Cybersecurity Technologies Fueled by Artificial Intelligence
December 28, 2016
With terms like virus being staples in the cybersecurity realm, it is no surprise the human immune system is the inspiration for the technology fueling one relatively new digital threat defense startup. In the Tech Republic article, Darktrace bolsters machine learning-based security tools to automatically attack threats, more details and context about Darktrace’s technology and positioning was revealed. Founded in 2013, Darktrace recently announced they raised $65 million to help fund their expansion globally. Four products, including their basic cyber threat defense solution called Darktrace, comprise their product suite. The article expands on their offerings:
Darktrace also offers its Darktrace Threat Visualizer, which provides analysts and CXOs with a high-level, global view of their enterprise. Darktrace Antigena complements the core Darktrace product by automatically defends against potential threats that have been detected, acting as digital “antibodies.” Finally, the Industrial Immune System is a version of Darktrace designed for Industrial Control Systems (ICS). The key value provided by Darktrace is the fact that it relies on unsupervised machine learning, and it is able to detect threats on its own without much human interaction.
We echo this article’s takeaway that machine learning and other artificial intelligence technologies continue to grow in the cybersecurity sector. The attention on AI is only building in this industry and others. Perhaps the lack of AI is particularly well-suited to cybersecurity as it’s behind-the-scenes nature that of Dark Web related crimes.
Megan Feil, December 28, 2016
For Sale: Government Web Sites at a Bargain
December 21, 2016
We trust that government Web sites are safe and secure with our information as well as the data that keeps our countries running. We also expect that government Web sites have top of the line security software and if they did get hacked, they would be able to rectify the situation in minutes. Sadly, this is not the case says Computer World, because they posted an article entitled, “A Black Market Is Selling Access To Hacked Government Servers For $6.”
If you want to access a government server or Web site, all you need to do is download the Tor browser, access the xDedic marketplace on the Dark Web, and browse their catalog of endless government resources for sale. What is alarming is that some of these Web sites are being sold for as little as six dollars!
How did the xDedic “merchants” get access to these supposed secure government sites? It was through basic trial and error using different passwords until they scored a hit. Security firm Kaspersky Lab weighs in:
It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors,’ Kaspersky said.
Criminal hackers can use the servers to send spam, steal data such as credit card information, and launch other types of attack…Once buyers have done their work, the merchants put the server back up for sale. The inventory is constantly evolving.
It is believed that the people who built the xDedic are Russian-speakers, possibly from a country with that as a language. The Web site is selling mostly government site info from the Europe, Asia, and South America. The majority of the Web sites are marked as “other”, however. Kaspersky track down some of the victims and notified them of the stolen information.
The damage is already done. Governments should be investing in secure Web software and testing to see if they can hack into them to prevent future attacks. The Dark Web scores again.
Whitney Grace, December 21, 2016
Googles Bid for AI Dominance
December 14, 2016
Google‘s dominance on our digital lives cannot be refuted. The tech giant envisages that the future of computing will be Artificial Intelligence (AI), and the search engine leader is all set to dominate it once again.
Arabian Business in a feature article titled Inside Google’s Brave New World, the author says:
The $500bn technology giant is extending its reach into hardware and artificial intelligence, ultimately aiming to create a sophisticated robot that can communicate with smart-device users to get things done.
The efforts can be seen in the form of company restructuring and focus on developing products and hardware that can host its sophisticated AI-powered algorithms. From wearable devices to in-home products like Google Home, the company is not writing powerful algorithms to answer user queries but is also building the hardware that will seamlessly integrate with the AI.
Though these advances might mean more revenue for the company and its shareholders, with Google controlling every aspect of our working lives, the company also needs to address the privacy concerns with equal zeal. As the author points out:
However, with this comes huge responsibility and a host of ethical and other policy issues such as data privacy and cybersecurity, which Google says its teams are working to resolve on a day-to-day basis.
Apart from Google, other tech companies like Amazon, Microsoft, Facebook and Apple too are in the race for AI dominance. However, the privacy concerns remain there too as the end user never knows, how and where the data collected will be used.
Vishal Ingole, December 14, 2016
Hacking Federal Agencies Now a Childs Play
October 12, 2016
A potentially dangerous malware called GovRat that is effective in cyber-espionage is available on Dark Web for as low as $1,000.
IBTimes recently published an article Malware used to target US Government and military being sold on Dark Web in which the author states –
The evolved version of GovRat, which builds on a piece of malware first exposed in November last year, can be used by hackers to infiltrate a victim’s computer, remotely steal files, upload malware or compromised usernames and passwords.
The second version of this malware has already caused significant damage. Along with it, the seller is also willing to give away credentials to access US government servers and military groups.
Though the exact identity of the creator of GovRat 2.0 is unknown, the article states:
Several of these individuals are known as professional hackers for hire,” Komarovexplained. He cited one name as ROR [RG] – a notorious hacker who previously targeted Ashley Madison, AdultFriendFinder and the Turkish General Directorate of Security (EGM).
