Dark Web Notebook Now Available

June 5, 2017

Arnold Information Technology has published Dark Web Notebook: Investigative Tools and Tactics for Law Enforcement, Security, and Intelligence Organizations. The 250-page book provides an investigator with instructions and tips for the safe use of the Dark Web. The book, delivered as a PDF file, costs $49.

Orders and requests for more information be directed to darkwebnotebook@yandex.com. Purchasers must verify that they work for a law enforcement, security, or intelligence organization. Dark Web Notebook is not intended for general distribution due to the sensitive information it contains.

The author is Stephen E Arnold, whose previous books include CyberOSINT: Next Generation Information Access and Google Version 2.0: The Calculating Predator, among others. Arnold, a former Booz, Allen & Hamilton executive, worked on the US government-wide index and the Threat Open Source Intelligence Gateway.

The Dark Web Notebook was suggested by attendees at Arnold’s Dark Web training sessions, lectures, and webinars. The Notebook provides specific information an investigator or intelligence professional can use to integrate Dark Web information into an operation.

Stephen E Arnold, author of the Dark Web Notebook, said:

“The information in the Dark Web Notebook has been selected and presented to allow an investigator to access the Dark Web quickly and in a way that protects his or her actual identity. In addition to practical information, the book explains how to gather information from the Dark Web. Also included are lists of vendors who provide Dark Web services to government agencies along with descriptions of open source and commercial software tools for gathering and analyzing Dark Web data. Much of the information has never been collected in a single volume written specifically for those engaged in active investigations or operations.”

The book includes a comprehensive table of contents, a glossary of terms and their definitions, and a detailed index.

The book is divided into 13 chapters. These are:

  1. Why write about the Dark Web?
  2. An Introduction to the Dark Web
  3. A Dark Web Tour with profiles of more than a dozen Dark Web sites, their products, and services
  4. Dark Web Questions and Answers
  5. Basic Security
  6. Enhanced Security
  7. Surface Web Resources
  8. Dark Web Search Systems
  9. Hacking the Dark Web
  10. Commercial Solutions
  11. Bitcoin and Variants
  12. Privacy
  13. Outlook

In addition to the Glossary, the annexes include a list of DARPA Memex open source software written to perform specific Dark Web functions, a list of spoofed Dark Web sites operated by law enforcement and intelligence agencies, and a list of training resources.

Kenny Toth, June 5, 2017

Can Digital Shadows Meet the Award Hype for Their Cyber Defense Product

April 28, 2017

The article on Zawya titled Digital Shadows Continues to Make Waves with Two Prestigious Award Wins positions Digital Shadows as the juggernaut of the risk management market with its product SearchLight sweeping up honors left and right from Cyber Defense Magazine, Momentum Partners, and the 2016 SINET awards. Each accolade cites Digital Shadows cutting edge technology and strategy. What makes the company so innovative?

Digital Shadows monitors for digital risks beyond the boundary of an organization, identifying cyber threats, data leakage and reputational risk. It then notifies clients of data leaks online; hacktivists’ or cybercriminals’ plans to target the organization; employees or suppliers putting themselves and their company at risk; along with criminals selling company information and data on the surface and dark web.

Beyond this, the alerts themselves are verified and rated in urgency by a team of analysts who also advise the organization on how to proceed for customized threat intelligence. Alastair Paterson, CEO and Co-Founder, calls the process a “marriage” between the technology and the human team. Digital Shadows has seen monumental growth in the triple digits for the past three years including opening new offices in Dallas, San Francisco, and London and building an employee base of over 100 people.

Chelsea Kerwin, April 28, 2017

Google Volunteers to Make Piracy Harder, and These Free Legal Music Sites Can Help

March 22, 2017

The article titled Google Will Make ‘Pirated’ Content Harder to Find From 1 June on The Inquirer proclaims a new approach to preventing piracy. Numerous entertainment organizations have nagged Google to set stricter rules, and even gone so far as to call Google a gateway to pirated content. The article mentions,

Google has already taken some steps to try and curb ‘piracy’ but has long refused to remove entire sites from search results as they may also offer legal content available for download. These days, the firm is flooded with takedown requests, last year revealing that it gets asked to remove 100,000 links to pirated content every hour.

The anti-piracy code will be adopted by Google and other unnamed search firms in cooperation with the British Intellectual Property Office. In the meantime, the article titled 7 Sites to Get Free Music (Legally!) on MakeUseOf suggests some solid options for people who want to kick the illegal pirating habit. BeSonic, Jamendo, and NoiseTrade are included on the list, and for those classical music lovers, MusOpen might have just the free content you are looking for.

