More Data to Fuel Debate About Malice on Tor
June 9, 2016
The debate about malicious content on Tor continues. Ars Technica published an article continuing the conversation about Tor and the claims made by a web security company that says 94 percent of the requests coming through the network are at least loosely malicious. The article CloudFlare: 94 percent of the Tor traffic we see is “per se malicious” reveals how CloudFlare is currently handling Tor traffic. The article states,
“Starting last month, CloudFlare began treating Tor users as their own “country” and now gives its customers four options of how to handle traffic coming from Tor. They can whitelist them, test Tor users using CAPTCHA or a JavaScript challenge, or blacklist Tor traffic. The blacklist option is only available for enterprise customers. As more websites react to the massive amount of harmful Web traffic coming through Tor, the challenge of balancing security with the needs of legitimate anonymous users will grow. The same network being used so effectively by those seeking to avoid censorship or repression has become a favorite of fraudsters and spammers.”
Even though the jury may still be out in regards to the statistics reported about the volume of malicious traffic, several companies appear to want action sooner rather than later. Amazon Web Services, Best Buy and Macy’s are among several sites blocking a majority of Tor exit nodes. While a lot seems unclear, we can’t expect organizations to delay action.
Megan Feil, June 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Has Much at Stake in Intel Tax Case
June 3, 2016
In the exciting department of tax activities, 9to5Google reports, “Google Could Effectively Recoup All the Tax it Paid Last Year if Intel Wins Test Case.” Why is Google so invested in a dispute between Intel and the IRS? Writer Ben Lovejoy explains:
“In essence, the case hinges on share compensation packages paid by overseas subsidiaries. The IRS says that the cost of these should be offset against the expenses of the overseas companies; Intel says no, the cost should be deducted by the U.S. parent company – reducing its tax liabilities in its home country. The IRS introduced the rule in 2003. Companies like Google have abided by the rule but reserved the right to reallocate costs if a court ruling went against the IRS, giving them a huge potential windfall.”
This windfall could amount to $3.5 billion for Alphabet, now technically Google’s “parent” company (but really just a reorganized Google). Apparently, according to the Wall Street Journal, at least 20 tech companies, including Microsoft and eBay, are watching this case very closely.
Google is known for paying the fewest taxes it thinks it can get away with, a practice very unpopular with some. We’re reminded:
“Google has recently come under fire for its tax arrangements in Europe, a $185M back-tax deal in the UK being described as ‘disproportionately small’ and possibly illegal. France is currently seeking to claim $1.76B from the company in back taxes.”
So, how much will the world’s tax collectors be able to carve out of the Google revenue pie? I suspect it will vary from year to year, and will keep courts and lawyers around the world very busy.
Cynthia Murrell, June 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Considering an Epistemology of the Dark Web
May 31, 2016
The comparisons of Nucleus to Silk Road are rolling in. An article from Naked Security by Sophos recently published Dark Web marketplace “Nucleus” vanishes – and no one knows why. This piece echoes the questions those following this story have wondered. Was it attacked by ransomware? Maybe they were busted? The article also offers the low-down on how Tor works to explain why accurate investigations into the Dark Web are challenging. We learned,
“That’s why Tor also supports so-called hidden services, which have special URLs ending .onion, where your anonymised network requests are not only bounced around inside the Tor network, but also processed and answered from inside Tor. This makes it hard to find the servers behind a hidden service, which in turn makes it hard to block that service, even if it’s clearly breaking the law by selling firearms improperly or trafficking in illegal drugs. This, in turn, means it’s hard to measure what’s really going on in the Dark Web, and how many underground marketplaces exist to bring buyers and sellers together.”
We found it refreshing this piece reiterated how data about the Dark Web is not easy to pinpoint. From several tens of thousands of Dark Web sites to much lower counts, many cybersecurity groups and researchers seem certain they have the right number. But to continue on the endless hypotheses train related to the nucleus disappearance, we’ll weigh in. Maybe law enforcement outside the US operated the site? Just a thought.
