Internet Watch Fund Teams with Blockchain Forensics Startup
December 29, 2016
A British charity is teaming up with an online intelligence startup specializing in Bitcoin. The Register reports on this in their piece called, Bitcoin child abuse image pervs will be hunted down by the IWF. The Internet Watch Foundation, with the help of a UK blockchain forensics start-up, Elliptic, aims to identify individuals who use Bitcoin to purchase child abuse images online. The IWF will provide Elliptic with a database of Bitcoin addresses and Elliptic takes care of the rest. We learned,
The IWF has identified more than 68,000 URLs containing child sexual abuse images. UNICEF Malaysia estimates two million children across the globe are affected by sexual exploitation every year. Susie Hargreaves, IWF CEO, said, “Over the past few years, we have seen an increasing amount of Bitcoin activity connected to purchasing child sexual abuse material online. Our new partnership with Elliptic is imperative to helping us tackle this criminal use of Bitcoin.” The collaboration means Elliptic’s clients will be able to automatically monitor transactions they handle for any connection to proceeds of child sex abuse.
Machine learning and data analytics technologies are used by Elliptic to collect actionable evidence for law enforcement and intelligence agencies. The interesting piece of this technology, and others like it, is that it runs perhaps as surreptitiously in the background as those who use the Dark Web and Bitcoin for criminal activity believe they do.
Megan Feil, December 29, 2016
Cybersecurity Technologies Fueled by Artificial Intelligence
December 28, 2016
With terms like virus being staples in the cybersecurity realm, it is no surprise the human immune system is the inspiration for the technology fueling one relatively new digital threat defense startup. In the Tech Republic article, Darktrace bolsters machine learning-based security tools to automatically attack threats, more details and context about Darktrace’s technology and positioning was revealed. Founded in 2013, Darktrace recently announced they raised $65 million to help fund their expansion globally. Four products, including their basic cyber threat defense solution called Darktrace, comprise their product suite. The article expands on their offerings:
Darktrace also offers its Darktrace Threat Visualizer, which provides analysts and CXOs with a high-level, global view of their enterprise. Darktrace Antigena complements the core Darktrace product by automatically defends against potential threats that have been detected, acting as digital “antibodies.” Finally, the Industrial Immune System is a version of Darktrace designed for Industrial Control Systems (ICS). The key value provided by Darktrace is the fact that it relies on unsupervised machine learning, and it is able to detect threats on its own without much human interaction.
We echo this article’s takeaway that machine learning and other artificial intelligence technologies continue to grow in the cybersecurity sector. The attention on AI is only building in this industry and others. Perhaps the lack of AI is particularly well-suited to cybersecurity as it’s behind-the-scenes nature that of Dark Web related crimes.
Megan Feil, December 28, 2016
For Sale: Government Web Sites at a Bargain
December 21, 2016
We trust that government Web sites are safe and secure with our information as well as the data that keeps our countries running. We also expect that government Web sites have top of the line security software and if they did get hacked, they would be able to rectify the situation in minutes. Sadly, this is not the case says Computer World, because they posted an article entitled, “A Black Market Is Selling Access To Hacked Government Servers For $6.”
If you want to access a government server or Web site, all you need to do is download the Tor browser, access the xDedic marketplace on the Dark Web, and browse their catalog of endless government resources for sale. What is alarming is that some of these Web sites are being sold for as little as six dollars!
How did the xDedic “merchants” get access to these supposed secure government sites? It was through basic trial and error using different passwords until they scored a hit. Security firm Kaspersky Lab weighs in:
It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors,’ Kaspersky said.
Criminal hackers can use the servers to send spam, steal data such as credit card information, and launch other types of attack…Once buyers have done their work, the merchants put the server back up for sale. The inventory is constantly evolving.
It is believed that the people who built the xDedic are Russian-speakers, possibly from a country with that as a language. The Web site is selling mostly government site info from the Europe, Asia, and South America. The majority of the Web sites are marked as “other”, however. Kaspersky track down some of the victims and notified them of the stolen information.
The damage is already done. Governments should be investing in secure Web software and testing to see if they can hack into them to prevent future attacks. The Dark Web scores again.
