Sex Trafficking – The Real Story

Sex trafficking.  Everyone has heard of it, but what is it?  What comes to mind when you think about a sex trafficking victim?  The image of a young Caucasian girl in ropes in a non-descript room comes to mind.  For example, a search for the phrase “sex trafficking victim” on iStock generated 11 pages and 636 images of Caucasian females. In actuality, according to the Department of Justice Bureau of Justice Statistics, between January 2008 and June 2010, confirmed sex trafficking victims were more likely to be “white (26%) or black (40%), compared to labor trafficking victims, who were more likely to be Hispanic (63%) or Asian (17%).”  Yet simple searches for images of sex-trafficking disproportionality show young white females.  While the statistics lean towards African American females being more susceptible to being trafficked, victims can be of any age, race, ethnicity, sex, gender identity, nationality, immigration status, cultural background, socio-economic class, and education attainment level.

 

 

 

 

In this article, analysts focus on what sex trafficking is and the actual statistics surrounding the crime, as well as information on how individuals are exploited into the life and the psychology behind this exploitation, understanding who is perpetuating this crime, and what you can look for as possible signs of being trafficked and lastly what are some verifiable things being done to assist in the combating of this heinous crime.

What is Sex Trafficking?

The Trafficking Victims Protection Act (TVPA) was created in 2000 and has been reauthorized five times since then.  According to the National Institute of Justice, “The TVPA was enacted to strengthen the ability of the federal government to combat human trafficking.”  The TVPA recognizes two forms of human trafficking; sex trafficking and forced labor.  The TVPA defines human trafficking as “The recruitment, harboring, transportation, provision, obtaining, patronizing, or soliciting of a person for the purpose of a commercial sex act (sex trafficking), in which a commercial sex act is induced by force, fraud, or coercion, or in which the person induced to perform such act has not attained 18 years of age.”  Florida statute 787.06 further defines sex trafficking as the “Transporting, soliciting, recruiting, harboring, providing, enticing, maintaining, or obtaining another person for the purpose of exploitation of that person.”

According to Polaris, examples of frequently used means of control include:

Force: Physical or sexual abuse, often in the form of repeated rapes by one or more people to create submission; confinement to the residence; restrictions on movement and communication to family and friends; forced abortions; lack of medical treatment or reproductive health.

Fraud: False promises of a better life through the trafficker presenting as a boyfriend or caretaker figure.

Coercion: Threats of harm to the victim or victim’s family; threats to shame the victim by revealing the commercial sex to their family and others in the community; confiscation of birth certificates and other identification documents; forced dependency on the trafficker; rumors of or witnessed violence at the hands of traffickers used as threats; the cycle of rewards and punishments; threats of police involvement and arrest.

The International Labor Organization estimates that there are 4.5 million victims of sex trafficking worldwide. But unfortunately, due to the lack of a centralized repository and the subversive nature of the crime of sex trafficking, the exact number of underage children being trafficked in the United States is unknown.  Statistics further state that children, women, and men are being sold for sex in cities in all 50 states; in 2014, the Urban Institute studied the underground commercial sex economy in eight U.S. cities and estimated that this illicit activity generated between $39.9 million and $290 million in revenue depending on the city with nearly 300,000 youth at risk of being sexually exploited, according to a University of Pennsylvania study. The DHS Strategy to Combat Human Trafficking states, “In 2018, the U.S. National Human Trafficking Hotline was contacted 41,088 times and reported 10,949 cases of human trafficking, a number that has increased annually. In the past five fiscal years, DHS received 6,171 reports to our Tip Line regarding suspected human trafficking and child sexual exploitation.”

In 2018 the Thorn Institute surveyed 260 survivors of sex trafficking survivors that stated the average age of entry into commercial sexual exploitation was roughly 12-14 years old. At the same time, the most frequently reported age of entry was 15 years old.  One in six persons surveyed reported being trafficked before the age of 12.  But according to numerous sources, including Polaris, they do not believe these stats are accurate.  The trafficking field relies on inaccurate and partial data obtained from small data sets until a more thorough and methodical examination is conducted.  According to Polaris, in 2019, of the 123 of the 292 survivors who disclosed their age when they first engaged in commercial sex to the National Human Trafficking Hotline (NHTRC) or BeFree Textline, 44% of these survivors estimated that they were 17 or younger, and the average age of first participation was 19 years old.

