While the typical employee would think that every device that has internet-connected capabilities should be connected, as an information security professional you know that’s not the case.
Naturally, it’s essential to keep many of these devices in mind as you build your security strategy, especially those that serve as blind spots in the enterprise. To find and identify these devices, many security professionals leverage open-source intelligence tools (OSINT) such as Shodan - which serves as a search engine that allows companies to find threat information on the web, including locating devices connected to the internet.
Dubbed as the “scariest search engine” by some media outlets, tools similar to Shodan feature pre-canned searches one can use to locate devices such as webcams, traffic lights, and even nanny cams, says Anthe Koelpin, Senior Threat Analyst at GE Digital.
But one thing’s that’s important to keep in mind are the legal ramifications that accompany using OSINT tools.
“Using [these] search engines, you should always be aware of the traces that you leave [because you may be] breaking laws,” Anthe Koelpin, Senior Threat Analyst at GE Digital, recently told InfoSec Insider. Simply put, just because you can conduct a search, doesn’t necessarily mean you should be doing it, he adds. “When in doubt, ask your lawyer,” Koelpin said.
No matter the size of the organization, security departments can glean some valuable information from using OSINT tools. A lot of them are entirely free to use - although there are costs tied to accessing any enhanced features.
In the video interview below, Koelpin shares his experiences and advice when it comes to leveraging OSINT tools, highlighting the benefits to security organizations, but also discussing the legal ramifications one could face by accessing them.