- Home
- Techniques
- PRE-ATT&CK
- Analyze social and business relationships, interests, and affiliations
Analyze social and business relationships, interests, and affiliations
Social media provides insight into the target's affiliations with groups and organizations. Certification information can explain their technical associations and professional associations. Personal information can provide data for exploitation or even blackmail. [1]
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Public sources are external to the defender's organization. Some social media sites have an option to show you when users are looking at your profile, but an adversary can evade this tracking depending on how they conduct the searches.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Social and business relationship information for an individual can be found by examining their social media contacts (e.g., [https://www.facebook.com Facebook] and [https://www.linkedin.com LinkedIn]). Social media also provides insight into the target's affiliations with groups and organizations. Finally, certification information can explain their technical associations and professional associations.
References
- Gregory Scasny. (2015, September 14). Understanding Open Source Intelligence (OSINT) and its relationship to Identity Theft. Retrieved March 1, 2017.