First Surface Web Map of the Dark Web
April 15, 2016
Interested in a glimpse of the Dark Web without downloading Tor and navigating it yourself? E-Forensics Magazine published Peeling back the onion part 1: Mapping the Dark Web by Stuart Peck, which shares an overview of services and content in this anonymity-oriented internet. A new map covering the contents of the Dark Web, the first one to do so, was launched recently by a ZeroDayLab key partner, and threat intelligence service Intelliagg. The write-up explains,
“But this brings me to my previous point why is this map so important? Until recently, it had been difficult to understand the relationships between hidden services, and more importantly the classification of these sites. As a security researcher, understanding hidden services, such as private chat forums and closed sites, and how these are used to plan and discuss potential campaigns, such as DDoS, Ransom Attacks, Kidnapping, Hacking, and Trading of Vulnerabilities and leaked data, is key to protecting our clients through proactive threat intelligence.”
Understanding the layout of an online ecosystem is an important first step for researchers or related business ventures. But what about a visualization showing these web services are connected to functions, such as financial and other services, with brick-and-mortar establishments? It is also important to that while this may be the first Surface Web map of the Dark Web, many navigational “maps” on .onion sites that have existed as long as users began browsing on Tor.
Megan Feil, April 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Microsoft Azure Plans Offers Goldilocks and Three Bears Strategy to Find Perfect Fit
April 15, 2016
The article on eWeek titled Microsoft Debuts Azure Basic Search Tier relates the perks of the new plan from Microsoft, namely, that it is cheaper than the others. At $75 per month (and currently half of for the preview period, so get it while it’s hot!) the Basic Azure plan has lower capacity when it comes to indexing, but that is the intention. The completely Free plan enables indexing of 10,000 documents and allows for 50 megabytes of storage, while the new Basic plan goes up to a million documents. The more expensive Standard plan costs $250/month and provides for up to 180 million documents and 300 gigabytes of storage. The article explains,
“The new Basic tier is Microsoft’s response to customer demand for a more modest alternative to the Standard plans, said Liam Cavanagh, principal program manager of Microsoft Azure Search, in a March 2 announcement. “Basic is great for cases where you need the production-class characteristics of Standard but have lower capacity requirements,” he stated. Those production-class capabilities include dedicated partitions and service workloads (replicas), along with resource isolation and service-level agreement (SLA) guarantees, which are not offered in the Free tier.”
So just how efficient is Azure? Cavanagh stated that his team measured the indexing performance at 15,000 documents per minute (although he also stressed that this was with batches organized into groups of 1,000 documents.) With this new plan, Microsoft continues its cloud’s search capabilities.
Chelsea Kerwin, April 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Force of the Dark Web May Not Need Sides
April 14, 2016
The name “Dark Web” has sensational language written all over it. Such a label calls for myth-busting articles to be published, such as the recent one from Infosecurity Magazine, The Dark Web — Is It All Bad?. This piece highlights the opinions of James Chappell, CTO and Co-founder of Digital Shadows, who argues the way the Dark Web is portrayed in the media pigeonholes sites accessible by Tor as for criminal purposes. Chappell is quoted,
“Looking at some of the press coverage you could be forgiven for thinking that the Dark Web is solely about criminality,” he told Infosecurity. “In reality, this is not the case and there are many legitimate uses alongside the criminal content that can be found on these services. Significantly – criminality is an internet-wide problem, rather than exclusively a problem limited to just the technologies that are labelled with the Dark Web.”
The author’s allusion to Star Wars’ divided force, between supposed “good” and “bad” seems an appropriate analogy to the two sides of the internet. However, with a slightly more nuanced perspective, could it not be argued that Jedi practices, like those of the Sith, are also questionable? Binaries may be our preferred cultural tropes, as well as the building blocks of computer software programming, but let’s not forget the elements of variability: humans and time.
