational Technology? 384

What Is IoT and IIoT? 385

9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387

Planning the Analysis 388

Five Possible Information Gathering Avenues 388

Visualizations 390

Plotting Locations with Google Earth Pro 391

Using Premade Visualizations 397

Public Disclosures 402

Contracts 402

...
Details
Erscheinungsjahr: 2023
Genre: Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Foreword xixPreface xxiIntroduction xxvPart I Foundational OSINT 1Chapter 1 Open Source Intelligence 31.1 What Is OSINT? 31.2 A Brief History of OSINT 6The Past 6The Present 8The Future 101.3 Critical Thinking 141.4 Mental Health 161.5 Personal Bias 171.
ISBN-13: 9781119933243
ISBN-10: 1119933242
Sprache: Englisch
Herstellernummer: 1W119933240
Einband: Kartoniert / Broschiert
Autor: Baker, Rae L.
Hersteller: Wiley John + Sons
Maße: 232 x 187 x 31 mm
Von/Mit: Rae L. Baker
Erscheinungsdatum: 18.05.2023
Gewicht: 0,988 kg
Artikel-ID: 125660486
Warnhinweis