Towards Better Cyber Security Consciousness: The Ease and Danger of OSINT Tools in Exposing Critical Infrastructure Vulnerabilities

No Thumbnail Available

Date

2023

Journal Title

Journal ISSN

Volume Title

Publisher

Institute of Electrical and Electronics Engineers Inc.

Open Access Color

OpenAIRE Downloads

OpenAIRE Views

Research Projects

Organizational Units

Journal Issue

Abstract

This article explores open-source intelligence (OS-INT) to identify the vulnerabilities and loopholes in power grid systems, focusing on an electrical distribution company operating in Turkey. The study emphasizes the potential risks of sharing publicly available information on social media accounts, websites, reports, and press releases which most companies overlook. It highlights that individuals or adversaries can exploit this information to harm companies and countries that may not be fully aware of these vulnerabilities. OSINT tools can efficiently gather interpretable data on a company, which companies unknowingly share. By refining the collected data, the study aims to understand the technologies used, their software versions, and any associated vulnerabilities. Web scraping tools extract data from the company's website, which may contain critical information about updates, ongoing systems, and technologies. The article provides a comprehensive understanding of the potential risks and vulnerabilities associated with sharing sensitive information and the various OSINT tools and techniques that can be used to identify and address these vulnerabilities. The importance of vigilance against the potential harm that remote or unrelated individuals can inflict using OSINT capabilitiesis underscored. This study shows how easy it is to detect vulnerabilities in a critical infrastructure system using OSINT tools. © 2023 IEEE.

Description

Keywords

critical infrastructure protection, cyber risk, cyber security, Maltego, OSINT investigation, power grid, Shodan

Turkish CoHE Thesis Center URL

Fields of Science

Citation

0

WoS Q

N/A

Scopus Q

N/A

Source

UBMK 2023 - Proceedings: 8th International Conference on Computer Science and Engineering -- 8th International Conference on Computer Science and Engineering, UBMK 2023 -- 13 September 2023 through 15 September 2023 -- Burdur -- 193873

Volume

Issue

Start Page

438

End Page

443