METHODS AND MEANS OF PROTECTING CRITICAL INFRASTRUCTURE FROM OSINT INTELLIGENCE IN WARTIME
DOI:
https://doi.org/10.28925/2663-4023.2026.32.1190Keywords:
critical infrastructure, OSINT intelligence, cybersecurity, SCADA systems, Deception Technology, digital footprint minimization, Shodan, active defense.Abstract
The article addresses the pressing scientific and practical issue of improving the cyber resilience and physical security of Ukraine's critical infrastructure (CI) in the context of warfare. It analyzes the transformation of open source intelligence (OSINT) from an auxiliary analytical tool into a key element in the targeting of high-precision weapons and the planning of destructive cyberattacks. Based on an analysis of recent incidents, critical threat vectors have been identified and systematized: technical indexing of industrial system (OT) vulnerabilities through IoT search engines (Shodan, Censys), geospatial monitoring of infrastructure changes using commercial satellite imagery, and leaks of sensitive information through social engineering (SOCMINT). The main focus of the work is on developing a comprehensive countermeasure methodology that goes beyond traditional perimeter protection. The feasibility of applying a digital footprint reduction strategy in accordance with NIST SP 800-82r3 standards, which includes deep network segmentation, the use of data diodes, and equipment banner obfuscation, is justified. The implementation of deception technology is considered in detail – the introduction of a layered system of traps (honeytokens, honeypots) to disrupt the enemy's cognitive decision-making cycle (OODA loop). Organizational measures for counterintelligence monitoring and regulation of public information are proposed, which can significantly reduce the effectiveness of enemy intelligence at the data collection stage. The practical value of the research lies in the creation of an adaptive protection algorithm that complicates the verification of targets by the aggressor.
Downloads
References
National Coordination Center for Cybersecurity. (2024). Cyber digest: Review of cybersecurity events (May 2024). NCCS under the National Security and Defense Council of Ukraine.
State Service of Special Communications and Information Protection of Ukraine. (2023). Russian cyber operations: Changes in tactics, goals, and capabilities of hacker groups of the Russian government and affiliated groups: Analytical report for the first half of 2023. https://cip.gov.ua/ua/news/yak-zminyuyutsya-taktiki-cili-i-spromozhnosti-khakerskikh-grup-uryadu-rf-ta-kontrolovanikh-nim-ugrupovan-zvit
Ivkova, V., & Opirskyi, I. (2025). Research of existing tools and approaches to conducting OSINT in the context of information security of the individual and the state. Computer Systems and Networks, 7(1), 143–159. https://doi.org/10.23939/csn2025.01.131
Molfar Global. (n.d.). Satellite images and Russian missile strikes on Ukraine: Molfar analyzes The Atlantic investigation. https://www.molfar.institute/chy-kupuyut-rosiyany-v-maxar-i-planet-foto-shchob-obstrilyuvaty-ukrainu/
Revak, I. O. (Ed.). (2025). Rol OSINT-doslidzhen u pidvyshchenni rivnia natsionalnoi bezpeky Ukrainy: Materialy kruhloho stolu (Lviv, May 7, 2025) [The role of OSINT research in improving the level of national security of Ukraine: Roundtable proceedings]. Lviv State University of Internal Affairs. https://dspace.lvduvs.edu.ua/handle/1234567890/8875
Kant, D., Creutzburg, R., & Johannsen, A. (2018). Investigation of risks for critical infrastructures due to the exposure of SCADA systems and industrial controls on the internet based on the search engine Shodan. Electronic Imaging, 2020(3), 253-1–253-9. https://doi.org/10.2352/ISSN.2470-1173.2020.3.MOBMU-253
Abouelnaga, Y., & El-Maghraby, A. (2025). Leveraging OSINT for advanced proactive cybersecurity: Strategies and solutions. IEEE Access, 13, 4521–4538. https://doi.org/10.1109/ACCESS.2025.3354123
Kulyk, O., & Skladannyi, P. (2025). Theoretical bases of methods of counteraction to modern forms of information warfare. Applied Sciences, 15(4), Article 1102. https://doi.org/10.3390/app15041102
Safitra, M. F., Lubis, M., & Fakhrurroja, H. (2023). Counterattacking cyber threats: A framework for the future of cybersecurity. Sustainability, 15(18), Article 13369. https://doi.org/10.3390/su151813369
Han, X., Kheir, N., & Balzarotti, D. (2018). Deception techniques in computer security: A research perspective. ACM Computing Surveys, 51(4), 1–36. https://doi.org/10.1145/3214305
Mustak, M., Salminen, J., Mäntymäki, M., Rahman, A., & Dwivedi, Y. K. (2023). Deepfakes: Deceptions, mitigations, and opportunities. Journal of Business Research, 154, Article 113368. https://doi.org/10.1016/j.jbusres.2022.113368
Ivkova, V., & Opirskyi, I. (2025). OSINT technologies as a threat to the cybersecurity of the state. Cybersecurity: Education, Science, Technique, 3(27), 165–179. https://doi.org/10.28925/2663-4023.2025.27.749
Ivkova, V., & Opirskyi, I. (2024). Research of problems of ensuring the security of personal data and confidential information in the context of counteracting OSINT. Cybersecurity: Education, Science, Technique, 2(26), 189–199. https://doi.org/10.28925/2663-4023.2024.26.682
Lee, Y.-J., Park, S.-J., & Park, W.-H. (2022). Military information leak response technology through OSINT information analysis using SNSes. Security and Communication Networks, 2022, Article 9962029. https://doi.org/10.1155/2022/9962029
Stouffer, K., Pease, M., Tang, C., Lightman, R., & Zimmerman, T. (2023). Guide to operational technology (OT) security (NIST Special Publication 800-82 Rev. 3). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-82r3
Ivkova, V., & Opirskyi, I. (2025). Research of the possibility of integrating the compartmentalization method in protecting information in open sources. Computer Systems and Networks, 7(2), 71–83.
Verkhovna Rada of Ukraine. (2011). Law of Ukraine “On access to public information” No. 2939-VI. https://zakon.rada.gov.ua/laws/show/2939-
Manuilova, Y. S. (2023). Ensuring cybersecurity of critical infrastructure facilities in conditions of cyber warfare. Information and Law, 1(44), 154–167. https://doi.org/10.37750/2616-6798.2023.1(44).287780
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Валерія Івкова, Андрій Леонов
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
