OSRINT – Open Source Risk Intelligence
Do you know, what kind of private information are available in public sources about you and your family members, which could be of a risk and used by criminals?
FAMILY OFFICE ELITE spoke with Sven Leidel, an expert for HNWI/UHNWI Risk Mitigation & Protection Strategies located in Hamburg, Germany.
Mr. Leidel, please tell us about your professional security background and introduce yourself to our readers!
I was born in 1968 in Hamburg, Germany and I am a German citizen. As a former member of the German military police, I have been dealing with the topic of protection and security since 1988. Today I am involved, as an honorary member, in various national and international security and professional associations in advisory and executive functions. I am a professional lecturer and trainer, facilitator and specialist author, security consultant and expert in the field of protection strategies for exposed individuals. I have gained extensive expertise from more than 25 years of industry and professional experience and I have operated in numerous foreign assignments and projects in Europe, North America, Latin America as well as parts of Asia. My longtime customers include many major national and international corporations and insurance companies as well as small and medium-sized enterprises, exposed private individuals, family offices and family foundations as well as entrepreneurial families and high net worth individuals. Last but not least, I am an author and editor of two books in respect of Travel Risk Management; see www.travel-security-handbook.com (English) and www.handbuch-reisesicherheit.de (German).
What is OSRINT?
OSRINT stands for Open Source Risk Intelligence. It is probably the most innovative way of identifying risks and critical content in respect of a specific target (person or company) in public sources. In order to be efficient in the most possible way, the internet search is done and supported by a 24/7 operating crawler technology. This advanced monitoring technology helps to identify and track personal data online in open sources, that might also be useful for criminals. In addition, experienced risk analysts work as ‘human filters’ to identify threats and sensitive details in public sources on a 24/7 basis. Another part of OSRINT is the removal of critical data from the internet and other online sources, or if a removal is not possible, the displace of such content. Especially in today’s world where media and online outlets can ruin a reputation in a matter of minutes, it is important to always be one step ahead and have the latest monitoring technology in place.
Please tell us about a typical client case!
A family office is reaching out to us, asking for a confidential face-to-face meeting with one of their exclusive FO clients. The client asks us to find out, what kind of private and critical details are available in public sources about himself and his family members. All we get from him is his first and his family name; nothing else. Now it is our job to try to find out as much as possible about the target; pretty much the same way criminals would start in order to identify possible victims.
In one specific case, the HNWI did mention that he has already maintained a “low profile” for many years and he was sure that we should not be able find any pictures from him, no names and no pictures of his family members and maybe just a handful of companies that he is involved in. He did not even tell us how many children he has, nor any details in respect of his residence home and vacation real estates he might own. We agreed on 5 days of actual intense open source search from our end. Pretty quickly after starting the research, we found many critical details and put all the findings in a 45 pages’ written report. We ended up finding 27 pictures from himself, names and pictures of all his children and his wife, private addresses (residential and vacation), as well as 43 companies he and his relatives are currently involved in or he and his relatives were involved in in the past. You can imagine that the surprise was huge, when we presented the findings in a personal meeting. During the meeting we did receive the up order to conduct security audits at the residential and vacation houses in order to optimize the physical and electronical security measures and to assist in deleting critical details and information from public sources (internet). Since then, we are also monitoring the internet 24/7 with the latest crawler technology in order to make sure, that we identify critical details and content in the internet around the clock and automatically. This gives us the opportunity to react quickly and in a timely manner as soon as we (the crawler) have identified new critical content. Just recently we found out that his children did establish almost a handful new companies without consulting with their parents in the first place. Within the company registration process, the children made a mistake and used one of the family’s private address, which is absolutely not acceptable, because this is a weak point within the whole personal risk mitigation concept and strategy.
Can you really delete all data from the internet?
Of course not! Some data and content can be deleted from the internet or from specific homepages and probably the majority cannot.
For example, a solution could be … in connection with a reputation management strategy, those data and content that is in the internet and cannot be deleted, you can try to displace this content on the internet by a so called “positive story telling technique”. This means that you create positive and non-critical content for a specific target (person or company) and strategically place it in the internet on existing homepages / platforms or you create your own new blogs and webpages. On those platforms where you have total control over the content, you can pretty much publish all kind of true or false/fake details that you want or that you need for your protection strategy. That way you create “helpful content” in order to be positively rated by Google, Bing & Co. Having this said, this means that your own non-critical content will show up within the search results on the first couple of pages at the search engines. Unwanted content and details will be pushed back on the pages 5, 6 or even further back. It is our experience that most criminals just take a look at the findings on the pages 1 – 4.
In addition, you can track the traffic on your own blogs and webpages; we call this “The Honey Pot Concept”. Which gives you a good first idea, who is looking for your client, what kind of keywords are used for the search, what is the main interest, where is the person located, a.s.o..
What is a Honey Pot Concept?
Honey Pots are mainly used by IT security professionals in order to find out if hackers are interested in a certain IT landscape, where are they coming from, what kind of search and keywords are used, what kind of technology is used by the third party a.s.o..
Our Honey Pots are kind of modern traps. Like I already mentioned, we create blogs and homepages with a “specific real-fake content”, so people that are searching for a specific target (person or company) will get the search results within the search engine they use. As soon as they click on the search result, we are able to track their homepage visit and also their clicks and activities on the Honey Pot blog and homepage. We are able to see the country and city they are coming from, which online network they are using, how long they stay on the homepage, which additional content they have looked at and much more useful details. This is a risk indicator for us, that somebody is interested on specific information about a target. The information of interest could be the private address of the target, private activities / hobbies of the target and other critical details. In addition, you can spread false and fake details about a target, in order to blur the online traces and to make it more difficult for criminals to find real details and information in open sources. This is a very useful and effective protection concept.
Why is it so important to know what kind of Details are available in the Internet?
It is our experience that criminals also look first in the internet and try to find out as much as possible useful details about possible targets and victims. The more useful details they find and the easier it is to get access to those details, the more likely it is, that criminals will pick a so called “soft target” for their criminal activities (kidnapping, burglary, blackmailing, threatening …).
The goal of a comprehensive personal risk management is to become a “hard target”, in order to be unattractive and not of interest for criminals.
You can compare this with the following:
You do not have to install a tons of physical and technical security at your house, like they use at “Fort Knox”. Your house just needs to be more secured than the neighbor’s house. Criminals are looking for quick and easy wins, with hardly no risks of failure.
FOE: Thank you very much for the interview.