For Sale: Government Web Sites at a Bargain
December 21, 2016
We trust that government Web sites are safe and secure with our information as well as the data that keeps our countries running. We also expect that government Web sites have top of the line security software and if they did get hacked, they would be able to rectify the situation in minutes. Sadly, this is not the case says Computer World, because they posted an article entitled, “A Black Market Is Selling Access To Hacked Government Servers For $6.”
If you want to access a government server or Web site, all you need to do is download the Tor browser, access the xDedic marketplace on the Dark Web, and browse their catalog of endless government resources for sale. What is alarming is that some of these Web sites are being sold for as little as six dollars!
How did the xDedic “merchants” get access to these supposed secure government sites? It was through basic trial and error using different passwords until they scored a hit. Security firm Kaspersky Lab weighs in:
It is a hacker’s dream, simplifying access to victims, making it cheaper and faster, and opening up new possibilities for both cybercriminals and advanced threat actors,’ Kaspersky said.
Criminal hackers can use the servers to send spam, steal data such as credit card information, and launch other types of attack…Once buyers have done their work, the merchants put the server back up for sale. The inventory is constantly evolving.
It is believed that the people who built the xDedic are Russian-speakers, possibly from a country with that as a language. The Web site is selling mostly government site info from the Europe, Asia, and South America. The majority of the Web sites are marked as “other”, however. Kaspersky track down some of the victims and notified them of the stolen information.
The damage is already done. Governments should be investing in secure Web software and testing to see if they can hack into them to prevent future attacks. The Dark Web scores again.
Whitney Grace, December 21, 2016
In Pursuit of Better News Online
December 20, 2016
Since the death of what we used to call “newspapers,” Facebook and Twitter have been gradually encroaching on the news business. In fact, Facebook recently faced criticism for the ways it has managed its Trending news stories. Now, the two social media firms seem to be taking responsibility for their roles, having joined an alliance of organizations committed to more competent news delivery. The write-up, “Facebook, Twitter Join Coalition to Improve Online News” at Yahoo News informs us about the initiative:
First Draft News, which is backed by Google [specifically Google News Lab], announced Tuesday that some 20 news organizations will be part of its partner network to share information on best practices for journalism in the online age. Jenni Sargent, managing director of First Draft, said the partner network will help advance the organization’s goal of improving news online and on social networks.
Filtering out false information can be hard. Even if news organizations only share fact-checked and verified stories, everyone is a publisher and a potential source,’ she said in a blog post. ‘We are not going to solve these problems overnight, but we’re certainly not going to solve them as individual organizations.
Sargent said the coalition will develop training programs and ‘a collaborative verification platform,’ as well as a voluntary code of practice for online news.
We’re told First Draft has been pursuing several projects since it was launched last year, like working with YouTube to verify user-generated videos. The article shares their list of participants; it includes news organizations from the New York Times to BuzzFeed, as well as other interested parties, like Amnesty International and the International Fact-Checking Network. Will this coalition succeed in restoring the public’s trust in our news sources? We can hope.
Cynthia Murrell, December 20, 2016
Potential Tor Browser Vulnerability Reported
December 19, 2016
Over at Hacker Noon, blogger “movrcx” reveals a potential vulnerability chain that he says threatens the entire Tor Browser ecosystem in, “Tor Browser Exposed: Anti-Privacy Implantation at Mass Scale.” Movrcx says the potential avenue for a massive hack has existed for some time, but taking advantage of these vulnerabilities would require around $100,000. This could explain why movrcx’s predicted attack seems not to have taken place. Yet. The write-up summarizes the technique:
Anti-Privacy Implantation at Mass Scale: At a high-level the attack path can be described by the following:
*Attacker gains custody of an addons.mozilla.org TLS certificate (wildcard preferred)
*Attacker begins deployment of malicious exit nodes
*Attacker intercepts the NoScript extension update traffic for addons.mozilla.org
*Attacker returns a malicious update metadata file for NoScript to the requesting Tor Browser
*The malicious extension payload is downloaded and then silently installed without user interaction
*At this point remote code execution is gained
*The attacker may use an additional stage to further implant additional software on the machine or to cover any signs of exploitation
This attack can be demonstrated by using Burp Suite and a custom compiled version of the Tor Browser which includes a hardcoded root certificate authority for transparent man-in-the-middle attacks.
See the article for movrcx’s evidence, reasoning, and technical details. He emphasizes that he is revealing this information in the hope that measures will be taken to nullify the potential attack chain. Preferably before some state or criminal group decides to invest in leveraging it.
Cynthia Murrell, December 19, 2016
Increasingly Sophisticated Cybercrime
December 8, 2016
What a deal! Pymnts.com tells us that “Hacked Servers Sell for $6 On The Dark Web.” Citing recent research from Kapersky Lab, the write-up explains:
Kaspersky Lab researchers exposed a massive global underground market selling more than 70,000 hacked servers from government entities, corporations and universities for as little as $6 each.
