Trust and Security Lessons Offered by the Dark Web
January 27, 2016
Spreading lessons about trust is not what most people think when they think of the drug dealers, hackers and cyber criminals of the Dark Web, but an article from Medium begs to differ. Let’s hear it for the bad guys: What the Dark Web can teach us about trust focuses on the idea that these “bad guys” are successfully and efficiently making transactions, ultimately based on trust. The article states:
“Crucially, they offer the same kind of reliability of experience rather than ripping people off, thus creating a sustainable business model. Transactions are made using digital currency Bitcoin and are recorded and verified through a distributed public ledger called the block chain. In this way, such sites build trust by offering a straightforward transaction built on transparency, albeit achieved with complete anonymity.”
This trust may be seen as missing from many internet sites where collection of personal data is the price of admission; the Dark Web offers an alternative with the promise of information not being tracked. Ironically, the issue of information being collected, albeit through other means, and sold through channels in the Dark Web means the problem of security is not eradicated.
Megan Feil, January 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cybercrime as a Service Drives Cyber Attacks on Uber Accounts and More
January 26, 2016
Several articles lately have shined light on the dynamics at play in the cybercriminal marketplaces of the Dark Web; How much is your Uber account worth?, for example, was recently published on Daily Mail. Summarizing a report from security researchers at Trend Micro for CNBC, the article explains this new information extends the research previously done by Intel Security’s The Hidden Data Economy report. Beyond describing the value hierarchy where Uber and Paypal logins cost more than social security numbers and credit cards, this article shares insights on the bigger picture,
“’Like any unregulated, efficient economy, the cybercrime ecosystem has quickly evolved to deliver many tools and services to anyone aspiring to criminal behavior,’ said Raj Samani, chief technology officer for Intel Security EMEA. ‘This “cybercrime-as-a-service” marketplace has been a primary driver for the explosion in the size, frequency, and severity of cyber attacks.
‘The same can be said for the proliferation of business models established to sell stolen data and make cybercrime pay.’”
Moving past the shock value of the going rates, this article draws our attention to the burgeoning business of cybercrime. Similarly to the idea that Google has expanded the online ecosystem by serving as a connector, it appears marketplaces in the Dark Web may be carving out a similar position. Quite the implications when you consider the size of the Dark Web.
Megan Feil, January 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Death of Dark Web Weapons
January 20, 2016
President Obama recently announced some executive orders designed to curb gun violence; one of these moves, according to the U.S. Attorney General, specifically targets weapon purchases through the Dark Web. However, Deep.Dot.Web asks, “Do People Really Buy Weapons from Dark Web Markets?” Not many of them, as it turns out. Reporter Benjamin Vitáris writes:
“Fast Company made an interview with Nicolas Christin, assistant research professor of electrical and computer engineering at Carnegie Mellon University (CMU). The professor is one of the researchers behind a recent deep-dive analysis of sales on 35 marketplaces from 2013 to early 2015. According to him, dark web gun sales are pretty uncommon: ‘Weapons represent a very small portion of the overall trade on anonymous marketplaces. There is some trade, but it is pretty much negligible.’ On the dark net, the most popular niche is drugs, especially, MDMA and marijuana, which takes around 25% of sales on the dark web, according to Christin’s analysis. However, weapons are so uncommon that they were put into the ‘miscellaneous’ category, along with drug paraphernalia, electronics, tobacco, viagra, and steroids. These together takes 3% of sales.”
Vitáris notes several reasons the Dark Web is not exactly a hotbed of gun traffic. For one thing, guns are devilishly difficult to send through the mail. Then there’s the fact that, with current federal and state laws, buying a gun in person is easier than through dark web markets in most parts of the U.S.; all one has to do is go to the closest gun show. So, perhaps, targeting Dark Web weapon sales is not the most efficient thing we could do to keep guns away from criminals.
Cynthia Murrell, January 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There Is a Hole in the Cloud
January 11, 2016
Everyone is running to the cloud to reserve their own personal data spot. Companies have migrated their services to the cloud to serve a growing mobile clientele. If you are not on the cloud, it is like you’re still using an old flip phone. The cloud is a viable and useful service that allows people to access their data anytime and anywhere. Business Insider reveals that cloud usage is heavily concentrated in the US: “Latest Data From The Valley’s Oldest VC Firm Shows One Big Flaw In The Hype Around The Cloud.”
Bessemer Venture Partners is the longest running venture capitalist company in Silicon Valley. To celebrate its 100th cloud investment, it surveyed where the company’s cloud investments are located. Seventy-six of the startups are in the US, eleven are in Israel, and four are in Canada.