The Exploitation Cycle

Through intensive manipulation, pretended affection, brutal violence, isolation, and emotional abuse, traffickers aggressively seek to destabilize their victims’ psyches and gain control over them.  Non-profit All Things Possible (ATP) explains that sex trafficking is a process that begins long before a victim is sold for the first time; to reiterate this point, ATP created the following graphic to explain how traffickers exploit their victims.

 

 

While each iteration of the cycle is distinct, they also blend. According to Jeff Tiegs, the COO of ATP, the “Assessment and Recruitment” and “Grooming” phases are “happening behind closed doors, they’re happening online, and oftentimes a law isn’t even broken yet.  To tell a lie is not against the law.  For me to pretend I’m a nice guy is not against the law, even for me to use fake names and things like, unless it’s fraudulent, is not against the law.”  In fact, he says, “it’s not until the Breaking phase that you have definitely crossed a line.”  To “Break” someone indicates that the trafficker has physically, emotionally, spiritually, and psychologically broken down the victim into this crime.  Moving forward in the cycle to “Automatic” and “Assessment & Recruitment,” this is where, Tiegs explains, the trafficker wants the victim to be.  “He wants to put the least amount of energy into one of these girls that he has to for the most amount of return.”

Psychology of Exploitation

Each phase of the Exploitation Cycle includes tactics and techniques often unbeknownst to the predator they use that rewires the victim’s brain, sometimes called brainwashing.  According to Tiegs, “…that intermittent reinforcement is creating this imbalance with this individual.”  The Founder of RubiesLV, Samantha Summers-Rivas, explains that traffickers mentally use psychological tactics to enslave their victims. “We’re not seeing physical chains, but there are emotional, mental, and spiritual chains.”  These psychological tactics are why many of the trafficked girls don’t even identify themselves as victims.  The brainwashing has them oblivious to the concept that they have been/are being exploited, let alone have been/are being trafficked.  Traffickers have an innate ability to study the victim, to find out what she needs, and for some time, to provide for those needs.  Making the victim believe that the trafficker is the only one who cares, is the only one who will or can provide for them.  Another way to learn how a trafficker manipulates the victim, according to Mrs. Summers-Rivas, is to use Maslow’s Hierarchy of Needs.  They understand how to ensure that the victim relies on them for each need.  For more information on the Exploitation Cycle and the Psychology of Exploitation, check out ATPs “Protect Your Family: A Counter-Trafficking Course.”

Understanding the Traffickers, Who Are They?

Some basic information, traffickers often share the same national or cultural background as the victim, and they can be of any gender and age, according to Florida State University’s Human Trafficking Project, sponsored by the Attorney General of the State of Florida. A recent analysis revealed that among those who trafficked minors for sex: The trafficker’s average age was 28.5, and 45.1% of traffickers knew their victims.

Echo Analytics Group consulted with Detective Joseph Scaramucci of the McLennan County Sheriff’s Office in Waco, Texas.  Detective Scaramucci is one of the nation’s top consultants for human trafficking with law enforcement in America and abroad and federal and DoD agencies. Scarmucci said that the numbers reported by agencies combating Human Trafficking are often misleading. “They also call people attempting to pay for sex from a minor a trafficker (while it meets many statutes that person is a buyer, not a trafficker). Often numbers can also be misinterpreted because of state laws.  Many times sex buyers can be legally classified as a human trafficker, although they have engaged in the purchasing of sex.”

Individual traffickers, more popularly referred to as “pimps,” are frequently the traffickers in street-based commercial sex scenarios. The Merriam-Webster dictionary defines a pimp as “a criminal who is associated with, usually exerts control over, and lives off the earnings of one or more prostitutes.” Most of the time, pimping does not entail consenting prostitutes to work for their own financial advantage, despite the widespread impression that it does.  Because victims may be sold and resold again, unlike with drugs or fake goods, sex trafficking can generate significant profits. Even though pimps receive significant profits from their victims, they frequently spend a sizable portion of their earnings on material possessions.  According to Louise Shelley, Human Trafficking: A Global Perspective, “pimps dissipate their large incomes of several hundred thousand of dollars annually on expensive clothes, jewelry, and automobiles rather than saving their money or laundering it into the legitimate economy.”  This displayed sense of affluence helps to convince their victims that they can provide them with a flashy celebrity lifestyle, going above and beyond on the Hierarchy of Needs referenced above.

