The UK Government Invests in Secure Startups
February 15, 2016
The UK has been criticized as being one of the most invasive countries when it comes to monitoring individuals and having security cameras everywhere, even on garbage cans. While the question, “how much is too much?” runs around people’s heads, there is also a concern about the lax of security developments. The UK is much like its former colony the United States in that is interested in beefing up security technology InfoSecurity says in the article, “Government Start-up Support Creates A ‘Very Exciting Time.’”
Government support for UK security tech start-ups is one of the main driving forces in the industry. It demonstrates that the UK government is invested in advancing new ideas and help new companies get the leg up they need to develop the best possibly product before it is delivered to a bigger market. It also proves that the government is taking cybersecurity as a very serious risk that needs bolstering to counteract actions taken by terrorists and rogue nations.
“This week, the UK government announced a £250,000 Early Stage Accelerator Programme to help start-ups in the space get advice, support and funding to develop their products and services and bring them to market. It will be run by Cyber London—described as “Europe’s first cybersecurity accelerator and incubator space”—and the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast.”
While venture corporations are usually the first place start-ups turn to for investments, the government plays a crucial role in regulating the technology and helping companies grow beyond their initial roots. It also allows the new security start-ups to make important connections with the right government officials to build strategic relationships.
It is wonderful that western governments are taking cyber threats more seriously and take preemptive action against dangerous threats. It would be even better if smaller law enforcement agencies at the city and state level in the US were more capable of handling cyber attacks.
Whitney Grace, February 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Crime Has Its Limits
February 12, 2016
The Dark Web is an intriguing and mysterious phenomenon, but rumors about what can be found there are exaggerated. Infomania examines what is and what is not readily available in that murky realm in, “Murder-for-Hire on the Dark Web? It Can’t Be True!”
Anonymity is the key factor in whether certain types of criminals hang out their shingles on the TOR network. Crimes that can be more easily committed without risking identification include drug trafficking, fraud, and information leaks. On the other hand, contract assassins, torture-as-entertainment, and human trafficking are not actually to be found, despite reports to the contrary. See the article for details on each of these, and more. The article cites independent researcher Chris Monteiro as it summarizes:
The dark web is rife with cyber crime. But it’s more rampant with sensationalized myths about assassination and torture schemes — which, as Chris can attest, simply aren’t true. “What’s interesting is so much of the coverage of these scam sites is taken at face value. Like, ‘There is a website. Therefore its contents must be true.’ Even when mainstream media picks it up, very few pick it up skeptically,” he says.
Take the Assassination Market, for example. When news outlets got wind of its alleged existence in 2013, they ran with the idea of “Murder-for-hire!!” on the Internet underground. Although Chris has finally demonstrated that these sites are not real, their legend lives on in Internet folklore. “Talking about the facts — this is how cybercrime works, this is how Tor and Bitcoin work — is a lot less sexy than saying, ‘If you click on the wrong link, you’ll be kidnapped, and you’ll end up in a room where you’ll be livestreamed, murdered, and you’re all over the internet!’” Chris says. “All I can do is point out what’s proven and what isn’t.”
So, next time someone spins a scary tale about killers-for-hire who are easily found online, you can point them to this article. Yes, drug trafficking, stolen data, and other infractions are big problems associated with the Dark Web, but let us not jump at shadows.
Cynthia Murrell, February 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Barry Zane and SPARQL City Acquired by Cambridge Semantics for Graph Technology
February 12, 2016
The article titled Cambridge Semantics Acquires SPARQL City’s IP, Expanding Offering of Graph-Cased Analytics at Big Data Scale on Business Wire discusses the benefits of merging Cambridge’s Semantics’ Anzo Smart Data Platform with SPARQL City’s graph analysis capacities. The article specifically mentions the pharmaceutical industry, financial services, and homeland security as major business areas that this partnership will directly engage due to the enhanced data analysis and graph technologies now possible.
“We believe this IP acquisition is a game-changer for big data analytics and smart data discovery,” said Chuck Pieper, CEO of Cambridge Semantics. “When coupled with our Anzo Smart Data Platform, no one else in the market can provide a similar end-to-end, semantic- and graph-based solution providing for data integration, data management and advanced analytics at the scale, context and speed that meets the needs of enterprises. The SPARQL City in-memory graph query engine allows users to conduct exploratory analytics at big data scale interactively.”
Barry Zane, a leader in database analytics with 40 years experience and CEO and founder of SPARQL City, will become the VP of Engineering at Cambridge Semantics. He mentions in the article that this acquisition has been a long time coming, with the two companies working together over the last two years.
