OSINT, July 2022: US DoD OSINT Budget, AI-OSINT, North Korean Hackers Upgrade, China Hunts Military LinkedIn Profiles, and Dark Web Prices 2022.

Department of Defense Budget 2023 for OSINT

The Defense Innovation Unit, which is charged with facilitating development and acquisition of cutting edge technologies at the Defense Department, is poised to get double its requested budget for 2023.

The quota for US military innovations is set to almost double next year, from $42.9 mln to $81 mln. This huge increase comes in tandem with a 10% allocation to AI- and ML-based OSINT technology of $8 mln. This demonstrates that the utility of AI-driven OSINT approaches are not lost on major powers.

US Cyber Command Pleas for Shared Intelligence

The US Cyber Command has appealed to private tech companies for intelligence to be shared in the interests of improving national cybersecurity. Executive Director Dave Frederick has stated that those on the front line need to provide info regarding their own experiences of cybercrime, so new forms of malware and other hacking tactics can be identified as soon as possible.

Almost all the U.S. networks of critical importance are owned and operated by the private sector, and something that we need to do our job better is early warning. “If we have companies that are seeing that they’re being exploited by a malicious cyber actor, if we can get tips to that effect, it helps us prepare.” - Dave Frederick, US Cyber Command executive director.

AI-OSINT in the Service of the Defense Intelligence Agency

Following the recent DNI? studies on the possible use cases of AI within national security, the US Defense Intelligence Agency has concluded that machine learning will be to its greatest advantage when used in parallel with OSINT.

Although AI will likely be able to simulate human activity in the future, its best assets at present focus on collecting, structuring and preparing colossal volumes of data for intelligence analysts. Thanks to ML algorithms, such oceans of diverse data can be compiled and analyzed in a fraction of the time it would take to achieve this manually. To date, the CIA has already employed AI with OSINT for news monitoring and alerts. It’s also been utilized as a connecting channel between HUMINT (Human Intelligence) and OSINT, facilitating intelligence that makes use of all available sources.

US Intelligence is not alone in its reasoning. Wired magazine has recently claimed that the increased use of open-source data is key to superior AI, as big data is essential for the algorithms to make quantitative judgements. The scale and relevance of open data is something that simply can’t be engineered through classified material.

And it’s not just intelligence bureaus that are benefitting from AI processes - it’s now essential for various spheres, not least the financial sector. According to a recent survey by Revinitiv, the respondent financial institutions with an annual revenue of more than $1bn all made use of AI to a greater or lesser extent.

North Korean Hackers Upgrade: NFT Plus Deepfake

In my previous newsletter, I already covered some innovative tactics employed by North Korean scammers. Well, the latest wheeze coming out of the region has taken things a step further. Hackers are now posing as IT recruiters on the NFT marketplace, to hack into the credentials of upper-tier developers, and by extension, their products. After taking control of private blockchain keys that ran gaming platform Axie, scammers were able to extract all the crypto stored within it - an amount worth around $540m.

So how was this possible? Well, the ‘recruiters’ identified potential ‘candidates’ through online profiles such as LinkedIn – individuals who potentially possessed access keys to the target blockchain. Then, following a fake interview stage, ‘candidates’ were sent lavish job offers on PDFs with encrypted malware. Anyone who opened the PDF got a lot more than they bargained for.

Deepfake imagery is now being used to apply for remote work, to hack into corporate IT networks and to commit frauds. Such breaches demonstrate both the level of criminal ingenuity at play as well as the immense challenges posed by these shifting criminal innovations. The availability of deepfake instruments is a flipside of the transparency of such technologies. E.g. several years ago, my MS CS was enough to download such repositories from github, make sets (for RND purposes) and make harmless impersonalisation pranks on my fams.

Guarding against such well-developed phishing tactics isn’t easy, but modern OSINT solutions can employ sophisticated algorithms to pick up on any digital profile inconsistencies relating to the scammers. Modern OSINT-software enhances with ML/AI processing is able to swiftly detect most of deepfakes on the flight. If OSINT had been employed by Axie, they could have dodged a very costly bullet.

China Hunts Military Profiles on LinkedIn

Military personnel and defense contractors have been told to delete their security clearance from LinkedIn over spying fears, following warnings about the growing espionage threat posed by China.

The Ministry of Defence said in a notice: “If individuals use social networking sites/apps and advertise their security clearance (e.g. the level of clearance they hold), they are putting their self, colleagues and national security at risk. Individuals must remove these details from their social networking profiles immediately.”

The Telegraph was able to view the LinkedIn profiles of a number of individuals with current security clearance up to Developed Vetting (DV) level, which grants access to top secret classified information. In some cases recruiters appear to have contacted those with the credentials, advertising lucrative private sector jobs requiring DV clearance.

The Tide of Online Payment Frauds Is Threatening America

Online payment fraud is set to reach $343B by the year 2027, according to new Juniper Research’s research. Compared to last year’s figures, which ‘only’ reached $20B, this forecast is staggering. The study also indicated that North America would suffer more cases than any other territory

Common fraud methods such as account takeover or identity theft are presently one step ahead of current identity verification tools. Scam tactics exploit the likes of money transfers, crypto wallets and online purchases, with the physical goods trade making up 49% of the total losses.

Encrypted security measures such as address verification and multi-factor authentication really should be employed wholesale to guard against this oncoming tidal wave of fraud. But also, by analyzing past instances, it may also be possible to preempt and counter future operations. By scouring all the subtlest connections to a known fraud, OSINT tools can weed out the real identities and nip the next scam in the bud.

Fake ID, Credit Cards, And Other Dark Web Prices

The recent Privacy Affairs’ report has just concluded that the cost of complete identity fraud is a mere $1,115 for the would-be hacker. Obtaining an individual’s account details not only provides access to potentially reams of sensitive personal information, it also allows a scammer to forge fake IDs and legal documents such as passports and drivers’ licenses. And scammers unable to cough up the full amount still have plenty of options, with a variety of similar ‘products’ available to suit all budgets.