Megan Feil, April 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Battlefield Moves Online Forming Cyber Industrial Complex
April 13, 2016
Undoubtedly, in recent decades many processes and products have moved online. Warfare may not be exempt from this migration. Meet The Cyber-Industrial Complex: Private Contractors May Get $7B Windfall From Pentagon’s Cyberwar On ISIS, an article from International Business Times, tells us more. Defense Secretary Ashton Carter recently confirmed U.S. development of digital weapons and training of online soldiers. According to the article,
“Cyberwar threatens to cause havoc worldwide, but it could be good for the U.S. economy and a handful of publicly listed companies. Defense Secretary Ashton Carter, as part of a $582.7 billion budget request to fund his department through 2017, recently said nearly $7 billion of that will be allocated toward improving the military’s ability to develop and deploy offensive cyberweapons. That’s great news for a number of private contractors, who stand to benefit from the spending., and the highly skilled individuals they may end up hiring.”
The article explains these capabilities have been utilized by the U.S. in the past, such as the Kosovo war, but now the U.S. is claiming these tools and tactics. It is an interesting leap to visualize what attacks will evolve to look like on an online battlefield. Equally interesting is the article’s point about conflict being a business opportunity for some; it may also be true to say more problems, more money.
Megan Feil, April 13, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
ID Agent Alerts Government Contractors to Cyber Risk
April 12, 2016
All kinds of information shows up on the Dark Web, including thousands of emails of federal contractors. A recent article from Fierce Government IT, Report: Thousands of contractor emails found on Dark Web, shares several findings from a study conducted by ID Agent, a firm promoting its Dark Web security intelligence product. The study, “Federal Supply Chain Analysis: Cyber Threats from the Dark Web” relied on historical data loss information regarding numbers of email accounts stolen to analyze contracting areas based on their cyber risk.
The write-up expands on where ID Agent sees opportunity,
“Having cyber criminals with access to these accounts is scary enough, but malicious actors operating on the Dark Web have also taken many more forms in recent years. “While stolen personal information is concerning, national and corporate espionage continues to play a major role in the activities conducted via the Dark Web,” the report noted. ID Agent is by no means a disinterested party in disclosing the risk of these email accounts, as it hopes to market its Dark Web ID product that regularly provides this sort of threat intelligence to customers. Still, the study’s findings are a wake-up call to government contractors and the agencies employing them.”
ID Agent uses a proprietary algorithm for situating the risk of various companies and organizations. While this is a new market space, they are certainly not the only game in town when it comes to security and intelligence solutions which take the Dark Web into account. This appears to be an expanding ecosystem.
Megan Feil, April 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
FBI Runs Child Porn Website to Take down Child Porn Website
April 12, 2016
The article on MotherBoard titled How The FBI Located Suspected Administrator of the Dark Web’s Largest Child Porn Site provides a comprehensive overview of the events that led to the FBI being accused of “outrageous conduct” for operating a child pornography site for just under two weeks in February of 2015 in order to take down Playpen, a dark web child porn service. The article states,
“In order to locate these users in the real world, the agency took control of Playpen and operated it from February 20 to March 4 in 2015, deploying a hacking tool to identify visitorsof the site. The FBI hacked computers in the US, Greece, Chile, and likely elsewhere.
But, in identifying at least two high ranking members of Playpen, and possibly one other, the FBI relied on information provided by a foreign law enforcement agency (FLA), according to court documents.”
Since the dial-up era, child pornographers have made use of the Internet. The story of comedian Barry Crimmins exposing numerous child pornographers who were using AOL’s early chat rooms to share their pictures is a revealing look at that company’s eagerness to turn a blind eye. In spite of this capitulation, the dark web is the current haven for such activities, and the February 2015 hacking project was the largest one yet.
Chelsea Kerwin, April 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
==
Newly Launched Terbium Software to Monitor Dark Web for Enterprise
April 11, 2016
Impacting groups like Target to JP Morgan Chase, data breaches are increasingly common and security firms are popping up to address the issue. The article Dark Web data hunter Terbium Labs secures $6.4m in fresh funding from ZDNet reports Terbium Labs received $6.4 million in Series A funding. Terbium Labs released software called Matchlight which provides real-time surveillance of the Dark Web and alerts enterprises when their organization’s data surfaces. Consumer data, sensitive company records, and trade secrets are among the types of data for which enterprises are seeking protection. We learned,
“Earlier this month, cloud security firm Bitglass revealed the results of an experiment focused on how quickly stolen data spreads through the Dark Web. The company found that within days, financial credentials leaked to the underground spread to 30 countries across six continents with thousands of users accessing the information.”