Chelsea Kerwin, February 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
To Search the Dark Web
February 11, 2016
If you have wondered how, exactly, one searches for information on the Dark Web, take a gander at “The Best TOR Search Engines of 2016” at Cyberwarzone. Reporter CWZ writes:
“On the TOR network you can find various websites just like you find on the ‘normal web.’ The websites which are hosted on the TOR network are not indexed by search engines like Google, Bing and Yahoo, but the search engines which are listed below, do index the TOR websites which are hosted via the TOR network. It is important to remember that you do need the TOR client on your device in order to access the TOR network, if you cannot use a TOR client on your device, you can use one of the free TOR gateways which are listed below in the web TOR providers tab.”
The article warns about malicious TOR clients, and strongly suggests readers download the client found at the official TOR website. Four search engines are listed— https://Ahmia.fi, https://Onion.cab, https://onion.link/, and http://thehiddenwiki.org/. CWZ also lists those Web TOR gateways, through which one can connect to TOR services with a standard Web browser instead of using a TOR client. See the end of the article for that information.
Cynthia Murrell, February 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Squiz and Verint Team up to Save the Government from Itself
February 9, 2016
The article titled Verint and Squiz Announce Partnership to Further Enable Digital Transformation for Government on BusinessWire conveys the global ambitions of the two companies. The article positions Verint, an intel-centric company, and Squiz, an Australian content management company, as the last hope for the world’s governments (on the local, regional, and national level.) While things may not be so dire as all that, the merger is aimed at improving governmental organization, digital management, and customer engagement. The article explains,
“Today, national, regional and local governments across the world are implementing digital transformation strategies, reflecting the need to proactively help deliver citizen services and develop smarter cities. A key focus of such strategies is to help make government services accessible and provide support to their citizens and businesses when needed. This shift to digital is more responsive to citizen and community needs, typically reducing phone or contact center call volumes, and helps government organizations identify monetary savings.”
It will come as no surprise to learn that government bureaucracy is causing obstacles when it comes to updating IT processes. Together, Squiz and Verint hope to aid officials in implementing streamlined, modernized procedures and IT systems while focusing on customer-facing features and ensuring intuitive, user-friendly interfaces. Verint in particular emphasizes superior engagement practices through its Verint Engagement Management service.
Chelsea Kerwin, February 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Its Official: Facebook and the Dark Web
February 5, 2016
A piece from Nextgov suggests just how ubiquitous the Dark Web could become. Published as Facebook is giving users a new way to access it on the ‘Dark Web’, this article tells us “a sizeable community” of its users are also Dark Web users; Facebook has not released exact figures. Why are people using the Dark Web for everyday internet browsing purposes? The article states:
“Facebook’s Tor site is one way for people to access their accounts when the regular Facebook site is blocked by governments—such as when Bangladesh cut off access to Facebook, its Messenger and Whatsapp chat platforms, and messaging app Viber for about three weeks in November 2015. As the ban took effect, the overall number of Tor users in Bangladesh spiked by about 10 times, to more than 20,000 a day. When the ban was lifted, the number dropped back to its previous level.”
Public perception of the darknet is changing. If there was any metric to lend credibility to the Dark Web being increasingly used for mainstream purposes, it is Facebook adding a .onion address. Individual’s desire for security, uninterrupted and expansive internet access will only contribute to the Dark Web’s user base. While the Silk Road-type element is sure to remain as well, it will be interesting to see how things evolve.
Megan Feil, February 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Elasticsearch Works for Us 24/7
February 5, 2016
Elasticsearch is one of the most popular open source search applications and it has been deployed for personal as well as corporate use. Elasticsearch is built on another popular open source application called Apache Lucene and it was designed for horizontal scalability, reliability, and easy usage. Elasticsearch has become such an invaluable piece of software that people do not realize just how useful it is. Eweek takes the opportunity to discuss the search application’s uses in “9 Ways Elasticsearch Helps Us, From Dawn To Dusk.”
“With more than 45 million downloads since 2012, the Elastic Stack, which includes Elasticsearch and other popular open-source tools like Logstash (data collection), Kibana (data visualization) and Beats (data shippers) makes it easy for developers to make massive amounts of structured, unstructured and time-series data available in real-time for search, logging, analytics and other use cases.”