Although the relationships between these pimps and their victims may differ, they all use the same strategies to find, manage, and take advantage of their victims. Some pimps might just be taking advantage of one or a few victims, while others might be in charge of a more significant number of girls and women.  Referred to in the streets as a “stable.”  It has been seen that pimps have forced victims to recruit, manage, and discipline other victims, which could make them appear to be traffickers.  These particular victims are referred to, in the trafficking community, as “bottom bitches.”  These victims are often brutally beaten, they are generally branded or tattooed, they are responsible for ensuring the other girls in the stable are bringing the money home, and they are the ones who receive the punishment if the others “misbehave” in any way.  She is in charge when the pimp is away.  This victim has been mentally manipulated so intensely that she goes along with everything for the reward of being the “bottom,” for being in his favor, hoping not to get hurt or beaten again.

A statement from Tiegs regarding the background of some of those in the pimp game, “While I have zero sympathy for pimps.  Some people have arrived at the place where they have a certain level of compassion because many of these pimps were abused also.  Many of these pimps, they’re acting out and lashing out because they were physically and sexually abused as young men.  I intellectually can go there, but still, as a person, I just can’t excuse it because of the levels that they’re bringing it.”

Numerous well-known and convicted pimps have authored and directed books and films. They frequently receive celebrity status and are highly regarded in certain parts of American society, even though their song lyrics and writings boast about their manipulation and abuse of women.  These propaganda products are fantastic instruments for understanding how these people think and behave. When properly examined, the depravity and mental manipulation they prefer to operate in are abundantly clear.

Indicators of Trafficking

** Not all indicators listed below are present in every sex trafficking situation, and the presence or absence of any indicators is not necessarily proof of sex trafficking. **

The first step in identifying potential victims is recognizing some critical indicators of sex trafficking, including physical indicators and verbiage used.  Regarding verbiage, if certain words are said/heard, it could indicate being involved or becoming involved in trafficking.  Examples of some of this verbiage (not all-inclusive) include: being in the life, or the game, bottom bitch, wifey, wifey-in-law, stable, choose-up fee, exit fee, daddy/king (especially said by multiple girls to one man), two girl special, and girlfriend experience or GFE.

 

Samantha Summers-Rivas said people should keep in mind the following when it comes to verbiage indicators, “These terms have become popular within our culture.  A lot of young people use these terms, and they have heard them in the hip hop music that they listen to now and different forms of music, and so they may not understand or know what they’re perpetuating or what they’re putting out there, but they just might, and they might be in the life.”

Along with verbiage indicators of being trafficked, there are numerous physical indicators that anyone can look out for. Some more often seen physical indicators include tattoos and branding on the neck or chest that shows a crown, a name, or a king’s crown. A girl dressed inappropriately for her age or the weather.  A minor with someone at a hotel during school hours or late at night.  A sudden or dramatic change in behavior.  Often disoriented or confused or showing signs of mental or physical abuse.  Bruises in various stages of healing.  Not able to travel or not able to freely leave where they live or work.  Was doing well in school, but their grades started slipping, dressing in skimpy clothing, and becoming more depressed and isolated from friends and family.

 

What Can I Do?

Echo Analytics Group (EAG) and ATP have partnered to host a quarterly event called, Skull Games.  Skull Games is an event where vetted volunteers come together, in person and online, for 48 hours with the goal of identifying as many victims and perpetrators of sex trafficking as possible.  These volunteers crowdsource the collection of open-source Information (OSINT) to assist law enforcement in generating lead packets on trafficked victims, missing children, and persons of interest.

Why is the operation called Skull Games?  An infamous pimp called “Iceberg Slim” was once quoted as saying, “Pimping isn’t a sex game; it’s a skull game.”  This is an example of the manipulation and the inherent demoralizing of the victims that those in the trafficking industry display.  Calling the operations “Skull Games” is a way to take back some of the power he and others like him have taken away from the numerous amounts of victims stuck in the life.

If you are interested in learning more about Skull Games and perhaps volunteering for the effort, please go to https://echoanalyticsgroup.com/skull-games/.

If you would like to know more information about ATP’s counter-trafficking efforts, please go to https://victormarx.com/trafficking-solutions/.

 

 

 

Protecting Data Privacy in a Public Social Media World

As the world increases its reliance on digital technology, Americans have significant concerns over how private companies collect and use their data. According to Pew Research, 81% of Americans feel the risks of private companies collecting their data outweigh the benefits.

An estimated 16 billion records have been exposed since 2019. Personal data is more vulnerable than ever.

At Echo Analytics Group, a Quiet Professionals company, our team provides vital education on these issues along with solutions that mitigate potential risks and vulnerabilities.

