Surprise, Most Dark Web Content Is Legal
November 21, 2016
If you have been under the impression that Dark Web is that big chunk of the Internet where all activities and content is illegal, you are wrong.
In a news report published by Neowin, and titled Terbium Labs: Most of the Dark Web Content, Visible Through Tor, Is Legal reveals:
Contrary to popular belief that the majority of the dark web, accessible through Tor is mostly legal… or offline! With extremism making up just a minuscule 0.2% of the content looked at.
According to this Quora thead, Dark Web was developed by US Military and Intelligence to communicate with their assets securely. The research started in 1995 and in 1997, mathematicians at Naval Research Laboratory developed The Onion Router Project or Tor. People outside Military Intelligence started using Tor to communicate with others for various reasons securely. Of course, people with ulterior motives spotted this opportunity and began utilizing Tor. This included arms and drug dealers, human traffickers, pedophiles. Mainstream media thus propagated the perception that Dark Web is an illegal place where criminal actors lurk, and all content is illegal.
Terbium Labs study indicates that 47.7% of content is legal and rest is borderline legal in the form of hacking services. Very little content is technically illegal like child pornography, arms dealing, drug dealing, and human trafficking related.
The Dark Web, however, is not a fairyland where illegal activities do not occur. As the news report points out:
While this report does prove that seedy websites exist on the dark web, they are in fact a minority, contradictory to what many popular news reports would have consumers believe.
Multiple research agencies have indicated that most content is legal on Dark Web with figures to back that up. But they still have not revealed, what this major chunk of legal content is made of? Any views?
Vishal Ingole, November 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hacking the Internet of Things
November 17, 2016
Readers may recall that October’s DoS attack against internet-performance-management firm Dyn, which disrupted web traffic at popular sites like Twitter, Netflix, Reddit, and Etsy. As it turns out, the growing “Internet of Things (IoT)” facilitated that attack; specifically, thousands of cameras and DVRs were hacked and used to bombard Dyn with page requests. CNet examines the issue of hacking through the IoT in, “Search Engine Shodan Knows Where Your Toaster Lives.”
Reporter Laura Hautala informs us that it is quite easy for those who know what they’re doing to access any and all internet-connected devices. Skilled hackers can do so using search engines like Google or Bing, she tells us, but tools created for white-hat researchers, like Shodan, make the task even easier. Hautala writes:
While it’s possible hackers used Shodan, Google or Bing to locate the cameras and DVRs they compromised for the attack, they also could have done it with tools available in shady hacker circles. But without these legit, legal search tools, white hat researchers would have a harder time finding vulnerable systems connected to the internet. That could keep cybersecurity workers in a company’s IT department from checking which of its devices are leaking sensitive data onto the internet, for example, or have a known vulnerability that could let hackers in.
Even though sites like Shodan might leave you feeling exposed, security experts say the good guys need to be able to see as much as the bad guys can in order to be effective.
Indeed. Like every tool ever invented, the impacts of Shodan depend on the intentions of the people using it.
Cynthia Murrell, November 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
European Companies Help Egypt Spy on Citizens
June 2, 2016
It seems that, as Egypt was brutally repressing citizens during the massive protests of 2010 and 2011, European companies were selling citizen-surveillance tech to that country’s secret spy agency. Hammerhead Combat Systems shares the article, “Espionage Files: European Companies Sold Spy Tech to a Secret Egyptian Intelligence Unit Amid Brutal Repression.” The article cites a report from Privacy International; writer Namir Shabibi tells us:
“The investigation, entitled ‘The President’s Men? Inside the Technical Research Department, the secret player in Egypt’s intelligence infrastructure,’ is the first to shed light on the growth of the TRD intelligence unit, its pivotal role in Egyptian intelligence apparatus and its links to European companies.
“The TRD’s growth is consistent with claims by human rights defenders that the Egyptian security service was in reality untouched by the revolution. Instead, it quietly went about strengthening itself under the cover of political turmoil.
“The report implicates two European companies in the sale of surveillance technology to TRD. At the time of mass protests in Egypt between 2010-11, it claims Nokia Siemens Networks provided the TRD mass surveillance capabilities including an interception management system and a monitoring center.
“Moreover, according to Privacy International, leaked emails from Italian surveillance equipment seller Hacking Team dated from last year show that it expected to earn a million euros from the sale of intrusive surveillance technologies to the unit. The technology would allow TRD complete access to the computers and smartphones of targeted individuals.”
Note that Nokia Siemens owns Trovicor, which does real-time surveillance and intercepts. The article states that former President Hosni Mubarak used the TRD to fight his political opponents and that the system may date back as far as Anwar Sadat’s rule. Seemingly unabashed, Hacking Team asserts they are in compliance with Italian regulations. On the other hand, European Member of Parliament Marietje Schaake suspects these two companies have violated existing EU rules and, if not, insists new rules must be created immediately. See the piece (originally published at Vice News), or navigate to the Privacy International report itself, for more details.
Cynthia Murrell, June 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
How Hackers Hire
May 7, 2016
Ever wonder how hackers fill job openings, search-related or otherwise? A discussion at the forum tehPARADOX.COM considers, “How Hackers Recruit New Talent.” Poster MorningLightMountain cites a recent study by cybersecurity firm Digital Shadows, which reportedly examined around 100 million websites, both on the surface web and on the dark web, for recruiting practices. We learn:
“The researchers found that the process hackers use to recruit new hires mirrors the one most job-seekers are used to. (The interview, for example, isn’t gone—it just might involve some anonymizing technology.) Just like in any other industry, hackers looking for fresh talent start by exploring their network, says Rick Holland, the vice president of strategy at Digital Shadows. ‘Reputation is really, really key,’ Holland says, so a candidate who comes highly recommended from a trusted peer is off to a great start. When hiring criminals, reputation isn’t just about who gets the job done best: There’s an omnipresent danger that the particularly eager candidate on the other end of the line is actually an undercover FBI agent. A few well-placed references can help allay those fears.”