Chelsea Kerwin, March 22, 2017

Dark Web Drug Dealers Busted in Finland

March 1, 2017

Law enforcement’s focus on the Dark Web seems to be paying off, as we learn from the write-up, “Finland: Dark Web Drug Operation Exposed” at Hetq, an outlet of the Association of Investigative Journalists. In what was described as Finland’s largest drug bust, authorities seized over a million dollars’ worth of narcotics from a network selling their wares on the Dark Web. We learn:

The network is alleged to have imported €2 million (US$ 2.2 million) worth of drugs between 2014 and 2016, selling them on the dark web site Silkkitie. More than 40 kilograms of powdered narcotics, such as amphetamine, heroin and cocaine, as well as 40,000 ecstasy tablets and 30,000 LSD blotters were smuggled into Finland from the Netherlands and Germany, and then sold on the site. …

As part of the investigation, customs officers in April seized at least €1.1 million worth of heroin, cocaine, methamphetamine, MDMA and ecstasy in the coastal town of Kustavi. The same month, police arrested three Finnish citizens.

The write-up notes that Silkkitie users communicated through encrypted messages under pseudonyms, and that Bitcoin was the currency used. We’re also reminded that Silkkitie, a.k.a. Valhalla, is one of the Dark Web’s most popular drug marketplaces. The Finnish site was launched in 2013.

Cynthia Murrell, March 1, 2017

Debunking Myths About the Dark Web

February 22, 2017

What is known as the Dark Web has a fair amount of myth surrounding it, thanks to a sensationalized name and a few high-profile media stories. Tech Republic shared an article called, Four misleading myths about the Dark Web, attempting to shine light on some of the common fallacies. In summary, the Dark Web is not necessarily anonymous, it’s not very difficult to access, it’s not all nefarious activity, and there is support for businesses and organizations seeking protection from and prevention of cybertheft and security breaches. The article explains,

The biggest mistake businesses large and small can make regarding the Dark Web is to pretend it doesn’t exist. After the FBI took down the Silk Road, dozens of other niche markets took its place. With a slick interface and well organized ecommerce-like storefront, AlphaBay, one of the largest black markets on the Dark Web, makes shopping for stolen credit card data a breeze. Fortunately for companies, there’s no need to track the Dark Web alone. One technology in particular, Matchlight by Terbium Labs, helps business monitor and locate stolen Dark Web data like stolen source code, employee social security numbers, and other proprietary trade documents.

The Dark Web has become almost synonymous with Tor, the seemingly most popular way to access it. Tor has actually been used since the 1990’s by members of the intelligence community; it was developed by the US Naval Research Laboratory. While over the last decade or so, Tor has been surrounded by media coverage about drugs and crime, it will be interesting to see if the coverage shifts — or increases — because of emerging technologies such as Matchlight.

Megan Feil, February 22, 2017

Google Battling Pirates More and More Each Year

February 10, 2017

So far, this has been a booming year for  DMCA takedown requests, we learn from TorrentFreak’s article, “Google Wipes Record Breaking Half Billion Pirate Links in 2016.” The number of wiped links has been growing rapidly over the last several years, but is that good or bad news for copyright holders? That depends on whom you ask. Writer Ernesto reveals the results of TorrentFreak’s most recent analysis:

Data analyzed by TorrentFreak reveals that Google recently received its 500 millionth takedown request of 2016. The counter currently [in mid-July] displays more than 523,000,000, which is yet another record. For comparison, last year it took almost the entire year to reach the same milestone. If the numbers continue to go up at the same rate throughout the year, Google will process a billion allegedly infringing links during the whole of 2016, a staggering number.

According to Google roughly 98% of the reported URLs are indeed removed. This means that half a billion links were stripped from search results this year alone. However, according to copyright holders, this is still not enough. Entertainment industry groups such as the RIAA, BPI and MPAA have pointed out repeatedly that many files simply reappear under new URLs.

Indeed; copyright holders continue to call for Google to take stronger measures. For its part, the company insists increased link removals is evidence that its process is working quite well. They issued out an update of their report, “How Google Fights Piracy.” The two sides remain deeply divided, and will likely be at odds for some time. Ernesto tells us some copyright holders are calling for the government to step in. That could be interesting.

Cynthia Murrell, February 10, 2017

Scanning for the True Underbelly of the Dark Web

February 7, 2017

Some articles about the Dark Web are erring on the side of humor about it’s threat-factor. Metro UK published 12 scary things which happen when you go on the ‘Dark Web’, which points out some less commonly reported happenings on the Dark Web. Amongst the sightings mentioned were: a German man selling pretzels, someone with a 10/10 rating at his carrot (the actual vegetable) marketplace, and a template for creating counterfeit Gucci designs. The article reports,

Reddit users shared their stories about the ‘dark web’ – specifically Tor sites, invisible to normal browsers, and notorious for hosting drug markets and child pornography. Using the free Tor browser, you can access special .onion sites – only accessible using the browser – many of which openly host highly illegal content including pirated music and films, drugs, child pornography and sites where credit card details are bought and sold.

