Impact of malicious use of Open-Source Intelligence on critical infrastructure business continuity

Expected Outcome:

Project results are expected to contribute to some or all of the following outcomes:

• Critical infrastructure operators and authorities have improved awareness of Open-Source Intelligence (OSINT) and their potential impact on security of their operations;
• Toolbox for OSINT mapping, including enhanced analysis and risk flagging is developed and available to relevant stakeholders;
• Critical infrastructure operators and authorities have improved incident response, emergency plans and business continuity models;
• Removal of potentially harmful OSINT from the public domain in order to counter/prevent preparations and attempted attacks against critical entities, including the lone wolf and hybrid scenarios;
• Awareness campaigns and training curricula for critical entities’ employees are developed.

Scope:

The malicious use of Open-Source Intelligence (OSINT) is a known concern and technique used by offenders to retrieve personal, professional, and official or technical information about entities and their employees either to immediately plot illegal actions or use it to access more sensitive data with social engineering techniques like tailored data phishing. Although singular information may seem harmless, their critical mass coupled with reasoning and automated processing of large data blocks, could reveal critical vulnerabilities and possible attack vectors. This modus operandi is of special concern for critical infrastructure operators and authorities, as it can be used to aggregate sensitive information, identify potential protection gaps, discover the security measures, such as camera and sensor locations or target individuals with special access privileges in order to orchestrate more sophisticated and harmful attacks. OSINT can also be used to impede critical infrastructure operations indirectly, gathering information and affecting their supply chains.

Proposals submitted under this topic should analyse the type, amount and accessibility of publicly available information and their usefulness in planning hostile operations against critical entities and their services. They should also parse the role of OSINT for identification and recruitment of insiders, identity theft, impersonation, or launching psychological operations such as foreign information manipulation and interference or disinformation. Moreover, the implications of AI data processing to misuse OSINT potential should be addressed. Any potential OSINT sources should be covered including, but not limited to social media, online fora, cloud resources, public records and databases, lawfully accessible deep web and dark web data, geospatial information, as well as paper archives in the public domain with blueprints, emergency response plans or similar. Proposals should especially consider scenarios including hybrid threats and lone wolves and develop tools and awareness campaigns to mitigate such threats.

Proposals should build upon outcomes and tools of other relevant projects, adapting, optimising and integrating them when necessary to achieve the highest possible technology readiness level of the project results. The proposals funded under this topic are expected to engage with the Europol Innovation Lab during the lifetime of the project, including validating the outcomes, with the aim of facilitating future uptake of innovations for the law enforcement community.

In this topic the integration of the gender dimension (sex and gender analysis) in research and innovation content should be addressed only if relevant in relation to the objectives of the research effort.

null