Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Marketing

OSINT and TRASHINT

advertisement 
Open Source Intelligence
(OSINT)
OSINT and TRASHINT
This presentation is the sole property of OSPA. Distribution is limited to OSPA members registered in the
OSPA OPSEC Academy
http://www.opsecacademy.org
TRASHINT: “Trash Intelligence”; Intelligence that is collected from refuse
containers, to include recycling, dumpsters and other refuse bins. Often
referred to as “Dumpster Diving”, but can include any form of refuse
collection.
While local laws may vary, TRASHINT is an easy and often legal way to
obtain critical information about a target, which may include private parties,
businesses, military or government entities. Recycling, in particular, may be
outsourced, even to other countries.
There are multiple opportunities for sensitive information to be intercepted
after being discarded:
In containers
In transit
At destination (trash
dump, recycling
facility)
A specific document or item, in itself, may not be significant, but when joined
with other pieces of information, it could be extremely damaging.
For example, finding a single invoice in the trash wouldn’t necessarily reveal
a complete customer list to a business competitor, but several weeks,
months or years worth may.
Similarly, a single cafeteria inventory may not reveal anything of value, but by
establishing a pattern of lunch orders, an adversary may be able to identify a
major activity by noting a spike in orders.
Risks to private individuals
Potential harm to private individuals includes, but is certainly not limited to:
• Phone bills
• Credit card receipts and other financial records
• Personal correspondence
• Vacation plans (printed receipts, ticket confirmations, etc)
• Family records and other information
• Employment information
• Receipts from recent major purchases
• Digital media (CD’s, etc)
• School records
• Information that could reveal regular schedules, such as church fliers,
sporting event schedules, etc
Risks to businesses
Potential harm to businesses includes, but is certainly not limited to:
• Customer invoices, packing lists and order confirmations allowing a
customer and price list to be determined
• Purchase orders, revealing suppliers and prices paid
• Employee and payroll records, potentially exposing sensitive personal
information
• Memos and printed emails
• Internal employee directories
• Marketing and development plans
• Sales, accounts receivable and accounts payable reports
• Internal white papers and reports
Risks to Military and Government
Potential harm to military and government includes, but is certainly not
limited to:
• Deployment rosters and schedules
• Maintenance records, showing current deficiencies and increased
schedules
• Pre-deployment or exercise deliveries and deliverables
• Unit strength information
• Internal memos and training schedules
• Employee and/or Soldier/Sailor/Airman personal information
• Documents showing intent or capabilities
Countermeasures
• Conduct periodic inspections of outgoing trash and recycle containers
• Provide awareness training for personnel, highlighting the TRASHINT threat
• Provide periodic reminders, including posters, labels, etc
• Provide high-quality shredders that destroy the documents to such a level as
commensurate with the sensitivity of the data.
• If necessary, consider the use of a document destruction service, which often
utilize mobile, high-volume shredders
• Securely store sensitive information pending destruction
Related documents
Grace - Teens Turning Green
Grace - Teens Turning Green
Hellgate High School – Scheduling Committee
Hellgate High School – Scheduling Committee
November-Section 2012
November-Section 2012
Charlotte_Our Journey to Reduced Waste
Charlotte_Our Journey to Reduced Waste
Allied Waste Services Residential Trash
Allied Waste Services Residential Trash
summary.
summary.
Litter, Garbage, and Refuse Regulations
Litter, Garbage, and Refuse Regulations
Job Title: Business Director Reports To: Accounts Receivable
Job Title: Business Director Reports To: Accounts Receivable
2015 Trash Program - Caernarvon Township
2015 Trash Program - Caernarvon Township
Santa Ana Unified School District Police Department
Santa Ana Unified School District Police Department
TRASH REMOVAL
TRASH REMOVAL
Annex G4 Waste Management SDP Clean PC
Annex G4 Waste Management SDP Clean PC
Matter of trash
Matter of trash
OrRTI Spring Conference - OrRTI - Oregon Response to Intervention
OrRTI Spring Conference - OrRTI - Oregon Response to Intervention
Labor Distribution Module (LD)
Labor Distribution Module (LD)
DOC
DOC
Market access
Market access
Supplementary Methods - Word file (48 KB )
Supplementary Methods - Word file (48 KB )
Nov
Nov
Paper Sculpture and Found Art
Paper Sculpture and Found Art
Brandywine Services
Brandywine Services
View - LIS
View - LIS
Download
advertisement