“The fact that less than one-quarter of BVP’s cloud investments are in non-US startups shows the adoption of cloud technologies is lagging in the rest of the world. It’s also a reminder that, even after all these years of cloud hype, many countries are still concerned about some aspects of cloud technology.”
Cloud adoption around the world is slow due to the US invents a lot of new technology and the rest of the world must catch up. Security is another big concern and companies are hesitant to store sensitive information on a system with issues.
The cloud has only been on the market for ten years and has only gained attention in the past five. Cell phones, laptops, and using open source software took time to catch on as well.
Whitney Grace, January 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Long Goodbye of Internet Freedom Heralded by CISA
January 8, 2016
The article on MotherBoard titled Internet Freedom Is Actively Dissolving in America paints a bleak picture of our access to the “open internet.” In spite of the net neutrality win this year, broadband adoption is decreasing, and the number of poor Americans forced to choose between broadband and smartphone internet is on the rise. In addition to these unfortunate trends,
“Congress and President Obama made the Cybersecurity Information Sharing Act a law by including it in a massive budget bill (as an extra gift, Congress stripped away some of the few privacy provisions in what many civil liberties groups are calling a “surveillance bill”)… Finally, the FBI and NSA have taken strong stands against encryption, one of the few ways that activists, journalists, regular citizens, and yes, criminals and terrorists can communicate with each other without the government spying.”
What this means for search and for our access to the Internet in general, is yet to be seen. The effects of security laws and encryption opposition will obviously be far-reaching, but at what point do we stop getting the information that we need to be informed citizens?
And when you search, if it is not findable, does the information exist?
Chelsea Kerwin, January 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Magnetic Forensics Partners with In-Q-Tel to Battle Rising Cyber Crimes
January 6, 2016
The article on GCN titled In-Q-Tel Invests in Digital Forensics Firm discusses the recent addition of Magnetic Forensics to the In-Q-Tel investment portfolio. Digital forensics software is making large strides to improve the safety and security of data in a time when hackers seem unstoppable, and this is the area Magnetic Forensics’ applies expertise and innovation. In-Q-Tel is a technology investment firm that supports and coordinates with the CIA and Intelligence Community. The article explains,
Magnetic Forensics’ flagship product, Internet Evidence Finder, recovers unstructured data — such as social media, chat messages and e-mail from computers, smartphones and tablets — and structures the data for analysis and collaboration. It has been used by 2,700 public safety organizations in 92 counties to investigate cases related to cybercrime, terrorism, child exploitation and insider threats.
Given the almost daily reminders of the vulnerability of our data, investment in this sort of software is timely. Magnetic Forensics’ CEO Adam Belsher explained that IEF works by opening the pipeline of investigator workflow, organizing backlogs, and urgently absorbing the facts of the case to ensure a comprehensive understanding of the issue at hand. Additionally, the partnership will enhance In-Q-Tel’s existing product line while allowing for the creation of new resources for cyber security.
Chelsea Kerwin, January 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Data Managers as Data Librarians
December 31, 2015
The tools of a librarian may be the key to better data governance, according to an article at InFocus titled, “What Librarians Can Teach Us About Managing Big Data.” Writer Joseph Dossantos begins by outlining the plight data managers often find themselves in: executives can talk a big game about big data, but want to foist all the responsibility onto their overworked and outdated IT departments. The article asserts, though, that today’s emphasis on data analysis will force a shift in perspective and approach—data organization will come to resemble the Dewey Decimal System. Dossantos writes:
“Traditional Data Warehouses do not work unless there a common vocabulary and understanding of a problem, but consider how things work in academia. Every day, tenured professors and students pore over raw material looking for new insights into the past and new ways to explain culture, politics, and philosophy. Their sources of choice: archived photographs, primary documents found in a city hall, monastery or excavation site, scrolls from a long-abandoned cave, or voice recordings from the Oval office – in short, anything in any kind of format. And who can help them find what they are looking for? A skilled librarian who knows how to effectively search for not only books, but primary source material across the world, who can understand, create, and navigate a catalog to accelerate a researcher’s efforts.”
The article goes on to discuss the influence of the “Wikipedia mindset;” data accuracy and whether it matters; and devising structures to address different researchers’ needs. See the article for details on each of these (especially on meeting different needs.) The write-up concludes with a call for data-governance professionals to think of themselves as “data librarians.” Is this approach the key to more effective data search and analysis?
Cynthia Murrell, December 31, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Scientific Research Has Turned into a Safe Space
December 31, 2015
The Internet is a cold, cruel place, especially if you hang out in the comments section on YouTube, eBay forums, social media, and 4chan. If you practice restraint and limit your social media circles to trusted individuals, you can surf the Internet without encountering trolls and haters. Some people do not practice common sense, so they encounter many hateful situations on the Internet and as a result they demand “safe spaces.” Safe spaces are where people do not encounter anything negative.