Megan Feil, May 31, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hacktivists Become Educators on Dark Web
May 30, 2016
A well-known hactivist group is putting themselves out there on the Dark Web. International Business Times reported on the collective’s new chatroom in a piece entitled Anonymous hackers launch dark web chatroom OnionIRC to teach next generation of hacktivists. Anoynmous intends to teach those interested in hacktivism about the basics: coding, encryption and even history. IBT journalists went undercover and logged into the chat room to learn more about the next generation of hacktivists. Reporting back, the article states,
“[we] found roughly 40 people logged in and talking about topics, such as GPG encryption, NSA surveillance and how the government reportedly installs backdoors into computer software. According to HackRead, which first reported on the chatroom, the IRC has at times been particularly dysfunctional. Indeed, during our time in the chatroom, some of the contributors appeared to lack any hacking knowledge at all. “I want to learn Bash. Beginner level. Where should I start?” wrote one anonymous contributor. “With a Bash Book,” came the reply. This group, at least in its current form, is a far-cry from the more sophisticated and feared members that in the past have been known to hack federal agencies and assist in global political uprisings.”
This article’s reference to the “next generation of hacktivists” calls to mind a question about the age demographics of Dark Web users. Our bet is that, while they may tend young, there is likely to be significant representation from a variety of age groups. While it’s captured media attention, the Dark Web is no new phenomenon.
Megan Feil, May 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Travel to South Africa Virtually with Googles Mzansi Experience
May 18, 2016
The article on Elle titled Google SA Launches the Mzansi Experience On Maps illustrates the new Google Street View collection for South Africa. For people without the ability to travel, or scared of malaria or Oscar Pistorius, this collection offers an in-depth platform to view some of South Africa’s natural wonders and parks. The article explains,
“Using images collected by the Street View Tripod and Trekker, Google has created 360-degree imagery of some of South Africa’s most beautiful locations, and created virtual tours that enable visitors to see the sights for themselves on their phones, tablets or computers. Visitors will be able to, for the first time, visit a family of elephants in the Kruger National Park, take a virtual walk on Table Mountain, admire Cape Point, or take a walk along Durban’s Golden Mile.”
For South Africa, this initiative might spark increased tourism once people realize just how much the country has to offer. So many of the images of Africa that we are exposed to in the US are reductive and patronizing, like those ceaseless commercials depicting all of Africa as a small, poverty-stricken village. Google’s new collection helps to promote a more diverse and appealing look at one African country: South Africa. Whether you want to go in person or virtually, this is worth checking out!
Chelsea Kerwin, May 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
DARPA Seeks Keys to Peace with High-Tech Social Science Research
May 11, 2016
Strife has plagued the human race since the beginning, but the Pentagon’s research arm thinks may be able to get to the root of the problem. Defense Systems informs us, “DARPA Looks to Tap Social Media, Big Data to Probe the Causes of Social Unrest.” Writer George Leopold explains:
“The Defense Advanced Research Projects Agency (DARPA) announced this week it is launching a social science research effort designed to probe what unifies individuals and what causes communities to break down into ‘a chaotic mix of disconnected individuals.’ The Next Generation Social Science (NGS2) program will seek to harness steadily advancing digital connections and emerging social and data science tools to identify ‘the primary drivers of social cooperation, instability and resilience.’
“Adam Russell, DARPA’s NGS2 program manager, said the effort also would address current research limitations such as the technical and logistical hurdles faced when studying large populations and ever-larger datasets. The project seeks to build on the ability to link thousands of diverse volunteers online in order to tackle social science problems with implications for U.S. national and economic security.”
The initiative aims to blend social science research with the hard sciences, including computer and data science. Virtual reality, Web-based gaming, and other large platforms will come into play. Researchers hope their findings will make it easier to study large and diverse populations. Funds from NGS2 will be used for the project, with emphases on predictive modeling, experimental structures, and boosting interpretation and reproducibility of results.
Will it be the Pentagon that finally finds the secret to world peace?
Cynthia Murrell, May 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Office of Personnel Management Hack Is Very Bad
May 11, 2016
The US Office of Personnel Management (OPM) was hacked for more than a year before it was discovered in April 2015. The personal information of 21 million current and former government employees was stolen, including their Social Security numbers and home addresses. The hack does not seem that important, unless you were or are a government employee, but the Lawfare Blog explains differently in “Why The OPM Hack Is Far Worse Than You Imagine.”
The security breach is much worse than simple identity theft, because background checks were stolen as well. It might seem that a background check is not that serious (so the hackers discovered a person got a speeding ticket?), but in reality these background checks were far more extensive than the usual as they were used for purposes of entering government mandated areas. The security clearances included information about family, sexual behavior, and risk of foreign exploitation. If that was not bad enough,
“Along with the aforementioned databases, the OPM systems are linked electronically to other agencies and databases, and it stored much of this data alongside the security clearance files. According to a 2007 White House report on OPM security clearance performance, checks of State Passport records and searches of military service records are now conducted electronically. According to this report, then, there are electronic linkages between the OPM Security Clearance files, Department of Defense service records, and State Department Passport records.”