Web Scraping and Data Breaches

On January 6, 2021, following the rallies, demonstrations, and riots on Capitol Hill, @donk_enby, an activist on Twitter, scraped 50 terabytes of Publicly Available Information (PAI) off Parler, an alternative social media platform. The activist provided the information, including location metadata, to law enforcement agencies.  The action, while invasive of others’ privacy, was not illegal, as the information was publicly available. Parler, then a brand-new social media platform, did not have the proper security protocols in place to prevent the scraping of its site, and the data of all its users was put at risk.

Even Facebook, the world’s biggest social media platform, is not immune from breeches of privacy.  In April 2021, 533 million Facebook users had their private information leaked on a hacking forum. The information included dates of birth, Facebook IDs, phone numbers, and locations. The data was from 2019; the breech only became known to the public when posted to an amateur hacking forum and made public by several news sites. Data breaches on social media sites remain a common occurrence.

Data Brokers

Further, most Americans are likely unaware of just how much of their private information is available online. Data broker websites scour social media sites and public records to build profiles with peoples’ Personally Identifiable Information (PII). PII information on data broker websites generally includes a person’s first and last name, current address, phone numbers, emails, and possible relatives/associates. An individual or group with malicious intent could use the information on a data broker website to target them further.

Location Services 

Protecting privacy online requires continued awareness and education. A report from the NSA, “Limiting Location Data Exposure,” warns about the way many phone apps ask for your location when they do not need it. As the article says, “Apps, even when installed using the approved app store, may collect, aggregate, and transmit information that exposes a user’s location. Many apps request permission for location and other resources required for the function of the app. Users with location concerns should be cautious about sharing information on social media.”

According to Statista, in 2021, 233 million Americans access their social media accounts from their mobile device, which means that their locations and other private information may be tracked every time they use those platforms. Moreover, two-thirds of people are comfortable allowing apps to auto-their location.

Major tech companies are beginning to release features to prevent breaches of privacy from phone apps. In June 2021, Apple announced iOS 15, which will be available this fall. iOS 15 will include a dashboard that allows users to see which apps access their location, contacts, photos/videos, and microphone. The new feature would tell Apple users how often the apps are accessing that information.

At Echo Analytics Group, we empower our clients with critical information to mitigate digital risk. Our training and consultation illuminate their vulnerabilities and techniques to leave them less exposed in the online space.

Targeting Predators and Teachings Parents About Online Safety 

In 2020 alone, the National Center for Missing and Exploited Children saw a 97% increase in online enticement of children. Many online predators use apps that children frequent. However, many law enforcement departments in Utah and Florida say that the following apps can pose risks to children:

  • MeetMe
  • WhatsApp
  • Bumble
  • Live.Me
  • Grindr
  • TikTok
  • SnapChat
  • Holla
  • Calculator+
  • Skout
  • Badoo
  • Kik
  • Whisper
  • Hot or Not

All of this is terrifying information, but it is possible to fight back.

While PAI can be misused by malicious actors, it can also be used to find them and hold them accountable.

EAG works with our partners to help target internet predators/human traffickers. Additionally, to better equip parents with the right tools to alleviate risk online, EAG offers a Protecting Kids Online Safety Course.

For interested parents, EAG is giving out 50 free passes to the Protecting Kids Online Safety Course. This course teaches parents about the exposure their children face and how to protect them from online predators. To sign up, follow the hyperlink and enter coupon code “protectourkids.” (This course is an excellent value even if you miss the free deal.)

For any other inquiries regarding your digital safety or privacy, please see our website at https://www.echoanalyticsgroup.com.

Protecting Critical Infrastructure with OSINT

Ransomware and other malware attacks are on the rise. Criminals are constantly probing online systems to discover their vulnerabilities to hold systems hostage. Meanwhile, U.S. foreign adversaries are increasingly targeting assets in digitally accessible spaces to achieve their political goals.  

Open-Source Intelligence (OSINT) is being used by both attackers and cyber security professionals to find ways to exploit critical systems and functions. Often, attackers and cyber security experts must use the same tools to search accessible online spaces for pieces of publicly available information that, when combined, might provide keys into an organization’s systems.  

OSINT is a powerful tool being re-engineered by 21st century cyber-security professionals to identify and disrupt vulnerabilities before they can be exploited.  

Attackers are becoming more sophisticated, targeting specific entities for disruption rather than merely taking the “low-hanging fruit” approach to selecting targets. They are not only targeting systems but people, using Human Intelligence (HUMINT) techniques—also known as “social engineering”—to extract valuable pieces of information from staff, vendors, and other human partners—people who may not understand how vital the information they provide may be. 