Whitney Grace, December 21, 2016
UN Addresses Dark Web Drug Trade
December 16, 2016
Because individual nations are having spotty success fighting dark-web-based crime, the United Nations is stepping up. DeepDotWeb reports, “UN Trying to Find Methods to Stop the Dark Web Drug Trade.” The brief write-up cites the United Nation’s Office on Drugs and Crime’s (UNODC’s) latest annual report, which reveals new approaches to tackling drugs on the dark web. The article explains why law-enforcement agencies around the world have been having trouble fighting the hidden trade. Though part of the problem is technical, another is one of politics and jurisdiction. We learn:
Since most of the users use Tor and encryption technologies to remain hidden while accessing dark net marketplaces and forums, law enforcement authorities have trouble to identify and locate their IP addresses. …
Police often finds itself trapped within legal boundaries. The most common legal issues authorities are facing in these cases are which jurisdiction should they use, especially when the suspect’s location is unknown. There are problems regarding national sovereignties too. When agencies are hacking a dark net user’s account, they do not really know which country the malware will land to. For this reason, the UNODC sees a major issue when sharing intelligence when it’s not clear where in the world that intelligence would be best used.
The write-up notes that the FBI has been using tricks like hacking Dark Net users and tapping into DOD research. That agency is also calling for laws that would force suspects to decrypt their devices upon being charged. In the meantime, the UNODC supports the development of tools that will enhance each member state’s ability to “collect and exploit digital evidence.” To see the report itself, navigate here, where you will find an overview and a link to the PDF.
Cynthia Murrell, December 16, 2016
Nobody Really Knows What Goes on over Dark Web
December 16, 2016
While the mainstream media believes that the Dark Web is full of dark actors, research by digital security firms says that most content is legal. It only says one thing; the Dark Web is still a mystery.
The SC Magazine in an article titled Technology Helping Malicious Business on the Dark Web Grow says:
The Dark Web has long had an ominous appeal to Netizens with more illicit leanings and interests. But given a broadening reach and new technologies to access this part of the web and obfuscate dealings here, the base of dark web buyers and sellers is likely growing.
On the other hand, the article also says:
But despite its obvious and well-earned reputation for its more sinister side, at least one researcher says that as the dark web expands, the majority of what’s there is actually legal. In its recent study, intelligence firm Terbium Labs found that nearly 55 percent of all the content on the dark web is legal in nature, meaning that it may be legal pornography, or controversial discussions, but it’s not explicitly illegal by U.S. law.
The truth might be entirely different. The Open Web is equally utilized by criminals for carrying out their illegal activities. The Dark Web, accessible only through Tor Browser allows anyone to surf the web anonymously. We may never fully know if the Dark Web is the mainstay of criminals or of individuals who want to do their work under the cloak of anonymity. Till then, it’s just a guessing game.
Vishal Ingole, December 16, 2016
Victims of Their Own Foolishness
December 15, 2016
Incidences of law enforcement agencies arresting criminals for selling their services on Dark Web are increasing. However, their success can be attributed to the foolishness of the criminals, rather than technological superiority.
Cyber In Sight in a news report titled IcyEagle: A Look at the Arrest of an Alleged Dark Web Vendor, the reporter says:
the exact picture of how law enforcement has managed to track down and identify Glende remains unclear, the details released so far, provide an interesting behind the scenes view of the cybercrime-related postings we often highlight on this blog.
The suspect in this case inadvertently gave details of his service offerings on AlphaBay. Cops were able to zero on his location and managed to put him under arrest for drug peddling. The report reveals further:
An undercover officer purchased stolen bank account information from IcyEagle in March and April 2016, according to the indictment. Interestingly, Glende was also arrested by local police for selling drugs around the same time. A tip from U.S. Postal Inspectors led to police officers finding a “trove” of drugs at his Minnesota home in March.
It is thus apparent that the criminals, in general, are of the opinion that since they are selling on Dark Web, they are untraceable, which clearly is not the case. The trace, however, was possible only because the suspect handed it over himself. Hackers and real cyber criminals are still out of the ambit of law enforcement agencies, which needs to change soon.
Vishal Ingole, December 15, 2016
The Information Not Accuracy Age
December 7, 2016
The impact of Google on our lives is clear through the company’s name being used colloquially as a verb. However, Quantum Run reminds us of their impact, quantifiable, in their piece called All hail Google. Google owns 80% of the smartphone market with over a billion android devices. Gmail’s users tally at 420 million users and Chrome has 800 million users. Also, YouTube, which Google owns, has one billion users. An interesting factoid the article pairs with these stats is that 94% of students equate Google with research. The article notes:
The American Medical association voices their concerns over relying on search engines, saying, “Our concern is the accuracy and trustworthiness of content that ranks well in Google and other search engines. Only 40 percent of teachers say their students are good at assessing the quality and accuracy of information they find via online research. And as for the teachers themselves, only five percent say ‘all/almost all’ of the information they find via search engines is trustworthy — far less than the 28 percent of all adults who say the same.
Apparently, cybercondria is a thing. The article correctly points to the content housed on the deep web and the Dark Web as untouched by Google. The major question sparked by this article is that we now have to question the validity of all the fancy numbers Quantum Run has reported.