The cybersecurity firm said the newly discovered xDedic marketplace currently has a listing of 70,624 hacked Remote Desktop Protocol (RDP) servers for sale. It’s reported that many of the servers either host or provide access to consumer sites and services, while some have software installed for direct mail, financial accounting and POS processing, Kaspersky Lab confirmed.
Kapersky’s Costin Raiu notes the study is evidence that “cybercrime-as-a-service” is growing, and has been developing its own, well-organized infrastructure. He also observes that the victims of these criminals are not only the targets of attack, but the unwitting server-owners. xDedic, he says, represents a new type of cybercriminal marketplace.
Kapersky Lab recommends organizations take these precautions:
*Implement multi-layered approach to IT infrastructure security that includes a robust security solution
*Use of strong passwords in server authentication processes
*Establish an ongoing patch management process
*Perform regular security audits of IT infrastructures
*Invest in threat intelligence services”
Stay safe, dear readers.
Cynthia Murrell, December 8, 2016
Surprise, Most Dark Web Content Is Legal
November 21, 2016
If you have been under the impression that Dark Web is that big chunk of the Internet where all activities and content is illegal, you are wrong.
In a news report published by Neowin, and titled Terbium Labs: Most of the Dark Web Content, Visible Through Tor, Is Legal reveals:
Contrary to popular belief that the majority of the dark web, accessible through Tor is mostly legal… or offline! With extremism making up just a minuscule 0.2% of the content looked at.
According to this Quora thead, Dark Web was developed by US Military and Intelligence to communicate with their assets securely. The research started in 1995 and in 1997, mathematicians at Naval Research Laboratory developed The Onion Router Project or Tor. People outside Military Intelligence started using Tor to communicate with others for various reasons securely. Of course, people with ulterior motives spotted this opportunity and began utilizing Tor. This included arms and drug dealers, human traffickers, pedophiles. Mainstream media thus propagated the perception that Dark Web is an illegal place where criminal actors lurk, and all content is illegal.
Terbium Labs study indicates that 47.7% of content is legal and rest is borderline legal in the form of hacking services. Very little content is technically illegal like child pornography, arms dealing, drug dealing, and human trafficking related.
The Dark Web, however, is not a fairyland where illegal activities do not occur. As the news report points out:
While this report does prove that seedy websites exist on the dark web, they are in fact a minority, contradictory to what many popular news reports would have consumers believe.
Multiple research agencies have indicated that most content is legal on Dark Web with figures to back that up. But they still have not revealed, what this major chunk of legal content is made of? Any views?
Vishal Ingole, November 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hacking the Internet of Things
November 17, 2016
Readers may recall that October’s DoS attack against internet-performance-management firm Dyn, which disrupted web traffic at popular sites like Twitter, Netflix, Reddit, and Etsy. As it turns out, the growing “Internet of Things (IoT)” facilitated that attack; specifically, thousands of cameras and DVRs were hacked and used to bombard Dyn with page requests. CNet examines the issue of hacking through the IoT in, “Search Engine Shodan Knows Where Your Toaster Lives.”
Reporter Laura Hautala informs us that it is quite easy for those who know what they’re doing to access any and all internet-connected devices. Skilled hackers can do so using search engines like Google or Bing, she tells us, but tools created for white-hat researchers, like Shodan, make the task even easier. Hautala writes:
While it’s possible hackers used Shodan, Google or Bing to locate the cameras and DVRs they compromised for the attack, they also could have done it with tools available in shady hacker circles. But without these legit, legal search tools, white hat researchers would have a harder time finding vulnerable systems connected to the internet. That could keep cybersecurity workers in a company’s IT department from checking which of its devices are leaking sensitive data onto the internet, for example, or have a known vulnerability that could let hackers in.
Even though sites like Shodan might leave you feeling exposed, security experts say the good guys need to be able to see as much as the bad guys can in order to be effective.
Indeed. Like every tool ever invented, the impacts of Shodan depend on the intentions of the people using it.
Cynthia Murrell, November 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Is a Double Edged Sword
November 3, 2016
Apart from hackers and criminals of all kind, the Dark Web is also used by whistleblowers and oppressed citizens for communicating. The Dark Web thus is one of the most secure modes of communicating online; more than secure apps like WhatsApp.
The Newsweek in an article titled How the Dark Web Works and What It Looks Like says:
Dark web technologies are robustly built without central points of weakness, making it hard for authorities to infiltrate. Another issue for law enforcement is that—like most things—the dark web and its technologies can also be used for both good and evil.
