Browse > Home /

New Terrorism and Technology Reports Released

October 11, 2016

Attempting to understand the level of threat a terrorist organization poses continues to be difficult. DefenseSystems.com published Report: Electronic jihad grows in sophistication, which shares the cyber-jihad survey from the Institute for Critical Infrastructure Technology. The authors of this survey present social media and other cyberspace tools to be “the great equalizer” in warfare. In addition to social media, there are a few hacker groups which have launched attacks on western websites and Arab media: the Cyber Caliphate, the dedicated hacker division of the Islamic State, and the Terrorist Team for Electronic Jihad. The write-up explains,

The cyber jihad survey notes that ISIS has mostly dedicated its expanding offensive cyber capabilities to specific social media accounts, including the Twitter and YouTube accounts of U.S. Central Command. Offensive capabilities are thought to include the use of malware, insider threats and “preconfigured tools.” Malware efforts have included spear-phishing emails containing malware designed to sweep up the IP addresses and geolocation data about anti-ISIS groups in the ISIS stronghold of Raqqa, Syria. As ISIS and other cyber-jihadists become more sophisticated and aggressive, experts worry that they will eventually attempt more audacious attacks.

However, a report from the federal government suggests ISIS’ Twitter traffic dropped 45 percent in the past two years. While terrorist group’s technology may be expanding in the arena of offensive strikes, officials believe the decline in Twitter popularity suggests recruitment may be slowing. We think there needs to more analysis of recruitment via Dark Web.

Megan Feil, October 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Government, News, Twitter | Comments Off on New Terrorism and Technology Reports Released 

CloudFlare Claims Most Activity from Tor Is Malicious

June 28, 2016

Different sources suggest varying levels of malicious activity on Tor. Tech Insider shared an article responding to recent claims about Tor made by CloudFlare. The article, entitled, Google Search has a secret feature that shouts animal noises at you, offers information about CloudFlare’s perspective and that of the Tor Project. CloudFlare reports most requests from Tor, 94 percent, are “malicious” and the Tor Project has responded by requesting evidence to justify the claim. Those involved in the Tor Project have a hunch the 94 percent figure stems from CloudFlare attributing the label of “malicious” to any IP address that has ever sent spam. The article continues,

“We’re interested in hearing CloudFlare’s explanation of how they arrived at the 94% figure and why they choose to block so much legitimate Tor traffic. While we wait to hear from CloudFlare, here’s what we know: 1) CloudFlare uses an IP reputation system to assign scores to IP addresses that generate malicious traffic. In their blog post, they mentioned obtaining data from Project Honey Pot, in addition to their own systems. Project Honey Pot has an IP reputation system that causes IP addresses to be labeled as “malicious” if they ever send spam to a select set of diagnostic machines that are not normally in use. CloudFlare has not described the nature of the IP reputation systems they use in any detail.”

This article raises some interesting points, but also alludes to more universal problems with making sense of any information published online. An epistemology about technology, and many areas of study, is like chasing a moving target. Knowledge about technology is complicated by the relationship between technology and information dissemination. The important questions are what does one know about Tor and how does one know about it?

 

Megan Feil, June 28, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Cloud computing, Data, Google, News, Publishing | Comments Off on CloudFlare Claims Most Activity from Tor Is Malicious 

Banks as New Dark Web Educators

June 15, 2016

The Dark Web and deep web can often get misidentified and confused by readers. To take a step back, Trans Union’s blog offers a brief read called, The Dark Web & Your Data: Facts to Know, that helpfully addresses some basic information on these topics. First, a definition of the Dark Web: sites accessible only when a physical computer’s unique IP address is hidden on multiple levels. Specific software is needed to access the Dark Web because that software is needed to encrypt the machine’s IP address. The article continues,

“Certain software programs allow the IP address to be hidden, which provides anonymity as to where, or by whom, the site is hosted. The anonymous nature of the dark web makes it a haven for online criminals selling illegal products and services, as well as a marketplace for stolen data. The dark web is often confused with the “deep web,” the latter of which makes up about 90 percent of the Internet. The deep web consists of sites not reachable by standard search engines, including encrypted networks or password-protected sites like email accounts. The dark web also exists within this space and accounts for approximately less than 1 percent of web content.”

For those not reading news about the Dark Web every day, this seems like a fine piece to help brush up on cybersecurity concerns relevant at the individual user level. Trans Union is on the pulse in educating their clients as banks are an evergreen target for cybercrime and security breaches. It seems the message from this posting to clients can be interpreted as one of the “good luck” variety.