Data of large numbers of federal employees are already compromised and details like email, home address, login IDs and hashed passwords are available for anyone who can pay the price.
InfoArmor a cybersecurity and identity protection firm while scanning the Dark Web forums unearthed this information and has already passed on the details to relevant affected parties. The extent of the damage is unknown, the stolen information can be used to cause further damage.
Vishal Ingole, October 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Enterprise Technology Perspective on Preventing Security Breaches
September 16, 2016
When it comes to the Dark Web, the enterprise perspective wants solutions to prevent security breaches. Fort Scale released an article, Dark Web — Tor Use is 50% Criminal Activity — How to Detect It, speaking to this audience. This write-up explains the anonymizer Tor as The Onion Router, a name explained by the multiple layers used to hide an IP address and therefore the user’s identity. How does the security software works to detect Tor users? We learned,
There are a couple of ways security software can determine if a user is connecting via the Tor network. The first way is through their IP address. The list of Tor relays is public, so you can check whether the user is coming from a known Tor relay. It’s actually a little bit trickier than that, but a quality security package should be able to alert you if user behaviors include connecting via a Tor network. The second way is by looking at various application-level characteristics. For example, a good security system can distinguish the differences between a standard browser and a Tor Browser because among other things,Tor software won’t respond to certain history requests or JavaScript queries.
Many cybersecurity software companies that exist offer solutions that monitor the Dark Web for sensitive data, which is more of a recovery strategy. However, this article highlights the importance of cybersecurity solutions which monitor enterprise systems usage to identify users connecting through Tor. While this appears a sound strategy to understand the frequency of Tor-based users, it will be important to know whether these data-producing software solutions facilitate action such as removing Tor users from the network.
Megan Feil, September 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Six Cybercriminal Archetypes from BAE Systems
July 11, 2016
Tech-security firm BAE Systems has sketched out six cybercriminal types, we learn from “BAE Systems Unmasks Today’s Cybercriminals” at the MENA Herald. We’re told the full descriptions reveal the kinds of havoc each type can wreak, as well as targeted advice for thwarting them. The article explains:
“Threat intelligence experts at BAE Systems have revealed ‘The Unusual Suspects’, built on research that demonstrates the motivations and methods of the most common types of cybercriminal. The research, which is derived from expert analysis of thousands of cyber attacks on businesses around the world. The intention is to help enterprises understand the enemies they face so they can better defend against cyber attack.”
Apparently, such intel is especially needed in the Middle East, where cybercrime was recently found to affect about 30 percent of organizations. Despite the danger, the same study from PwC found that regional companies were not only unprepared for cyber attacks, many did not even understand the risks.
The article lists the six cybercriminal types BAE has profiled:
“The Mule – naive opportunists that may not even realise they work for criminal gangs to launder money;
The Professional – career criminals who ‘work’ 9-5 in the digital shadows;
The Nation State Actor – individuals who work directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities;
The Activist – motivated to change the world via questionable means;
The Getaway – the youthful teenager who can escape a custodial sentence due to their age;
The Insider – disillusioned, blackmailed or even over-helpful employees operating from within the walls of their own company.”
Operating in more than 40 countries, BAE Systems is committed to its global perspective. Alongside its software division, the company also produces military equipment and vehicles. Founded in 1999, the company went public in 2013. Unsurprisingly, BAE’s headquarters are in Arlington, Virginia, just outside of Washington DC. As of this writing, they are also hiring in several locations.
Cynthia Murrell, July 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Computer Chip Inspired by a Brain
July 6, 2016
Artificial intelligence is humanity’s attempt to replicate the complicated thought processes in their own brains through technology. IBM is trying to duplicate the human brain and they have been successful in many ways with supercomputer Watson. The Tech Republic reports that IBM has another success under their belt, except to what end? Check out the article, “IBM’s Brain-Inspired Chip TrueNorth Changes How Computers ‘Think,’ But Experts Question Its Purpose.”
IBM’s TrueNorth is the first computer chip with an one million neuron architecture. The chip is a collaboration between Cornell University and IBM with the BARPA SyNAPSE Program, using $100 million in public funding. Most computer chips use the Von Neumann architecture, but the TrueNorth chip better replicates the human brain. TrueNorth is also more energy efficient.
What is the purpose of the TrueNorth chip, however? IBM created an elaborate ecosystem that uses many state of the art processes, but people are still wondering what the real world applications are:
“ ‘…it provides ‘energy-efficient, always-on content generation for wearables, IoT devices, smartphones.’ It can also give ‘real-time contextual understanding in automobiles, robotics, medical imagers, and cameras.’ And, most importantly, he said, it can ‘provide volume-efficient, unprecedented neural network acceleration capability per unit volume for cloud-based streaming processing and provide volume, energy, and speed efficient multi-modal sensor fusion at an unprecedented neural network scale.’”
Other applications include cyber security, other defense goals, and large scale computing and hardware running on the cloud. While there might be practical applications, people still want to know why IBM made the chip?
