Do you Research Online? Preventive Measures to Secure your Work Environment
Home/digital privacy / Do you Research Online? Preventive Measures to Secure your Work Environment
Do you Research Online? Preventive Measures to Secure your Work Environment

Nowadays, who doesn't research online?  Discovering the past of someone with whom we must negotiate through Linkedin or Facebook, finding out what company they work for, who they know or what events they have attended is part of the day-to-day life of any professional . These investigations can be more superficial or deeper, more professional or more amateurish.

In any case, it is always important not to be discovered . In this article we explain how.

Good practices for secure Internet research

The enormous advantages of researching online

More and more companies and institutions are investing human and economic resources in researching on the Internet . All the information (or almost all) is on the Internet. The more important the investigation, the more resources it requires, the more professionalism it demands and the more depth it needs , even requiring the use of specific tools and the creation of false profiles on social networks.

All the information (or almost all) of our potential  clients, suppliers, colleagues, bosses, adversaries or competitors  is available at the click of a button: knowing who is who, what their weak points are, their relationships and their interests, is not only important but it has become increasingly essential.

Building intelligence from open sources (Open Source Intelligence, OSINT ), consists of searching for information that is public or available to any user . The OSINT has gained special relevance in recent years thanks to:

  1. The proliferation of new forms of communication (social networks, forums, blogs, etc.).
  2. The hyperconnection and over-exposure of users, companies and institutions.
  3. The availability of free analysis tools . 

OSINT research offers the advantage of entailing fewer risks to the safety of the researcher , since it normally takes place in places that meet acceptable safety conditions and no exposure. Even so, in any OSINT investigation, before starting the phase of collecting or obtaining information, we must bear in mind that it is essential to preserve the security of our environment and work device .

Protecting our research, our identity and preventing information leaks is basic and a priority and, to do this, we must establish a series of physical and logical measures that will allow us to investigate online effectively, professionally and safely. 

I) Physical or equipment preventive measures

In the first place, we will refer to the physical security measures that the space in which we are going to carry out our work must meet , as well as  those that our team must have (laptop or desktop):

  1. It controls the electromagnetic radiation of our devices : Specifically, the connection cables to the network socket (in case of not using wireless connections), the radiation of our monitor, of the tower (in the case of a desktop computer) or of the laptop. Tel Aviv University managed to extract passwords by analyzing electromagnetic radiation.
  2. Hardware failures : It is extremely important for the OSINT analyst to have a backup of the information collected, if possible automatically and always on another device. A crash, device hard drive crash or any ransomware can mess up your work!
  3. Incidents or accidents in the work environment : It seems basic but it happens constantly: avoid eating or drinking in the immediate vicinity of the device. Spilling liquids on the equipment can cause a short circuit with the consequent failure of the equipment, and therefore, the risk of losing the stored information. Get uninterruptible power supplies/devices (UPS) to prevent damage in the event of voltage spikes in the power supply.
  4. It secures physical access : Both access to our work team and network connections (in case of not using a wireless connection, in which case other types of measures should be adopted). The space, office or room must have physical security measures and access control.

II) Preventive measures to take into account when browsing the Internet

From a logical point of view, when we browse the Internet to collect or obtain information, it is necessary for us to adopt a series of measures to be able to carry out the OSINT work with certain guarantees of not being the victim of a computer attack and, in addition, to safeguard our identity and anonymity. For this, it is essential to take into account the following aspects:

  1. In the collection of data on the Internet, our browser will play a transcendental role. Therefore, it is necessary to configure the privacy of the browser . Here is a guide to browsing privately.
  2. It is important not to connect to open or public wireless networks installed in public places (airports, stations, restaurants, etc.). These networks are insecure and, therefore, we are vulnerable if we connect to them since we do not know who they belong to and the administrator has access to all the traffic. We recommend that you always use a VPN.
  3. Use virtual private networks (VPN) to maintain our anonymity during the collection of information. There are free browser extensions that offer good results.
  4. Before installing software on your computer or browser extensions,  always check their authenticity and origin (programmer, company, etc.).
  5. Have anti-malware installed on your computer with resources to preventively analyze threats (emails, downloaded files, malicious websites, etc.)
  6. Have a firewall installed capable of managing the incoming and outgoing connections of our device. In this way, rules can be defined to control the traffic that enters and leaves our equipment.
  7. It deletes the data generated and stored on the computer as a result of our work, such as cookies, browsing history, temporary files and cache.
  8. Keep the Operating System updated with the latest security patches published by the developers. This reduces the risk of being infected with malware and also prevents unpatched (resolved) vulnerabilities from being exploited. It is recommended that you turn on automatic updates for your computer or check very frequently for available updates.
  9. Keep your browser updated and control the execution of scripts, the appearance of pop-up windows and the unwanted storage of credentials and cookies.
  10. Avoid accessing and working on the computer with an administrator/root profile. If a malware infects the system and the analyst accessed the computer with an administrator/root account, the malware will have full control over the computer, allowing it to carry out any malicious activity. Otherwise, if the computer is accessed with a user account, the permissions to perform actions on the computer are restricted.
  11. Avoid using removable storage devices that have been previously plugged into other devices. This point includes devices of unknown origin, souvenirs from seminars, conferences and optical storage devices such as CDs or DVDs.
  12. Always use strong (complex) passwords so that they are not vulnerable to brute force or dictionary attacks. Taking into account the number of passwords to be handled, it is recommended to use a password manager. 

III) Preventive measures to take into account if we seek information on Social Networks

Social Networks are an extraordinary source of profit for the OSINT analyst . Many users are not aware of the amount of personal information, even intimate, that they upload to their profiles on a daily basis.

In this environment, the OSINT analyst must also adopt security measures that safeguard their security and anonymity. To put it into practice, it is necessary to apply the following recommendations:

  1. Create RRSS accounts with fictitious data that do not identify the identity of the OSINT analyst . It seems obvious, but except for the name and photograph, sometimes the same city, date of birth, is followed, people or known pages are followed through which they could identify us.
  2. Don't have your personal social media profile activated on the same computer, browser, or session. Some social networks cross-reference data to show who has visited your profile or make contact suggestions to people who interact with our profiles.
  3. Set up your account so that as little information about the account holder as possible is published .
  4. Establish a credible profile . With consistent data regarding friendships, images, place of birth, place of residence, etc. Otherwise, currently some service providers block the account until the owner can prove that his information is true and his real ownership. The more activity, posts and information there is, the more credible it will be.
  5. Do not establish affective relationships or too much friendship with other users. This will make you vulnerable to social engineering and therefore susceptible to leaks of information from your real life.
  6. Always keep in mind that you do not know the rest of the users. You are not the only one who has goals other than interacting in the RRSS, being popular and making your life public. There are other profiles with the same or more knowledge than you in terms of OSINT and social engineering that could be investigating you.
  7. Always use a VPN. Keep in mind that some RRSS service providers have cyber-intelligence systems capable of identifying your point of access to the Internet and comparing it with the data in your account (eg I go to the Internet from Singapore but with the same user with name X).

So far the brief review of the main practices to investigate using OSINT safely. There are many more advanced ones that we will comment on in future articles. Remember, 100% security does not exist , but we can always limit our exposure and vulnerability.

And you, what preventive measures do you usually use to secure your work environment? Which do you think is more useful? Leave us a comment below this article or on our social networks!

Leave a Reply

Your email address will not be published.