Megan Feil, December 7, 2016
Want to Get Published in a Science Journal? Just Dole out Some Cash
December 7, 2016
A Canadian, Tom Spears has managed to publish a heavily plagiarized paper in a science journal by paying some cash. Getting published in a scientific and medical journal helps in advancing the career. ‘
In an article published by SlashDot titled Science Journals Caught Publishing Fake Research For Cash, the author says:
In 2014, journalist Tom Spears intentionally wrote “the world’s worst science research paper…a mess of plagiarism and meaningless garble” — then got it accepted by eight different journals. He did it to expose journals which follow the publish-for-a-fee model, “a fast-growing business that sucks money out of research, undermines genuine scientific knowledge, and provides fake credentials for the desperate.
This is akin to students enlisting services of hackers over Dark Web to manipulate their grades and attendance records. However, in this case, there is no need of Dark Web or Tor browser. Paying some cash is sufficient.
The root of the problem can be traced to OMICS International, an India-based publishing firm that is buying publication companies of these medical journals and publishing whatever is sent to them for cash. In standard practice, the paper needs to be peer-reviewed and also checked for plagiarism before it is published. As written earlier, the separation line between the Dark and Open web seems to be thinning and one day will disappear altogether.
Vishal Ingole, December 7, 2016
In Connected World, Users Are Getting Reared as Slaughter Animals
November 22, 2016
Yahoo, Facebook, Google, WhatsApp, Instagram and Microsoft all have one thing in common; for any service that they provide for free, they are harnessing your private data to be sold to advertisers.
Mirror UK recently published an Op-Ed titled Who Is Spying on You? What Yahoo Hack Taught Us About Facebook, Google, and WhatsApp in which the author says:
Think about this for a second. All those emails you’ve written and received with discussions about politics and people that were assumed to be private and meant as inside jokes for you and your friends were being filtered through CIA headquarters. Kind of makes you wonder what you’ve written in the past few years, doesn’t it?
The services be it free email or free instant messaging have been designed and developed in such a way that the companies that own them end up with a humongous amount of information about its users. This data is sugarcoated and called as Big Data. It is then sold to advertisers and marketers who in the garb of providing immersive and customized user experience follow every click of yours online. This is akin to rearing animals for slaughtering them later.
The data is not just for sale to the corporates; law enforcement agencies can snoop on you without any warrants. As pointed out in the article:
While hypocritical in many ways, these tech giants are smart enough to know who butters their bread and that the perception of trust outweighs the reality of it. But isn’t it the government who ultimately ends up with the data if a company is intentionally spying on us and building a huge record about each of us?
None of the tech giants accept this fact, but most are selling your data to the government, including companies like Samsung that are into the hardware business.
Is there are a way that can help you evade this online snooping? Probably no if you consider mainstream services and social media platforms. Till then, if you want to stay below the radar, delete your accounts and data on all mainstream email service providers, instant messaging apps, service providing websites and social media platform.
Vishal Ingole, November 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Surprise, Most Dark Web Content Is Legal
November 21, 2016
If you have been under the impression that Dark Web is that big chunk of the Internet where all activities and content is illegal, you are wrong.
In a news report published by Neowin, and titled Terbium Labs: Most of the Dark Web Content, Visible Through Tor, Is Legal reveals:
Contrary to popular belief that the majority of the dark web, accessible through Tor is mostly legal… or offline! With extremism making up just a minuscule 0.2% of the content looked at.
According to this Quora thead, Dark Web was developed by US Military and Intelligence to communicate with their assets securely. The research started in 1995 and in 1997, mathematicians at Naval Research Laboratory developed The Onion Router Project or Tor. People outside Military Intelligence started using Tor to communicate with others for various reasons securely. Of course, people with ulterior motives spotted this opportunity and began utilizing Tor. This included arms and drug dealers, human traffickers, pedophiles. Mainstream media thus propagated the perception that Dark Web is an illegal place where criminal actors lurk, and all content is illegal.
Terbium Labs study indicates that 47.7% of content is legal and rest is borderline legal in the form of hacking services. Very little content is technically illegal like child pornography, arms dealing, drug dealing, and human trafficking related.
The Dark Web, however, is not a fairyland where illegal activities do not occur. As the news report points out:
While this report does prove that seedy websites exist on the dark web, they are in fact a minority, contradictory to what many popular news reports would have consumers believe.
Multiple research agencies have indicated that most content is legal on Dark Web with figures to back that up. But they still have not revealed, what this major chunk of legal content is made of? Any views?
Vishal Ingole, November 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
