Abstract

Background: Open-Source Intelligence (OSINT) is the collection, processing, and correlation of information that is publicly available through open data sources including social media and public government data. The Personally Identifiable Information (PII) can be used by threat actors to construct comprehensive profiles of individuals. Objective: This research focuses on exploring the current state of OSINT within the Information Systems (IS) literature and providing a thorough review of this behavioral phenomenon from a behavioral perspective. The aim is to build a theoretical framework that describes how hackers or threat actors exploit open-source data to triangulate PII. In addition, this research attempt to assist practitioners when developing effective countermeasures. Methods: To review the current literature, the Preferred Reporting Items for Systematic Reviews and Meta Analyses (PRISMA) method (Moher et al., 2009) is utilized, which includes a search strategy, criteria for selection, data extraction, and analysis. To locate papers relevant to the use of OSINT within the IS literature, we searched on the AIS eLibrary and Web of Science databases. The literature survey was conducted in July 2024 to uncover journal papers that specifically examine the privacy and cybersecurity concerns related to the use of OSINT from 2014 to the present. We employed a search string for the query which includes (TI=(open-source intelligence OR OSINT) AND AB=(privacy OR cybersecurity OR security) AND SO=(Decision Support Systems OR Information & Management OR Communications Of The Association For Information Systems OR European Journal Of Information Systems Or Information And Organization OR Information Systems Journal OR Information Systems Research OR Journal Of Association For Information Systems OR Journal Of Information Technology OR Journal Of Management Information Systems OR Journal Of Strategic Information Systems OR MIS Quarterly OR MIS Quarterly Executive)). The articles were assessed based on the specified inclusion criteria: (1) journal papers must be published between January 2014 and July 2024; (2) must be published in AIS journal; (3) must specifically examine the use of OSINT; (4) must have specific research theories, experimental designs, or prototypes; and (5) papers must be fully accessible. Results: The initial search resulted in five (n = 5) relevant journal articles from were produced by the keyword search with no duplicates. Only one paper directly investigated OSINT from the lens of cybersecurity (Dincelli et al., 2023), which highlighted the use of PII labels, and the route of common entry points within the cybersecurity context. However, the current IS literature lacks the descriptions of common PII identification label patterns that can be found from unique identifiers based on OSINT. Conclusion: IS researchers can focus on the PII patterns that can be used to ethically analyze and simulate the data triangulation, enabling an understanding of the mapping of exploitation patterns through OSINT techniques. Moreover, future researchers can analyze data breaches and elaborate on their interrelatedness through Social Network Analysis (SNA) using OSINT techniques. We also suggest generating synthetic datasets using Large Language Models (LLMs) based on the structures of real data classes from past data breaches and using SNA.

Download

Share

COinS