Of particular interest to both criminal and nation-state attackers are organizations that serve as critical infrastructure for the U.S. and allied nations. Because these organizations are important pieces of the day-to-day operations and defense of a nation, they make for high-value targets. In addition, some organizations involved in critical infrastructure tend to have weaker defenses against ransomware and other malware attacks due to the nature of their industry and the fast pace of technological innovation used during malware attacks.  

In other words, what was not understood to be a point of vulnerability yesterday is now known to be vulnerable today. 

Cyber security professionals of organizations involved in critical infrastructure must become more aware of basic security procedures to protect themselves. Further, because their organizations are such high-value targets, they must take extra steps to secure their most valuable resources against threats.  

Organizations must learn to integrate OSINT into their security plans. They must assess what resources, people, and systems are most vulnerable and most valuable to attackers, then prioritize plans to ensure that their most critical resources are the best defended and most resilient to attack. 

 

  1. What is OSINT? 

 

Open-Source Information (OSINT) is the use of Publicly Available Information (PAI) to develop actionable intelligence—that is, the information needed to achieve specific goals, such as covertly accessing a network and implanting malware there.  

Ransomware attackers first performs reconnaissance against an organization by researching their public information, including the personal information of key employees, online. In order to find the best way to get into a target system and plan what to attack once they get in, the attacker uses OSINT techniques.  

When an organization researches their own vulnerabilities to malware attack—and whether their vendors are vulnerable to that type of attack—the organization is using OSINT techniques. 

There are a wide variety of tools and techniques that can be used to research and develop OSINT, from tools developed by curious amateurs researching how systems work, to for-profit businesses that develop business analytics tools to determine what their customers are saying about them, to national security programs that develop malware to spy on, and sabotage, other nations’ systems. 

These tools are constantly changing and evolving for a variety of reasons. As social media platforms change, as new operating system exploits are discovered, and as recent technologies connect systems, users, and devices, OSINT tools evolve to best discover what information is available to be used. 

While some information that is being shared publicly by an organization can be controlled, once it has been released to the public, it can be found online forever. Even after controlling what information is available in the future, it is important to know what information an organization has shared with the public in the past and how that information might be used. 

 

  1. What is critical infrastructure and why is it vulnerable? 

 

Critical infrastructure is the collected systems and institutions needed to keep our nation operational and to defend it in an attack. The Cybersecurity and Infrastructure Agency (CISA) has defined sixteen areas of critical infrastructure: 

  • The chemical sector 
  • The commercial facilities sector, including sites that facilitate crowds, like open spaces, concert venues, and hotels 
  • The communications sector 
  • The critical manufacturing sector 
  • The dams sector, covering over 90,000 U.S. dams 
  • The defense industrial base sector 
  • The emergency services sector 
  • The energy sector 
  • The financial services sector 
  • The food and agricultural sector 
  • The government facilities sector 
  • The healthcare and public health sector 
  • The information technology sector 
  • The nuclear reactors, materials, and waste sector 
  • The transportation systems sector 
  • The water and wastewater systems sector 

Our economy and lives depend on the various elements of these critical infrastructure systems. Ransomware and other malware attacks against them give attackers a disproportionate amount of leverage. Often, those organizations’ leaders, eager to halt the threats to people’s lives and welfare, can be more likely to cooperate with the attackers.  

Making critical infrastructure even more tempting for attackers, some elements of our critical infrastructure are outdated and therefore particularly vulnerable to attack.  

The designers of the outdated systems had no idea how their systems would be abused in the future. They certainly could not have anticipated the OSINT tools used to perform reconnaissance and exploitation against their systems.  

While some sectors of our infrastructure are aware of the possibility of harm—such as the defense, information technology, and financial sectors—other sectors may be less prepared to defend themselves from attack.  

They may not understand the dangers posed by outdated software and equipment being used. They may not be aware of how recent technology can cause unexpected disruption throughout critical technologies and may not be structurally prepared to address those threats. And even the best prepared organizations may struggle to educate and prepare their workforce on the shielding of critical personal information that can be used to guess passwords or to send emails, texts, or voice messages from a seemingly legitimate source.  

For example, some farms do not necessarily have a standalone IT department with an OSINT expert on hand, available to anticipate and respond to malware attacks, even as they add sensors to their equipment that may open their networks to outside attack.  