” ‘It would be as if Henry Ford decided in 1920 that since he had managed to efficiently build a car, we would try to design a car that would take us to the moon,’ [said Nir Shavit, a professor at MIT’s Computer Science and Artificial Intelligence Laboratory]. ‘We know how to fabricate really efficient computer chips. But is this going to move us towards Human quality neural computation?’ Shavit fears that its simply too early to try to build neuromorphic chips. We should instead try much harder to understand how real neural networks compute.’”
Why would a car need to go to the moon? It would be fun to go to the moon, but it doesn’t solve a practical purpose (unless we build a civilization on the moon, although we are a long way from that). It continues:
” ‘The problem is,’ Shavit said, ‘that we don’t even know what the problem is. We don’t know what has to happen to a car to make the car go to the moon. It’s perhaps different technology that you need. But this is where neuromorphic computing is.’”
In other words, it is the theoretical physics of computer science.
Whitney Grace, July 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
DuckDuckGo Sees Apparent Exponential Growth
July 1, 2016
The Tor-enabled search engine DuckDuckGo has received attention recently for being an search engine that does not track users. We found their activity report that shows a one year average of their direct queries per day. DuckDuckGo launched in 2008 and offers an array of options to prevent “search leakage”. Their website defines this term as the sharing of personal information, such as the search terms queried. Explaining a few of DuckDuckGo’s more secure search options, their website states:
“Another way to prevent search leakage is by using something called a POST request, which has the effect of not showing your search in your browser, and, as a consequence, does not send it to other sites. You can turn on POST requests on our settings page, but it has its own issues. POST requests usually break browser back buttons, and they make it impossible for you to easily share your search by copying and pasting it out of your Web browser’s address bar.
Finally, if you want to prevent sites from knowing you visited them at all, you can use a proxy like Tor. DuckDuckGo actually operates a Tor exit enclave, which means you can get end to end anonymous and encrypted searching using Tor & DDG together.”
Cybersecurity and privacy have become hot topics since Edward Snowden made headlines in 2013, which is notably when DuckDuckGo’s exponential growth begins to take shape. Recognition of Tor also became more mainstream around that time, 2013, which is when the Silk Road shutdown occurred, placing the Dark Web in the news. It appears that starting a search engine focused on anonymity in 2008 was not such a bad idea.
Megan Feil, July 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Banks as New Dark Web Educators
June 15, 2016
The Dark Web and deep web can often get misidentified and confused by readers. To take a step back, Trans Union’s blog offers a brief read called, The Dark Web & Your Data: Facts to Know, that helpfully addresses some basic information on these topics. First, a definition of the Dark Web: sites accessible only when a physical computer’s unique IP address is hidden on multiple levels. Specific software is needed to access the Dark Web because that software is needed to encrypt the machine’s IP address. The article continues,
“Certain software programs allow the IP address to be hidden, which provides anonymity as to where, or by whom, the site is hosted. The anonymous nature of the dark web makes it a haven for online criminals selling illegal products and services, as well as a marketplace for stolen data. The dark web is often confused with the “deep web,” the latter of which makes up about 90 percent of the Internet. The deep web consists of sites not reachable by standard search engines, including encrypted networks or password-protected sites like email accounts. The dark web also exists within this space and accounts for approximately less than 1 percent of web content.”
For those not reading news about the Dark Web every day, this seems like a fine piece to help brush up on cybersecurity concerns relevant at the individual user level. Trans Union is on the pulse in educating their clients as banks are an evergreen target for cybercrime and security breaches. It seems the message from this posting to clients can be interpreted as one of the “good luck” variety.
Megan Feil, June 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Emerging Technology May Have Application for Security
June 6, 2016
New technologies for use in security are increasingly receiving attention. An article, Lip-reading technology ‘could capture what people on CCTV say’ claim researchers from Mirror discusses one example. The University of East Anglia in Norwich developed what is called a visual speech recognition technology. The purpose is to identify what people are saying in situations where audio is not good enough to hear. One application mentioned is for videos recorded from security cameras. The post describes more,
“Helen Bear, from the university’s school of computing science, said the technology could be applied to a wide range of situations from criminal investigations to entertainment. She added: “Lip-reading has been used to pinpoint words footballers have shouted in heated moments on the pitch, but is likely to be of most practical use in situations where there are high levels of noise, such as in cars or aircraft cockpits. “Crucially, whilst there are still improvements to be made, such a system could be adapted for use for a range of purposes – for example, for people with hearing or speech impairments.” Some sounds like “P” and “B” look similar on the lips and have traditionally been hard to decipher, the researchers said.”
Whether in real life or online, security and cybersecurity efforts and technologies are making headlines, keeping pace with security threats and breaches. It is interesting that applications for emerging technologies like this have such a range, but this particular technology seems to be rooted in brick-and-mortar security. We think there is a need for more focus on security as it relates to the Dark Web.
Megan Feil, June 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
