Browse >
Home / Archive by category 'cybercrime'
DarkCyber for November 27, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/302658825.
This week’s program covers four stories related to the Dark Web and specialized Internet services.
DarkCyber reports that another call for a backdoors to encrypted communications. Cyrus Vance, the Manhattan district attorney, emphasized that government mandated backdoors are the only solution to device encryption. DarkCyber provides a link to the government report which substantiates this statement. Australia has issued a similar statement. Even though encrypted devices can be broken open, the time and resources required are significant. With the growing number of mobile devices in use by bad actors, the number of phones requiring decryption has created an evidence backlog. Encrypted devices, therefore, pose a significant challenge to law enforcement and intelligence professionals.
The second story reveals that autonomous killer drone technology is advancing rapidly. An autonomous drone is able to find, fix, and finish a target. DarkCyber describes the Elbit Systems’ Skystriker device which is about 95 percent autonomous at this time. Full autonomous operation is within view.
Other countries are working on similar technology. DarkCyber identifies autonomous sea going devices which can neutralize a target without a human in the kill chain. DarkCyber’s view is that countries without autonomous warfighting will find themselves at a strategic disadvantage.
The third story reports that facial recognition allowed 130 victims of child abuse to be identified by Dutch authorities. Mug shot image recognition and matching can perform at an accuracy level of about 90 percent. However, facial recognition from real time video feeds like surveillance cameras pose a more difficult problem. Accuracy rates for video identification can dip below 60 percent. Nevertheless, facial recognition technology is advancing rapidly with innovations from such firms as Boeing, Verint, and NSO. Startups are making significant technical contributions as well. Innovations from Trueface, Kairos, and PointGrab are likely to yield advances in recognition accuracy. DarkCyber provides links to two sources of information about facial recognition systems. One of these documents is a General Accountability Office report about facial recognition within the US government.
The final story describes an off tune Dark Web weapons deal. Three young men in England thought that buying Glock 19 firearms via the Dark Web was a foolproof scheme. Their idea was to specify that the weapons were shipped inside of an amplifier for an electric guitar. US and UK authorities identified the contraband and placed a video camera in the parcel. When the men received their delivery, the event was captured on video. The investigation yielded cash and narcotics. The individuals are now serving eight years in prison. It is unlikely that the amplifier is delivering Elvis’ hit “Jailhouse Rock” to the felons.
DarkCyber appears each Tuesday on the blog Beyond Search and on Vimeo. Watch for new programs each week at www.arnoldit.com/wordpress.
Kenny Toth, November 27, 2018
When we talk about all the wonderful opportunities for crowdsourcing, we often think about everything from network building to cake recipes. Very rarely do we think about governments crowdsourcing and even less frequently do we think about the benefits of sharing malware. But that’s exactly what’s happening and we couldn’t speak more highly of this choice. We learned more in a recent ZDNet story, “US Cyber Command Starts Uploading Foreign APT Malware to VirusTotal.”
According to the story:
“The Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command (USCYBERCOM), set in motion a new initiative through which the DOD would share malware samples it discovered on its networks with the broader cybersecurity community.”
What is VirusTotal? It’s a unique organization that works a little like the Center for Disease Control, in that they keep a running bank of all malware and viruses on the internet. What this does, is allows experts to investigate these nasty elements and keep us safe. The CNMF is a great resource to team with VirusTotal and we hope good things stem from this. Oddly, one thing we did discover is that VirusTotal is owned by Google, which has the potential to make for strange bedfellows someday.
Patrick Roland, November 19, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, Government, News | Comments Off on US Government to Crowdsource Malware
DarkCyber, Stephen E Arnold’s video news program about the Dark Web and lesser known Internet services, is now available. You can view the video at www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/296379232.
This week’s program includes four stories.
Bing and Google allegedly display content not appropriate to some users. Bing suggests links to content related to images not suitable for young people. Google allegedly returns results to YouTube videos which explain how to purchase illegal substances on the Dark Web. DarkCyber’s research team verified that content some individuals may find problematic do appear in search results. YouTube “how to” videos are findable by exploring pages deeper in a Google search result set; for example, pages six and following. The conclusion is that even when “safe search” features are activated links to topics which may be interpreted as offensive are easy to find, even for novice Web searchers.
The second story reveals that old school exploits and hacks have found a new lease on life. Bad actors are using standard office software and widely used utilities to obtain access to confidential information, employee email, and customer data. The method involves luring an employee to click on a link such as a document allegedly containing a list of employees at another company. Once the document is opened, a known vulnerability in Microsoft Office Dynamic Data Exchange is used to take over the target’s computer. DarkCyber reveals the simple fix to use to protect from this old school exploit.
The third story presents information about the system and method used by the now defunct Psy-Group. This firm has been identified as an organization of interest in the Robert Mueller investigation of President Donald Trump’s alleged interactions related to the 2016 election. DarkCyber walks through the principal components of a psychological operation designed to push the hot buttons of individuals associated with certain topics and political ideas. The DarkCyber video includes a link to additional documents related to the Psy-Group’s methods, which appear to be similar to those used by Cambridge Analytica.