Recruiters, we’re told, frequently advertise on hacker forums. These groups reach many potential recruits and are often password-protected. However, it is pretty easy to trace anyone who logs into one without bothering to anonymize their traffic. Another option is to advertise on the dark web— researchers say they even found a “sort of Monster.com for cybercrime” there.
The post goes on to discuss job requirements, interviews, and probationary periods. We’re reminded that, no matter how many advanced cybersecurity tools get pushed to market, most attack are pretty basic; they involve approaches like denial-of-service and SQL injection. So, MorningLightMountain advises, any job-seeking hackers should be good to go if they just keep up those skills.
Cynthia Murrell, May 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hackers Revive Dark Web Forum Called Hell
February 8, 2016
After personal details of over four million Adult Friend Finder users was found on the Dark Web site called Hell, this notorious internet hacking forum was shut down by authorities around July 2015. Reported by Instant Tricks, an article Hell is back with Hell Reloaded on the Dark Web explains Hell is currently accessible again on the Dark Web. The article states,
“The exact date of the website’s returning on-line is troublesome to determine, for the posts don’t have a date next to them for security functions. However, judgement by the quantity of posts, it’s honest to mention that the web site came back simply over every week past. Hell is a web portal on the Dark internet that’s employed by hackers everywhere the globe to share their hacking tricks moreover as transfer and post taken knowledge.”
Hell is one of the world’s largest hacking forums on the Dark Web and, as such, is difficult to imagine the site will ever kick the bucket. Interestingly, in its re-emergence, it has been rendered with the same branding as if nothing had changed. “Stephen E Arnold’s Dark Web Notebook” describes this Dark Web resource. We recommend this read for security, law enforcement and information technology officials as these industries’ landscapes evolve due to the enduring presence of sites like Hell on the Dark Web.
Megan Feil, February 08, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Know Thy Hacker
December 10, 2015
Writer Alastair Paterson at SecurityWeek suggests that corporations and organizations prepare their defenses by turning a hacking technique against the hackers in, “Using an Attacker’s ‘Shadow’ to Your Advantage.” The article explains:
“A ‘digital shadow’ is a subset of a digital footprint and consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary. Adversaries can exploit these digital shadows to reveal weak points in an organization and launch targeted attacks. This is not necessarily a bad thing, though. Some digital shadows can prove advantageous to your organization; the digital shadows of your attackers. The adversary also casts a shadow similar to that of private and public corporations. These ‘shadows’ can be used to better understand the threat you face. This includes attacker patterns, motives, attempted threat vectors, and activities. Armed with this enhanced understanding, organizations are better able to assess and align their security postures.”
Paterson observes that one need not delve into the Dark Web to discern these patterns, particularly when the potential attacker is a “hactivist” (though one can find information there, too, if one is so bold). Rather, hactivists often use social media to chronicle their goals and activities. Monitoring these sources can give a company clues about upcoming attacks through records like target lists, responsibility claims, and discussions on new hacking techniques. Keeping an eye on such activity can help companies build appropriate defenses.
Cynthia Murrell, December 10, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Insight Into the Zero-Day Vulnerability Business
August 14, 2015
An ironic security breach grants a rare glimpse into the workings of an outfit that sells information on security vulnerabilities, we learn from “Hacking Team: a Zero-Day Market Case Study” at Vlad Tsyrklevich’s blog. Software weak spots have become big business. From accessing sensitive data to installing secret surveillance software, hackers hunt for chinks in the armor and sell that information to the highest (acceptable) bidder. It seems to be governments, mostly, that purchase this information, but corporations and other organizations can be in the market, as well. The practice is, so far, perfectly legal, and vendors swear they only sell to the good guys. One of these vulnerability vendors is Italian firm Hacking Team, known for its spying tools. Hacking Team itself was recently hacked, its email archives exposed.
Blogger Vlad Tsyrklevich combs the revealed emails for information on the market for zero-day (or 0day) vulnerabilities. These security gaps are so named because once the secret is out, the exposed party has “zero days” to fix the vulnerability before damage is done. Some may find it odd just how prosaic the procedure for selling zero-days appears. The article reveals:
“Buyers follow standard technology purchasing practices around testing, delivery, and acceptance. Warranty and requirements negotiations become necessary in purchasing a product intrinsically predicated on the existence of information asymmetry between the buyer and the seller. Requirements—like targeted software configurations—are important to negotiate ahead of time because adding support for new targets might be impossible or not worth the effort. Likewise warranty provisions for buyers are common so they can minimize risk by parceling out payments over a set timeframe and terminating payments early if the vulnerability is patched before that timeframe is complete. Payments are typically made after a 0day exploit has been delivered and tested against requirements, necessitating sellers to trust buyers to act in good faith. Similarly, buyers purchasing exploits must trust the sellers not to expose the vulnerability or share it with others if it’s sold on an exclusive basis.”
The post goes on to discuss pricing, product reliability, and the sources of Hacking Team’s offerings. Tsyrklevich compiles specifics on dealings between Hacking Team and several of its suppliers, including the companies Netragard, Qavar, VUPEN, Vulnerabilities Brokerage International, and COSEINC, as well as a couple of freelancing individuals. See the article for more on each of these (and a few more under “miscellaneous”). Tsyrklevich notes that, though the exposure of Hacking Team’s emails has prompted changes to the international export-control agreement known as the Wassenaar Arrangement, the company itself seems to be weathering the exposure just fine. In fact, their sales are reportedly climbing.
Cynthia Murrell, August 14, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