 

Megan Feil, June 15, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Data, Education, Legal matters, News, Privacy, Security | Comments Off on Banks as New Dark Web Educators 

Websites Found to Be Blocking Tor Traffic

June 8, 2016

Discrimination or wise precaution? Perhaps both? MakeUseOf tells us, “This Is Why Tor Users Are Being Blocked by Major Websites.” A recent study (PDF) by the University of Cambridge; University of California, Berkeley; University College London; and International Computer Science Institute, Berkeley confirms that many sites are actively blocking users who approach through a known Tor exit node. Writer Philip Bates explains:

“Users are finding that they’re faced with a substandard service from some websites, CAPTCHAs and other such nuisances from others, and in further cases, are denied access completely. The researchers argue that this: ‘Degraded service [results in Tor users] effectively being relegated to the role of second-class citizens on the Internet.’ Two good examples of prejudice hosting and content delivery firms are CloudFlare and Akamai — the latter of which either blocks Tor users or, in the case of Macys.com, infinitely redirects. CloudFlare, meanwhile, presents CAPTCHA to prove the user isn’t a malicious bot. It identifies large amounts of traffic from an exit node, then assigns a score to an IP address that determines whether the server has a good or bad reputation. This means that innocent users are treated the same way as those with negative intentions, just because they happen to use the same exit node.”

The article goes on to discuss legitimate reasons users might want the privacy Tor provides, as well as reasons companies feel they must protect their Websites from anonymous users. Bates notes that there  is not much one can do about such measures. He does point to Tor’s own Don’t Block Me project, which is working to convince sites to stop blocking people just for using Tor. It is also developing a list of best practices that concerned sites can follow, instead. One site, GameFAQs, has reportedly lifted its block, and CloudFlare may be considering a similar move. Will the momentum build, or must those who protect their online privacy resign themselves to being treated with suspicion?

 

Cynthia Murrell, June 8, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Database, News, Privacy, Search, Security, Technology | Comments Off on Websites Found to Be Blocking Tor Traffic 

Surfing Safely on the Dark Web

March 29, 2016

The folks at Alphr want us to be safe if we venture onto the Dark Web, so they offer guidance in their article, “Is the Dark Web Safe?” The short answer, of course, is “parts of it.” Writer Thomas McMullan notes that, while the very act of accessing hidden sites through Tor is completely legal, it is easy to wander into illegal territory. He writes:

“‘Safe’ is a bit of a vague term. There is much of worth to be found on the dark web, but by its nature it is not as safe as the surface-level internet. You can only access pages by having a direct link (normally with a .onion suffix) and while that makes it harder to accidentally stumble across illegal content, you’re only a click away from some pretty horrible stuff. What’s more, the government is cracking down on illegal material on the dark web. In November 2015, it was announced that GCHQ and the National Crime Agency (NCA) would be joining forces to tackle serious crimes and child pornography on the dark web. Director of GCHQ Robert Hannigan said that the new Joint Operations Cell (JOC) will be ‘committed to ensuring no part of the internet, including the dark web, can be used with impunity by criminals to conduct their illegal acts’.”

The article goes on to note that plugins which can present a false IP address, like Ghostery, exist. However, McMullan advises that it is best to stay away from anything that seems questionable. You have been warned.

 

Cynthia Murrell, March 29, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, News, Security, Technology | Comments Off on Surfing Safely on the Dark Web 

VPN Disables Right to Be Forgotten for Users in European Union

March 24, 2016

Individuals in the European Union have been granted legal protection to request unwanted information about themselves be removed from search engines. An article from Wired, In Europe,You’ll Need a VPN to See Real Google Search Results, explains the latest on the European Union’s “right to be forgotten” laws. Formerly, privacy requests would only scrub sites with European country extensions like .fr, but now Google.com will filter results for privacy for those with a European IP address. However, European users can rely on a VPN to enable their location to appear as if it were from elsewhere. The article offers context and insight,

“China has long had its “Great Firewall,” and countries like Russia and Brazil have tried to build their own barriers to the outside ‘net in recent years. These walls have always been quite porous thanks to VPNs. The only way to stop it would be for Google to simply stop allowing people to access its search engine via a VPN. That seems unlikely. But with Netflix leading the way in blocking access via VPNs, the Internet may yet fracture and localize.”

The demand for browsing the web using surreptitious methods, VPN or otherwise, only seems to be increasing. Whether motivations are to uncover personal information about certain individuals, watch Netflix content available in other countries or use forums on the Dark Web, the landscape of search appears to be changing in a major way.

 

Megan Feil, March 24, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Google, Marketing, News, Search, Technology | 2 Comments 

  • Archives

  • Recent Posts

  • Meta