Safe spaces are stupid. Period. What is disappointing is that the “safe space” and “only positive things” has made its way into the scientific community according to Nature in the article, “‘Novel, Amazing, Innovative’: Positive Words On The Rise In Science Papers.”
The University Medical Center in the Netherlands studied the use of positive and negative words in the titles of scientific papers and abstracts from 1974-2014 published on the medical database PubMed. The researchers discovered that positive words in titles grew from 2% in 1974 to 17.5% in 2014. Negative word usage increased from 1.3% to 2.4%, while neutral words did not see any change. The trend only applies to research papers, as the same test was run using published books and it showed little change.
“The most obvious interpretation of the results is that they reflect an increase in hype and exaggeration, rather than a real improvement in the incidence or quality of discoveries… The findings “fit our own observations that in order to get published, you need to emphasize what is special and unique about your study,” he says. Researchers may be tempted to make their findings stand out from thousands of others — a tendency that might also explain the more modest rise in usage of negative words.”
While there is some doubt associated with the findings, because it was only applied to PubMed. The original research team thinks that it points to much larger problem, because not all research can be “innovative” or “novel.” The positive word over usage is polluting the social, psychological, and biomedical sciences.
Under the table, this really points to how scientists and researchers are fighting for tenure. What would this mean for search engine optimization if all searches and descriptions had to have a smile? Will they even invent a safe space filter?
Whitney Grace, December 31, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
SEO Tips Based on Recent Google Search Quality Guidelines
December 30, 2015
Google has recently given search-engine optimization pros a lot to consider, we learn from “Top 5 Takeaways from Google’s Search Quality Guidelines and What They Mean for SEO” at Merkle’s RKG Blog. Writer Melody Pettula presents five recommendations based on Google’s guidelines. She writes:
“A few weeks ago, Google released their newest Search Quality Evaluator Guidelines, which teach Google’s search quality raters how to determine whether or not a search result is high quality. This is the first time Google has released the guidelines in their entirety, though versions of the guidelines have been leaked in the past and an abridged version was released by Google in 2013. Why is this necessary? ‘Quality’ is no longer simply a function of text on a page; it differs by device, location, search query, and everything we know about the user. By understanding how Google sees quality we can improve websites and organic performance. Here’s a countdown of our top 5 takeaways from Google’s newest guidelines and how they can improve your SEO strategy.”
We recommend any readers interested in SEO check out the whole article, but here are the five considerations Pettula lists, from least to most important: consider user intent; supply supplementary content; guard your reputation well; consider how location affects user searches; and, finally, “mobile is the future.” On that final point, the article notes that Google is now almost entirely focused on making things work for mobile devices. SEO pros would do well to keep that new reality in mind.
Cynthia Murrell, December 30, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New and Improved Hacker Methods in China
December 30, 2015
We learn from an article at Yahoo News that, “On China’s Fringes, Cyber Spies Raise Their Game.” Reporters Clare Baldwin, James Pomfret, and Jeremy Wagstaff report that hackers backed by China are using some unique methods, according to Western security experts. Search is but a tiny part of this approach but, perhaps not surprisingly, cloud storage is a factor. The article relates:
“Hackers have expanded their attacks to parking malware on popular file-sharing services including Dropbox and Google Drive to trap victims into downloading infected files and compromising sensitive information. They also use more sophisticated tactics, honing in on specific targets through so-called ‘white lists’ that only infect certain visitors to compromised websites. Security experts say such techniques are only used by sophisticated hackers from China and Russia, usually for surveillance and information extraction. The level of hacking is a sign, they say, of how important China views Hong Kong, where 79 days of protests late last year brought parts of the territory, a major regional financial hub, to a standstill. The scale of the protests raised concerns in Beijing about political unrest on China’s periphery. ‘We’re the most co-ordinated opposition group on Chinese soil, (and) have a reasonable assumption that Beijing is behind the hacking,’ said Lam Cheuk-ting, chief executive of Hong Kong’s Democratic Party, which says it has been a victim of cyber attacks on its website and some members’ email accounts.”
Officially, China’s Defense Ministry denies any connection to the attacks, but that is nothing new. The adaptation of new hacking techniques is part of a continuing cycle; as journalists, scholars, and activists improve their security, hackers adapt. See the article for specifics on some attacks attributed to China-backed hackers, as well as some ways activists are trying to stay ahead.
Cynthia Murrell, December 30, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