The final story provides information about the decrease in Facebook usage in 2017. However, among one group, Facebook has become a must have social network. This user group is law enforcement officers. These professionals adopt false personas and work to obtain access to closed Facebook groups in order to gather information related to an investigation. The use of false personas is becoming a standard practice, and the data gathered are admissible in certain proceedings.
Beginning on October 30, 2018, DarkCyber presents a four part series about Amazon’s policeware initiative. The videos explain the importance of the Department of Defense’s JEDI procurement, the principal components of Amazon’s machine learning system, how Amazon will work to create a new type of vendor lock in, and the use of the Amazon policeware platform as a jumping off point for regulatory services in the US and expansion of its customer base outside the United States.
Kenny Toth, October 23, 2018
DarkCyber for September 18, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/290147202 .
This week’s DarkCyber video news program covers … Bitfury’s deanonymization service and its unusual sales approach… the loss of UK law enforcement laptops… facial recognition for law enforcement challenged by tech company employees… and X1 and its eDiscovery system with Dark Web content support.
The first story explains that Bitfury, a UK company with an interesting staff line up, offers digital currency deanonymization services. The company’s approach to sales, however, is unusual. Specifically, the company refused to explain its services at a recent law enforcement conference. DarkCyber continues to recommend that agencies interested in digital currency deanonymization look at services available from Chainalysis and Elliptic, two companies which do explain their services to security and enforcement officials.
The second story reports that UK media pointed out that in one year, UK law enforcement lost 60 laptops. With tens of thousands of officers and operators, DarkCyber states that the alleged problem is blown out of proportion. Bad actors attempt to obtain laptops, mobiles, and other computing devices in order to compromise investigations. DarkCyber asserts that the loss of 60 laptops illustrates the good job UK authorities do with regard to preventing loss of laptops.
The third story describes the Amazon DeepLens system. In addition to explaining how this Amazon camera integrates with Amazon’s machine learning and analytics subsystems, DarkCyber reports that neither Amazon, IBM, or any other US company was able to sell their technology to Ecuador. That country purchased a state-of-the-art Chinese developed system. With employee pushback against their employers’ work for the US government, US facial recognition technology may find itself at a disadvantage with regard to technical development and system innovation.
The final story covers the X1 eDiscovery system for social content. The X1 technology can now acquire and process social media information as well as some Dark Web content. Instead of directly scraping Dark Web sites, the X1 method relies on the Tor2Web.org service. The new product costs about $2,000 per year. DarkCyber explains where to download a 14-day free trial.
Kenny Toth, September 18, 2018
Cryptocurrency like Bitcoin has long been the Dark Web’s favorite way of doing illegal business transactions. However, the technology that it is built upon is opening up and providing law enforcement with an interesting weapon, as we discovered in a recent CoinPick story, “Use of BitCoin Over Dark Web Has Dropped, but DEA Wants Criminals to Keep Using Cryptocurrencies.”
According to the piece:
“This is where blockchain plays a very important part. Even though Bitcoin does not carry IDs, the transactions being available on a distributive ledger are accessible to the public. The investigators can track the funds and apprehend Individuals related to criminal activity this way. Infante further stated: The blockchain actually gives us a lot of tools to be able to identify people.”
By exploiting the platform’s weaknesses, law enforcement is zeroing in on illegal activity. We expect this to become more and more common thanks to the fact that police are beginning to familiarize themselves with it for run-of-the-mill internal programs as well as high level crimefighting. This gap is being bridged and one of two things will happen: Either cryptocurrency crime will be wiped out, or the bad guys will have to find a new way to stay hidden.
In Stephen E Arnold’s upcoming lecture in Washington, DC, attendees will learn that bad actors need to be aware of a new intelligence service. The provider? Amazon. More details will be shared in a DarkCyber video after Stephen returns.
Patrick Roland, September 4, 2018
DarkCyber for September 4, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/287783314.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers three Dark Web and security related stories.
The first story addresses Gephi, an open graph visualization platform. Unlike Excel, Gephi is a platform. The software system can be a useful complement to blockchain deanonymization tasks. An analyst can perform link analysis; that is, what hyperlink or item leads to another. The Gephi One feature allows the user to turn a graphical representation and explore it in three dimensions. A user can interact with the data, drilling down into a cluster or popping up one or more levels to see how a particular item relates to a broader grouping of data. The system can manipulate up to one million nodes and edges. Some commercial tools struggle to deal with more than a handful of nodes and edges. The video includes a link at which Gephi can be downloaded.
The second story describes a vehicle tracking and surveillance innovation called Zoomed. Developed by Cameroonia computer whiz Zuo Bruno, the system does not require the Internet. Instead, Zuo Bruno devised a system which operates via SMS. Once the device is placed in a vehicle, the location of the vehicle can be determined by placing a mobile call to the Zoomed device. The device drops the call and messages the location and other data of the vehicle. The Zoomed technology can perform other functions as well; for example, the audio in the vehicle can be recorded and the vehicle can be disabled.