Despite backdoors and exploits, law enforcement agencies find it difficult to track Dark Web participants. Few technology companies like Facebook, Microsoft, and Google through its messenger apps promise to provide end-to-end encryption to its users. However, the same companies now are harvesting data from these apps for commercial purposes. If that is the case, these apps can no longer be trusted. As pointed out by the article:
And yet some of these same communications companies have been harvesting user data for their own internal processes. Famously, Facebook enabled encryption on WhatsApp, protecting the communications from prying eyes, but could still look at data in the app itself.
Thus, for now, it seems Dark Web is the only form of secure communication online. It, however, needs to be seen how long the formless and headless entity called Dark Web remains invincible.
Vishal Ingole, November 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The CIA Claims They Are Psychic
November 2, 2016
Today’s headline sounds like something one would read printed on a grocery store tabloid or a conspiracy Web site. Before I start making claims about the Illuminati, this is not a claim about magical powers, but rather big data and hard science…I think. Defense One shares that, “The CIA Says It Can Predict Social Unrest As Early As 3 To 5 Days Out.” While deep learning and other big data technology is used to drive commerce, science, healthcare, and other industries, law enforcement officials and organizations are using it to predict and prevent crime.
The CIA users big data to analyze data sets, discover trends, and predict events that might have national security ramifications. CIA Director John Brennan hired Andrew Hallman to be the Deputy Director for Digital Innovations within the agency. Under Hallman’s guidance, the CIA’s “anticipatory intelligence” has improved. The CIA is not only using their private data sets, but also augment them with open data sets to help predict social unrest.
The big data science allows the CIA to make more confident decisions and provide their agents with better information to assess a situation.
Hallman said analysts are “becoming more proficient in articulating” observations to policymakers derived in these new ways. What it adds up to, Hallman said, is a clearer picture of events unfolding—or about to unfold—in an increasingly unclear world.
What I wonder is how many civil unrest events have been prevented? For security reasons, some of them remain classified. While the news is mongering fear, would it not be helpful if the CIA shared some of its success stats with the news and had them make it a priority to broadcast it?
Whitney Grace, November 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Americans Are Complacent About Online Data Breaches
November 1, 2016
Users of email, social networks, and other online services are aware of possible dangers that data breaches cause, but surprisingly are less concerned about it in 2016, a survey reveals.
Observer recently published a report titled Fears of the Web’s Dark Side—Strangely—Are Not Growing, which reveals:
People’s fears about their email being hacked have receded somewhat since 2014, bizarrely. Across the 1,071 Americans surveyed, that particular worry receded from 69 to 71 percent.
The survey commissioned by Craigconnects also reveals that online users are no longer very concerned about their data getting leaked online that may be used for identity theft; despite large scale breaches like Ashley Madison. Users, as the survey points out have accepted it as a trade-off for the convenience of Internet.
The reason for the complacency setting in probably lies in the fact that people have realized:
The business of social media company is built upon gathering as much information as possible about users and using that information to sell ads,” Michael W. Wellman, CEO of Virgil Security wrote the Observer in an email. “If the service is free, it’s the user that’s being sold.
Nearly 7 percent Americans are victims of identity theft. This, however, has not dissuaded them from taking precautionary measures to protect their identity online. Most users are aware that identity theft can be used for stealing money from bank accounts, but there are other dangers as well. For instance, prescription medication can be obtained legally using details of an identity theft victim. And then there are uses of the stolen data that only Dark Web actors know where such data of millions of victims is available for few hundred dollars.
Vishal Ingole November 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Be Prepared for Foggy Computing
October 31, 2016
Cloud computing allows users to access their files or hard drive from multiple devices at multiple locations. Fog computing, on the other hand, is something else entirely. Fog computing is the latest buzzword in the tech world and pretty soon it will be in the lexicon. If you are unfamiliar with fog computing, read Forbes’s article, “What Is Fog Computing? And Why It Matters In Our Big Data And IoT World.”
According to the article, smartphones are “smart” because they receive and share information with the cloud. The biggest problem with cloud computing is bandwidth, slow Internet speeds. The United States is 35th in the world for bandwidth speed, which is contrary to the belief that it is the most advanced country in the world. Demand for faster speeds increases every day. Fog computing also known as edge computing seeks to resolve the problem by grounding data. How does one “ground” data?
What if the laptop could download software updates and then share them with the phones and tablets? Instead of using precious (and slow) bandwidth for each device to individually download the updates from the cloud, they could utilize the computing power all around us and communicate internally.
Fog computing makes accessing data faster, more efficient, and more reliably from a local area rather than routing to the cloud and back. IBM and Cisco Systems are developing projects that would push computing to more local areas, such as a router, devices, and sensors.
Considering that there are security issues with housing data on a third party’s digital storage unit, it would be better to locate a more local solution. Kind of like back in the old days, when people housed their data on CPUs.
Whitney Grace, October 31, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
