Every successful virtual SIGINT Cyber Asset Discovery operation starts with a decent degree of OPSEC (Operational Security) understanding that also includes the actual tactics on behalf of the Technical Collection operator who would be responsible for collecting interpreting disseminating and actual enriching the raw harvested and collected virtual SIGINT Cyber Assets Discovery information for the purpose of building a successful threat intelligence case study a successful threat intelligence program or to actually spread a message across the security community for the purpose of emphasizing on a specific threat actor or actual cyber attack threat vector further detailing the activities of rogue cybercriminals internationally potentially assisting U.S Law Enforcement and the security community on its way to track down and respond to the threats posed by a specific threat actor including a group of individuals.
In this article I’ll discuss in-depth the basics of OPSEC (Operational Security) in the context of virtual SIGINT Cyber Assets Discovery including actual Technical Collection operations including basic OPSEC techniques for privacy and security conscious online users who are interested in preserving and maintaining access to their Web properties that also includes to properly protect themselves from nation-state or rogue actor traffic interception including to potentially leak online details on current and ongoing virtual SIGINT Cyber Assets Discovery and Technical Collection operations that also includes sensitive and classified including clandestine and offensive cyber warfare operations utilizing third-party proxies and publicly accessible services and tools for the purpose of achieving their objective.
Did you know that I used to participate in a Top Secret GCHQ program called “Lovely Horse” that’s basically sourcing intelligence and know-how from legitimate security researchers on Twitter for the purpose of improving U.S National Security potentially citing a trend that I largely witnessed and contributed to which is basically the direct development and emergence of the threat intelligence market segment circa 2008-2013 when the information was hot and basically was going beyond what you would usually describe as today’s modern APT (Advanced Persistent Threat) type of threat actors which are basically anything but young kits playing with trojan horses also known as Remote Access Tools for the purpose of achieving their objectives and are actually making the headlines which goes beyond what the Russian and Chinese cybercrime underground is fully capable of which basically consists of high-profile cybercrime innovation and constant trends introduced within the cybercrime ecosystem.
How did I achieve my participation in the Top Secret GCHQ Program called “Lovely Horse” using my old Twitter account? Keep reading.
Long story short I’m positive that I eventually got the attention of the U.K’s GCHQ as a source for cyber attack and cyber incident information by persistently communicating and trying to build awareness on current and emerging cyber threats and by actually providing the necessary technical information behind these campaigns on a daily basis in a systematic way and as a public source of information for these type of threats which is quite a privilege and clearly speaks for the quality of my research and the actual information.
Practical and relevant advice in the context of achieving a decent OPSEC strategy for the purpose of keeping track of the bad guys and to actually participate in 4th party collection activities:
- TOR is your best friend – it should be clearly noted that TOR should be easily considered as a relevant way to risk-forward the traffic interception process to secure and geographically dispersed third-parties which should be considered as a relevant strategy when doing OSINT research including actual 4th party collection
- Utilize off-the-shelf and proprietary and sophisticated VPN Service provider – if mass Technical Collection activities using Tor is not your thing and you’re also interested in actually protecting your activities and know-how including to establish the foundations of a decent OPSEC strategy you should consider using an advanced and sophisticated VPN service provider such as for instance Cryptohippie – https://cryptohippie.com which offers a pretty decent and sophisticated VPN service which you should consider using while doing research including actual passive and active Technical Collection
- Build a self-sufficient personal online infrastructure and preserve and maintain it – if you’re truly interested in doing high-quality research including OSINR analysis and Technical Collection analysis you should really consider the use of basic information security principles in the context of running and maintaining the proper online infrastructure including to actually prevent and respond to possible cyber attacks including OPSEC violation attempts of your network infrastructure.