While Terbium appears to offer value for stopping a breach once it’s started, what about preventing such breaches in the first place? Perhaps there are opportunities for partnerships with Terbium and players in the prevention arena. Or, then again, maybe companies will buy piecemeal services from individual vendors.
Megan Feil, April 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cybercriminal Talent Recruitment Moves Swiftly on the Dark Web
April 8, 2016
No matter the industry, it’s tough to recruit and keep talent. As the Skills shortage hits hackers published by Infosecurity Magazine reports, cybercriminals are no exception. Research conducted by Digital Shadows shows an application process exists not entirely dissimilar from that of tradition careers. The jobs include malware writers, exploit developers, and botnet operators. The article explains how Dark Web talent is recruited,
“This includes job ads on forums or boards, and weeding out people with no legitimate technical skills. The research found that the recruitment process often requires strong due diligence to ensure that the proper candidates come through the process. Speaking to Infosecurity, Digital
Shadows’ Vice President of Strategy Rick Holland said that in the untrusted environment of the attacker, reputation is as significant as in the online world and if someone does a bad job, then script kiddies and those who have inflated their abilities will be called out.”
One key difference cited is the hiring timeline; the Dark Web moves quickly. As you might imagine, apparently only a short window of opportunity to cash in stolen credit cards. The sense of urgency related to many Dark Web activities suggests speedier cybersecurity solutions are on the scene. As cybercrime-as-a-service expands, criminals’ efforts and attacks will only be swifter.
Megan Feil, April 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
UK Cybersecurity Director Outlines Agencys Failures in Ongoing Cyberwar
April 8, 2016
The article titled GCHQ: Spy Chief Admits UK Agency Losing Cyberwar Despite £860M Funding Boost on International Business Times examines the surprisingly frank confession made by Alex Dewdney, a director at the Government Communications Headquarters (GCHQ). He stated that in spite of the £860M funneled into cybersecurity over the past five years, the UK is unequivocally losing the fight. The article details,
“To fight the growing threat from cybercriminals chancellor George Osborne recently confirmed that, in the next funding round, spending will rocket to more than £3.2bn. To highlight the scale of the problem now faced by GCHQ, Osborne claimed the agency was now actively monitoring “cyber threats from high-end adversaries” against 450 companies across the UK aerospace, defence, energy, water, finance, transport and telecoms sectors.”
The article makes it clear that search and other tools are not getting the job done. But a major part of the problem is resource allocation and petty bureaucratic behavior. The money being poured into cybersecurity is not going towards updating the “legacy” computer systems still in place within GCHQ, although those outdated systems represent major vulnerabilities. Dewdney argues that without basic steps like migrating to an improved, current software, the agency has no hope of successfully mitigating the security risks.
Chelsea Kerwin, April 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Potential Corporate Monitoring Concerns Tor Users
April 7, 2016
The Dark Web has been seen as a haven by anyone interested in untraceable internet activity. However, a recent article from Beta News, Tor Project says Google, CloudFlare and others are involved in dark web surveillance and disruption, brings to light the potential issue of Tor traffic being monitored. A CDN and DDoS protection service called CloudFlare has introduced CAPTCHAs and cookies to Tor for monitoring purpose and accusations about Google and Yahoo have also been made. The author writes,
“There are no denials that the Tor network — thanks largely to the anonymity it offers — is used as a platform for launching attacks, hence the need for tools such as CloudFlare. As well as the privacy concerns associated with CloudFlare’s traffic interception, Tor fans and administrators are also disappointed that this fact is being used as a reason for introducing measures that affect all users. Ideas are currently being bounced around about how best to deal with what is happening, and one of the simpler suggestions that has been put forward is adding a warning that reads “Warning this site is under surveillance by CloudFlare” to sites that could compromise privacy.”
Will a simple communications solution appease Tor users? Likely not, as such a move would essentially market Tor as providing the opposite service of what users expect. This will be a fascinating story to see unfold as it could be the beginning of the end of the Dark Web as it is known, or perhaps the concerns over loss of anonymity will fuel further innovation.
Megan Feil, April 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