The third story describes a free account takeover alerting service or ATO from Truthfinder. The idea is that after a person registers for the service, Truthfinder will notify that individual when his personal information is discovered by the monitoring service. DarkCyber explains how to sign up for the service and how to disable the notifications if they become a burden.
Kenny Toth, September 4, 2018
Applause are due to the European Union, who have instituted a unique plan for battling online extremism. We learned more about this tactic and were able to think about its potential stress points from reading an interesting Inquirer article, “EU Wants Tech Firms to Remove Terror Content Within an Hour of Facetimes.”
According to the story:
“In March, legislation passed that presented the hour-long purge window, but it was only marked under voluntary guidelines. But it looks like tech firms aren’t volunteering to work to these guidelines so the EU wants to force them to do so by imposing fines on firms that are blasé about terrorism-related materials on their services, networks and platforms.”
This is a very exciting prospect in the war on disinformation and violence planned online. However, it’s not time to celebrate quite yet. As reported recently, the EU is a complex machine itself and several countries failed to step in line with the cybersecurity deadline that loomed this summer. Beyond that, we are very curious to see how the various nations and governing bodies work together to oversee this new security measure. We hope it makes some headway, but will be watching from afar.
Patrick Roland, September 3, 2018
Next week, the publisher of Beyond Search and producer of DarkCyber (Stephen E Arnold) will be delivering a lecture in Washington, DC. The subject? The “new” Dark Web. Encrypted chat is becoming the go to system for certain types of information and product / service transactions.
What’s the angle?
The meteoric rise of group text and chatting tool, WhatsApp, has been well documented. In a world of tangled social media webs, this seemed like a smaller, more concentrated way to get updates from friends and family. However, the app has made some recent additions that may take it more toward the Facebooks and Twitters of the world. We learned more in a recent Make Use Of story, “The Best New WhatsApp Features You Might Have Missed.”
Among the new tools:
“Catch-up: A new @ button appears at the bottom right corner of the chat when you’ve been mentioned by someone, or if someone has quoted you, while you were away. It’s easier to catch up on something you might have missed.
“Protection From Re-Adding: WhatsApp groups don’t need your consent to add you to a group. Now, if you leave that group, an admin can’t just add you back immediately.”
In addition, there are search features and tools for deleting messages. It should come as no surprise that the program’s co-founder is a former (technically current) Facebook employee. Is this a step toward becoming a more direct competitor of the social giant? But encrypted chat has larger implications. If you are in DC, write Stephen at darkcyber333 at yandex dot com. You might be able to set up a short meet up at a physical coffee shop. No chat required.
Patrick Roland, August 29, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, Dark Web, News | Comments Off on WhatsApp Veering Closer to Traditional Social Media
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/284579347 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers four Dark Web and security related stories.
The first story presents data about online drug sellers. The estimated number of vendors is in the 30,000 to 50,000 range. DarkCyber points out that such data are likely to be uncertain. Estimates of online sources for controlled substances are based on difficult-to-verify data. DarkCyber reports that as many as one half of the prescription drugs sold online may be fakes.
The second story reports that the Dark Web is changing. The shift from Tor-centric Web sites to encrypted chat and messaging systems is underway. Encrypted chat complicates the work of law enforcement and intelligence professionals. Plus, encrypted chat sessions can trigger mob actions which can spiral out of control and without warning. A lynching in India may be the direct result of forwarded encrypted chat messages.
The third story provides a snapshot of the NC4 policeware system Street Smart. A popular US magazine referenced the company without providing details about the system and its functions. DarkCyber explains that information about the software system are available on the NC4 Web site and in videos publicly available on YouTube.
The final story explains how 3D printing makes it comparatively easy for an individual to create what is called a “ghost gun.” The 3D printed weapon does not have an identification number, so tracing the gun is difficult. DarkCyber points out that copyright issues and regulations concerning the manufacture of weapons will consume time, money, and human resources.
Kenny Toth, August 14, 2018
The goal, most agree, is to keep sensitive information out of the hands of hackers and crooks, right? European officials might be planning to fly directly in the face of that logic, after we read a recent article in The Register, “Think Tank Calls for Post-Brexit National ID Cards: The Kids Have Phones, So What’s The Difference?”
Things got dicey here:
“The government intends to assign EU citizens unique numbers based on either a passport or national ID card number…he system will be accessed via GOV.UK or a smartphone app, and the report praised the security and privacy credentials promised for the database of citizen numbers…The data will be kept on Home Office servers in a tier 3 data centre, with individual pieces of information stored and encrypted separately.”
So, let’s get this straight? All of Europe will have its personal information on file in one location and they are just publicly telling the bad guys where to find it? What could go wrong? Google seems to be rolling out a program to warn governments when they are being hacked, which makes Google more “useful” to certain authorities.
But bad actors gravitate to data collections which have significant value. The ID card repository may become a high profile target.
Patrick Roland, August 9, 2018
Written by Stephen E. Arnold · Filed Under cybercrime, cybersecurity, News | Comments Off on Europe Creates a Potential Target for Bad Actors
« Previous Page — Next Page »
