OPSEC (OPERATIONAL SECURITY)
Hello My name is ‘Nathaneal’ a 18 year old Cyber Kiddo :) , today I’ll be writing about operational security today, OPSEC has been very effective to the military since world war 1 and has helped the Military and the law enforcement to conduct there counterterrorism and Surveillance activities to protect the citizens of there respective countries. Alright lets get straight to the point “What is actually OPSEC?”
WHAT IS OPSEC (OPERATIONAL SECURITY) ?
OPSEC is mainly used by the military as a risk management process which aids the commanders and the security managers to view operations from a perspective of an adversary in order to protect sensitive information getting into the wrong hands.
Now I hope you’’ll know the basic understanding of operational security and now I’ll be talking about how OPSEC could be used and why is it important in the cybersecurity domain. Using OPSEC in Cyber Security is the sum of Cyber Intelligence and Cyber Threat Intelligence.
OPSEC in Cyber Security has a process of 5 steps which are -:
1. Identification of critical information
2. Analysis of threats
3. Analysis of vulnerabilities
4. Assessment of risks
5. Application of appropriate countermeasure
Lets talk about these 5 individual processes-:
1. IDENTIFICATION OF CRITICAL INFORMATION
You may ask what is critical information? CI are the sensitive information which a adversary needs to degrade and disrupt operations of an organization.
eg-:
— Employee Information
— The Network Infrastructure
— Intellectual properties
2. ANALYSIS OF THREATS
This step helps the military and organizations to identify the adversaries, there intent and the capability to use the information against the organization. After that the military or the organizataion could study their TTP’s (Techniques, Tactics and Procedures) in order to gather more intel about the adversaries.
3. ANALYSIS OF VULNERABILITIES
An vulnerability is an weakness on a system which can be exploited by an threat actor to gain access to a system to exfiltrate data from the target system.
So in OPSEC by understanding the adversaries TTP’s the military or the organization should scan and identify the potential vulnerabilities on there system.
4. ASSESSMENT OF RISKS
Risk is a measurement of how much an organization is exposed to danger. Once vulnerabilities are identified the vulnerabilities must go through the organizational risk process. This process evaluates each of the vulnerabilities which was found on the scanning phase and assigns it based on the sum of the probability of exploitation and impact to the organizational.
5. APPLICATION OF APPROPRIATE COUNTERMEASURE
Countermeasures are designed to prevent an adversary from detecting critical information, provide an alternative interpretation of critical information or indicators. So there are few steps to follow after the risk assessment, organizations should be able to prioritize resources to do, they are -:
1. Avoid the risk
2. control and mitigate the risk
— Implementing ACL’s (Access Control Lists)
— Credential Management
— Network Segmentation
3. Accept the risk
4. Transfer the risk
-Cyber Insurance
Great So I hope you’ll understood the definition of OPSEC and the usage of OPSEC in Cyber Security and the usage of OPSEC to defend the current Infrastructure the organization has. Next look at some fundamentals of “Cyber Intelligence” and the types of intelligence on the intel industry.
WHAT IS CYBER INTELLIGENCE?
Cyber intelligence is the ability to gain knowledge about an Organization and its existing capabilities in order to determine the possible actions of an adversary when exploiting inherit critical vulnerabilities. It uses multiple information security disciplines such as threat intelligence, vulnerability management, security configuration management, incident response and Network Security and uses various tool sets to gather information about the network through monitoring and reporting to allow decision makers at all levels to prioritize risk mitigation.
Lets look at some types of intelligence which has been using in the intelligence community such as the CIA, FBI, MI6, INTERPOL and other intelligence agencies.
1. HUMINT (HUMAN INTELLIGENCE) a.k.a “Spies” :)
HUMINT or human intelligence HUMINT is the collection by a trained Surveillance officer of foreign information from people and multimedia to identify elements, intentions, composition, strength, tactics, equipment, personnel, and there capabilities. It uses human sources as a tool and a variety of collection methods, both passive and active, to gather information to satisfy the commander’s intelligence requirements and there disciplines.
HUMINT operations collection can be executed in 2 ways which are “overtly” or by “clandestine” operations.
“OVERT” Collection
— Overt collection is normally done in the open and through legal means without concealment
“CLANDESTINE” Collection
— Clandestine collection is normally done by personnel who are trained in the foreign languages and cultures of the country they are assigned so that collection efforts are secret and that they mix in with the local on that respective country which is also called “performing Espionage”
2. OSINT (OPEN SOURCE INTELLIGENCE)
OSINT is used to collect information about a target using public resource such as Facebook, Twitter, Instagram and by using various Cyber Tools(OSRFRAMEWORK) and also Newspapers, Whitepapers, Radio’s.
3. SIGINT (SIGNAL INTELLIGENCE)
SIGINT is basically intelligence derived from electronic signals and systems used by foreign targets, such as communications systems, radars, and weapons systems. They usually intercept messages and using cyptanalysis to decipher them and listening communications among various people or groups as an example terrorist groups.
So these are the main 3 types of intelligence used in Surveillance Operations to gather information for further analysis and for future Active Operations.
I hope you’ll enjoyed this article but more than that I hope you’ll learnt something from this and I would like to recommend to do your own research on OPSEC and Cyber Intelligence cause these can be used on your day to day life to prevent and battle life problems. ;)
THANK YOU!
STAY SAFE!