OPM took measures to ensure future security, but they either expose whom the victims of the breach are and would allow private contractors access to sensitive data to mitigate future attacks. OPM is not willing to acknowledge these deficiencies, but would rather continue to expose the victims (and future victims) to further danger.
Whitney Grace, May 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Criminal Landscape Calls for New Approaches
May 9, 2016
The Oxford University Press’s blog discusses law enforcement’s interest in the shady side of the Internet in its post, “Infiltrating the Dark Web.” Writer Andrew Staniforth observes that the growth of crime on the Dark Web calls for new tactics. He writes:
“Criminals conducting online abuses, thefts, frauds, and terrorism have already shown their capacity to defeat Information Communication Technology (ICT) security measures, as well as displaying an indifference to national or international laws designed to stop them. The uncomfortable truth is that as long as online criminal activities remain profitable, the miscreants will continue, and as long as technology advances, the plotters and conspirators who frequent the Dark Web will continue to evolve at a pace beyond the reach of traditional law enforcement methods.
“There is, however, some glimmer of light amongst the dark projection of cybercrime as a new generation of cyber-cops are fighting back. Nowhere is this more apparent than the newly created Joint Cybercrime Action Taskforce (J-CAT) within Europol, who now provide a dynamic response to strengthen the fight against cybercrime within the European Union and beyond Member States borders. J-CAT seeks to stimulate and facilitate the joint identification, prioritisation, and initiation of cross-border investigations against key cybercrime threats and targets – fulfilling its mission to pro-actively drive intelligence-led actions against those online users with criminal intentions.”
The article holds up J-CAT as a model for fighting cybercrime. It also emphasizes the importance of allocating resources for gathering intelligence, and notes that agencies are increasingly focused on solutions that can operate in mobile and cloud environments. Increased collaboration, however, may make the biggest difference in the fight against criminals operating on the Dark Web.
Cynthia Murrell, April 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
European Cybersecurity Companies
May 8, 2016
We’ve run across an interesting list of companies at Let’s Talk Payments, “Europe’s Elite Cybersecurity Club.” The bare-bones roster names and links to 28 cybersecurity companies, with a brief description of each. See the original for the descriptions, but here are their entries:
SpamTitan, Gemalto, Avira, itWatch, BT, Sophos, DFLabs, ImmuniWeb, Silent Circle, Deep-Secure, SentryBay , AVG Technologies, Clearswift, ESNC, DriveLock, BitDefender, neXus, Thales, Cryptovision, Secunia, Osirium, Qosmos, Digital Shadows, F-Secure, Smoothwall, Brainloop, TrulyProtect, and Enorasys Security Analytics
It is a fine list as far as it goes, but we notice it is not exactly complete. For example, where is FinFisher’s parent company, Gamma International? Still, the list is a concise and valuable source for anyone interested in learning more about these companies.
Cynthia Murrell, May 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Be the CIA Librarian
May 3, 2016
Research is a vital tool for the US government, especially the Central Intelligence Agency which is why they employee librarians. The Central Intelligence Agency is one of the main forces of the US Intelligence Community, focused on gathering information for the President and the Cabinet. The CIA is also the topic of much fictionalized speculation in stories, mostly spy and law enforcement dramas. Having played an important part in the United States history, could you imagine the files in its archives?
If you have a penchant for information, the US government, and a library degree then maybe you should apply to the CIA’s current job opening: as a CIA librarian. CNN Money explains one of the perks of the job is its salary: “The CIA Is Hiring…A $100,000 Librarian.” Beyond the great salary, which CNN is quick to point out is more than the typical family income. Librarians server as more than people who recommend decent books to read, they serve as an entry point for research and bridge the gap between understanding knowledge and applying it in the actual field.
“In addition to the cachet of working at the CIA, ‘librarians also have opportunities to serve as embedded, or forward deployed, information experts in CIA offices and select Intelligence Community agencies.’ Translation: There may be some James Bond-like opportunities if you want them.”
Most of this librarian’s job duties will probably be assisting agents with tracking down information related to intelligence missions and interpreting it. It is just a guess, however. Who knows, maybe the standard CIA agent touts a gun to the stacks?
Whitney Grace, May 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