Some industries tend to respond quickly to public perception of having insecure technology, if only because the loss of customers due to lack of confidence can quickly spiral out of control. Other critical infrastructure sectors that are not as sensitive to public opinion may be understandably more conservative about adopting recent technology—and its associated growing pains and expenses. 

 

However, ransomware and other high-tech attackers do not wait for the bugs to be worked out of critical infrastructure systems before they attack. 

 

  1. Who targets critical infrastructure? 

 

Critical infrastructure is targeted by two main groups: criminals and nation-state actors. Both will use the same types of OSINT tools to research and exploit their victims, but the two groups have different purposes, and therefore target different elements of the systems they infiltrate. 

Criminals attempt to take down critical infrastructure for money. Their primary goal—generally via ransomware—is to make normal operations difficult to pursue. They halt critical functions to put pressure on an organization to pay their ransom. 

Their goals are to encrypt information to prevent it from being used, to destroy or encrypt backups, and to halt systems long enough to collect payment. They wish to cause inconvenience and disruption to make a profit. Recently, attackers have begun to export, or “exfiltrate,” substantial amounts of data that can be used later as blackmail material or sold for additional profit on the dark web’s black markets.  

Nation-state actors often have more insidious goals. 

When a nation-state uses malware to attack critical infrastructure, often the goal is not to gain a profit, but to collect information that is otherwise difficult to obtain, to embarrass the target nation, or to prevent it from using critical infrastructure to achieve its own goals. Nation-state malware has or may have been used to collect sensitive information of other nations, disrupt energy grids, disrupt oil pipelines, close schools, and more.  

But organizations cannot assume that they will not be targeted by nation-state attackers; critical infrastructure is always of interest, and the malware used by nation-state actors has been known to spread outside the attackers’ original intent. 

Nation-states have also been known to purchase the exploits found by malicious actors, the source code of viruses, and the information exfiltrated by criminals on the black market. Often the most dangerous time for an element of critical infrastructure is after they have been hacked, as nation-states leverage information obtained by criminals to cause further damage. 

 

  1. How can OSINT be used to protect critical infrastructure? 

 

With critical infrastructure both uniquely vital and uniquely vulnerable to attack, it is important to prioritize protection. Organizations should seek out experts in OSINT to partner with their own IT, security, and leadership representatives to assess the organization’s vulnerability to attack.  

Identifying which systems and information are critical is a key step of choosing which defenses to prioritize.  

Plans for protecting critical systems and information should start with the most vital functions and communications of the organization. Teams should review systems and information to determine which systems would be considered most critical, in light of both criminal and nation-state attacks. A criminal attacker may target different vulnerabilities and capabilities than a nation-state attacker. 

Plans should include: 

  • Removing or mitigating vulnerabilities as possible. 
  • Backing up data in a location not vulnerable to spreading attacks. 
  • Creating procedures and methods to identify reconnaissance and attacks in real-time. 
  • Training for staff on how to handle suspected reconnaissance and attacks. 
  • Investigation of third-party partners and vendors as potential routes for attack.  
  • Responding during an attack, including reporting the attack to the FBI. 
  • Returning critical systems to operation in case of an attack. 
  • Preserving data about the attack. 
  • Researching the attackers to assess how the attacked occurred, who the attackers are, and how to prevent further attack. 
  • Prevent any stolen information from being used against your organization. 

Organizations must take the attitude that discovering that they have been the victim of an attack means that they are at immediate and long-term risk of follow-on attacks and reinforce their use of OSINT tools to monitor for follow-on indicators of reconnaissance, release of their data, and attack. 

In the past, many elements of critical infrastructure have been slow to change and adopt modern technology. This slowness can happen for multiple reasons, including avoiding public perception of waste. Resistance to change is understandable, but it can result in a less robust level of security as organizations attempt to modernize.  

Organizations can help safeguard critical systems from ransomware and other malware attacks by adding OSINT expertise to their incident response teams. OSINT experts have a fundamental understanding of how malicious actors identify and leverage publicly available information to infiltrate systems and accomplish their goals.  

Because of the public trust that is put into organizations providing critical infrastructure, it is essential to fully protect those systems as soon as possible. Criminals and nation-state actors will certainly not wait for securing critical systems becomes more convenient.  

 

Interested in our expertise? Read more about Echo Analytic Group’s OSINT services here. Interested in working with us as an OSINT expert? Check out our careers here. 

 

Interested in our expertise? Read more about Quiet Professionals’ services here. Interested in working with us as one of our experts? Check out our careers here.