How is Elasticsearch being used? The Guardian is daily used by its readers to interact with content, Microsoft Dynamics ERP and CRM use it to index and analyze social feeds, it powers Yelp, and her is a big one Wikimedia uses it to power the well-loved and used Wikipedia. We can already see how much Elasticsearch makes an impact on our daily lives without us being aware. Other companies that use Elasticsearch for our and their benefit are Hotels Tonight, Dell, Groupon, Quizlet, and Netflix.
Elasticsearch will continue to grow as an inexpensive alternative to proprietary software and the number of Web services/companies that use it will only continues to grow.
Whitney Grace, February 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cybercrime as a Service Impacts Hotel Industry and Loyalty Points
February 4, 2016
The marketplaces of the Dark Web provide an interesting case study in innovation. Three types of Dark Web fraud aimed at the hotel industry, for example, was recently published on Cybel Blog. Delving into the types of cybercrime related to the hospitality industry, the article, like many others recently, discusses the preference of cybercriminals in dealing with account login information as opposed to credit cards as detectability is less likely. Travel agencies on the Dark Web are one such way cybercrime as a service exists:
“Dark Web “travel agencies” constitute a third type of fraud affecting hotel chains. These “agencies” offer room reservations at unbeatable prices. The low prices are explained by the fact that the seller is using fraud and hacking. The purchaser contacts the seller, specifying the hotel in which he wants to book a room. The seller deals with making the reservation and charges the service to the purchaser, generally at a price ranging from a quarter to a half of the true price per night of the room. Many sellers boast of making bookings without using stolen payment cards (reputed to be easy for hotels to detect), preferring to use loyalty points from hacked client accounts.”
What will they come up with next? The business to consumer (B2C) sector includes more than hotels and presents a multitude of opportunities for cybertheft. Innovation must occur on the industry side as well in order to circumvent such hacks.
Megan Feil, February 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Metadata Could Play Integral Role in Data Security
February 2, 2016
A friend recently told me how they can go months avoiding suspicious emails, spyware, and Web sites on her computer, but the moment she hands her laptop over to her father he downloads a virus within an hour. Despite the technology gap existing between generations, the story goes to show how easy it is to deceive and steal information these days. ExpertClick thinks that metadata might hold the future means for cyber security in “What Metadata And Data Analytics Mean For Data Security-And Beyond.”
The article uses biological analogy to explain metadata’s importance: “One of my favorite analogies is that of data as proteins or molecules, coursing through the corporate body and sustaining its interrelated functions. This analogy has a special relevance to the topic of using metadata to detect data leakage and minimize information risk — but more about that in a minute.”
This plays into new companies like, Ayasdi, using data to reveal new correlations using different methods than the standard statistical ones. The article compares this to getting to the data atomic level, where data scientists will be able to separate data into different elements and increase the analysis complexity.
“The truly exciting news is that this concept is ripe for being developed to enable an even deeper type of data analytics. By taking the ‘Shape of Data’ concept and applying to a single character of data, and then capturing that shape as metadata, one could gain the ability to analyze data at an atomic level, revealing a new and unexplored frontier. Doing so could bring advanced predictive analytics to cyber security, data valuation, and counter- and anti-terrorism efforts — but I see this area of data analytics as having enormous implications in other areas as well.”
There are more devices connected to the Internet than ever before and 2016 could be the year we see a significant rise in cyber attacks. New ways to interpret data will leverage predictive and proactive analytics to create new ways to fight security breaches.
Whitney Grace, February 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Anonymity Not Always Secured for Tor and Dark Web Users
January 28, 2016
From the Washington Post comes an article pertinent to investigative security technologies called This is how the government is catching people who use child porn sites. This piece outlines the process used by the FBI to identify a Tor user’s identity, despite the anonymity Tor provides. The article explains how this occurred in one case unmasking the user Pewter,
“In order to uncover Pewter’s true identity and location, the FBI quietly turned to a technique more typically used by hackers. The agency, with a warrant, surreptitiously placed computer code, or malware, on all computers that logged into the Playpen site. When Pewter connected, the malware exploited a flaw in his browser, forcing his computer to reveal its true Internet protocol address. From there, a subpoena to Comcast yielded his real name and address.”
Some are concerned with privacy of the thousands of users whose computers are also hacked in processes such as the one described above. The user who was caught in this case is arguing the government’s use of such tools violated the Fourth Amendment. One federal prosecutor quoted in the article describes the search processes used in this case as a “gray area in the law”. His point, that technology is eclipsing the law, is definitely one that deserves more attention from all angles: the public, governmental agencies, and private companies.
Megan Feil, January 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
