OSINT TECHNOLOGIES AS A THREAT TO STATE CYBERSECURITY
DOI:
https://doi.org/10.28925/2663-4023.2025.27.749Keywords:
OSINT; cybersecurity; counter-OSINT; personal data; information leak; national security.Abstract
The article examines OSINT technologies as one of the key challenges for the national security of Ukraine. With the development of the digital space, methods of collecting, analyzing and using information from open sources have become widespread, in particular in the field of cybersecurity. The authors emphasize that, despite the legitimacy and general availability of OSINT technologies, they can be used by attackers to collect personal data, identify vulnerabilities in critical infrastructure and plan cyberattacks. The study is based on the analysis of open state registers, social networks, satellite images, mapping services and other sources containing potentially sensitive information. The main threats associated with OSINT are identified, including: theft of personal data, phishing, analysis of corporate information, unauthorized interference in state information systems. Special attention is paid to the analysis of real incidents of information leakage through OSINT technologies, including examples from international and Ukrainian practice. The authors have examined the legal and ethical aspects of the use of OSINT tools, in particular the conflict between the need for openness of state data and cybersecurity threats. The article provides an analysis of the legislative norms of Ukraine that regulate access to information, and also considers international experience in the field of countering OSINT threats. A separate section of the article is devoted to methods of countering threats that arise through the use of OSINT tools. Counter-OSINT methods are also studied, which involve minimizing the digital trace, disinformation, data anonymization, control over information leaks, and the use of means of countering OSINT analysis of images and videos. The role of state structures in the development and implementation of regulatory legal acts aimed at strengthening the protection of information in open sources is separately considered.
Downloads
References
Report on the activities of the CyberPolice Department of the National Police of Ukraine in 2024 (2025). CyberPolice Department of the National Police of Ukraine. https://cyberpolice.gov.ua/news/zvitpro-diyalnist-departamentu-kiberpolicziyi-naczionalnoyi-policziyi-ukrayiny-u--roczi-7074/
CERT-UA processed 4315 cyber incidents last year. (2025) State Service for Special Communications and Information Protection of Ukraine. https://cip.gov.ua/ua/news/cert-ua-minulogo-roku-opracyuvala-4315-kiberincidentiv
On Access to Public Information, Law of Ukraine № 2939-VI (2023) (Ukraine). https://zakon.rada.gov.ua/laws/show/2939-17#Text
Lee, Y.-J., Park, S.-J., & Park, W.-H. (2022). Military Information Leak Response Technology through OSINT Information Analysis Using SNSes. Security and Communication Networks, 2022, 1–10. https://doi.org/10.1155/2022/9962029
Hwang, Y.-W., Lee, I.-Y., Kim, H., Lee, H., & Kim, D. (2022). Current Status and Security Trend of OSINT. Wireless Communications and Mobile Computing, 2022, 1–14. https://doi.org/10.1155/2022/1290129
Șandor, A. (2020). An Intelligence Perspective on Privacy and Data Protection Risks in Social Media. International conference KNOWLEDGE-BASED ORGANIZATION, 26(1), 151–156. https://doi.org/10.2478/kbo-2020-0023
Hsu, J. (2018). The Strava Heat Map Shows Even Militaries Can’t Keep Secrets from Social Data. WIRED. https://www.wired.com/story/strava-heat-map-military-bases-fitness-trackers-privacy/
Lutovych, D. (2024). Google “leaked” data on the location of Ukrainian troops: what is the danger. FOCUS. https://focus.ua/uk/voennye-novosti/676818-google-onoviv-karti-i-viyaviv-roztashuvannya-ukrajinskiy-viyskovih-ob-yektiv
Fake order to strengthen mobilization measures in Odessa (2024) Center for Countering Disinformation. https://cpd.gov.ua/international-direction/ssha/fejkovyj-nakaz-pro-posylennya-mobilizaczijnyh-zahodiv-v-odesi/
Ivkova, V., & Opirsky, I. (2024). RESEARCH ON THE ISSUES OF PROVIDING SECURITY OF PERSONAL DATA AND CONFIDENTIAL INFORMATION IN THE CONTEXT OF OSINT COUNTERACTION. Electronic professional scientific publication “Cybersecurity: education, science, technology”, 2(26), 189–199. https://doi.org/10.28925/2663-4023.2024.26.682
Criminal Code of Ukraine, Law of Ukraine № 2341-III (2025) (Ukraine) https://zakon.rada.gov.ua/laws/show/2341-14#Text
Diya.Osvita and USAID Cybersecurity Project launch cyber hygiene information campaign. (n.d.). Ministry of Digital Transformation of Ukraine. https://thedigital.gov.ua/news/diyaosvita-ta-proekt-usaid-kiberbezpeka-zapuskayut-informatsiynu-kampaniyu-z-kibergigieni
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Валерія Івкова, Іван Опірський
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
