OSINTEP: A Tool for Cyber Defense in the Peruvian Army (#1158)

Authors

Flores Mendez, Luis

Vargas Zubiate, Manuel

Quinto Huamán, Carlos

Romero Vela, Sonia Lidia

Ochoa Castillo, Percy Fortunato

Abstract

Open-Source Intelligence (OSINT) plays a crucial role in cybersecurity by enabling the collection and analysis of publicly available information to detect emerging threats. The Peruvian Army (EP) faces a significant challenge in relying on commercial tools that are not fully adapted to its specific operational needs, limiting their effectiveness in addressing the ever-evolving cyber threats. To bridge this gap, this paper proposes the development of OSINT EP, a customized solution designed specifically to enhance the EP's response capabilities to cybersecurity challenges. The OSINT EP tool integrates several APIs, such as X API, IPinfo.io, NewsAPI, and LookupClient, to perform real-time data analysis and detect threats from various sources. The OSINT EP tool enabled the identification of cyber threats through multiple APIs. The X API revealed an increase in mentions regarding vulnerabilities on social media, suggesting a greater public interest. The IP analysis with IPinfo.io detected an address linked to a known attack in Peru, recommending its blocking. NewsAPI identified incidents of cyberattacks on critical infrastructures, which led to alerts being issued to the authorities. Finally, the DNS analysis with LookupClient verified the security of an email server, recommending periodic security audits.