While we chose not to summarize several of the more dark happenings mentioned by Redditors, we know the media has given enough of that side to let your imaginations run wild. Of course, as has also been reported by more serious publications, it is a myth that the Dark Web is only filled with cybercriminals. Unless pretzels have qualities that have yet to be understood as malicious.

Megan Feil, February 7, 2017

Royal Mail, Delivering Narcotics Efficiently

January 17, 2017

Unsuspecting Royal Mail postmen are delivering narcotics and drugs ordered over Dark Web to punters and buyers with much efficiency. Taking cognizance of the fact, The Home Office is planning an investment of GBP 1.9 billion over next five years to fight this new face of crime.

The Sun in an article titled Royal Mail Postmen Unknowingly Deliver Drugs Parcels Bought From the Dark Web says:

Royal Mail postmen are unknowingly delivering drug parcels bought from the dark web, it has been revealed. Millions of pounds of drugs are bought online every day via the dark web and shipped to punters anonymously.

The postmen, however, cannot be blamed as they are ill-equipped to find out what’s hidden inside a sealed parcel. Though drug sniffing dogs exist on paper for the Royal Mail, many postmen say they never saw one in their service life. Technology is yet to catch-up with dogs that can sniff out the drugs.

As the postmen are being put at risk delivering these packages, the Home Office in a statement said:

We have committed to spending £1.9bn on cybersecurity over the next five years, including boosting the capabilities of the National Crime Agency’s National Cyber Crime Unit, increasing their ability to investigate the most serious cybercrime.

Law enforcement agencies, including the ones in the US will have to invest in detecting and preventing such crimes. So far the success ratio has been barely encouraging. Till then, unsuspecting people will be used as pawns by cybercriminals, royally!

Vishal Ingole, January 17, 2017

Apache Tika Could Be the Google of Dark Web?

January 16, 2017

Conventional search engines can effectively index text based content. However, Apache Tika, a system developed by Defense Advanced Research Projects Agency (DARPA) can identify and analyze all kinds of content. This might enable law enforcement agencies to track all kind of illicit activities over Dark Web and possibly end them.

An article by Christian Mattmann titled Could This Tool for the Dark Web Fight Human Trafficking and Worse? that appears on Startup Smart says:

At present the most easily indexed material from the web is text. But as much as 89 to 96 percent of the content on the internet is actually something else – images, video, audio, in all thousands of different kinds of non-textual data types. Further, the vast majority of online content isn’t available in a form that’s easily indexed by electronic archiving systems like Google’s.

Apache Tika, which Mattmann helped develop bridges the gap by analyzing Metadata of the content type and then identifying content of the file using techniques like Named Entity Recognition (NER). Apache Tika was instrumental in tracking down players in Panama Scandal.

If Apache Tika is capable of what it says, many illicit activities over Dark Web like human trafficking, drug and arms peddling can be stopped in its tracks. As the author points out in the article:

Employing Tika to monitor the deep and dark web continuously could help identify human- and weapons-trafficking situations shortly after the photos are posted online. That could stop a crime from occurring and save lives.

However, the system is not sophisticated enough to handle the amount of content that is out there. Being an open source code, in near future someone may be able to make it capable of doing so. Till then, the actors of Dark Web can heave a sigh of relief.

Vishal Ingole, January 16, 2017

 

HSDirs Could Be the Key to Dark Web Intelligence

January 12, 2017

An article on Security Affairs called Boffins spotted over 100 snooping Tor HSDir nodes spying on Dark Web sites points to a new tactic that could be useful to companies offering Dark Web intelligence services. Within the inner workings of the Dark Web live at least 100, according to researchers, malicious hidden service directories (HSDirs). These are the relays of the network that allow people to visit hidden services. The author quotes researchers Filippo Valsorda and George Tankersley who presented at the Hack in the Box Security Conference,

When a person wants to host a hidden service, they have to advertise their service on a Tor Onion database, which is a DHT made up of a group of stable relay machines called HSDirs . The person who wants to visit the hidden service has to request information about that service from the database. Therefore, those relays or HSDirs can see who is making the request for a connection and when you want to connect. Therefore, to deanonymize a user’s traffic, an attacker could choose to become the HSDir nodes for the hidden service.

Additionally, researchers from Karlstad University in Sweden found 25 nodes within the The Onion Router (Tor) which showed entities snooping on the supposedly anonymous network. It appears gaps exist. The research shows an unspecified actor from Russia was eavesdropping. Are these snoopers Dark Web intelligence or cybercriminals? We shall stay tuned.

Megan Feil, January 12, 2017

Next Page »

  • Archives

  • Recent Posts

  • Meta