• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

The Child Protection System Catches Pedophiles

Child pornography plagues the Internet’s underbelly, the Dark Web, per-to-per sharing networks, and even simple Google search. Law enforcement officials want to protect children and stop the spread of child pornography, so a new software called Child Protection System was created. NBC News shares details in the article, “Inside the Surveillance Software Tracking Child Porn Offenders Across the Globe.”

The Child Protection System was designed by the Florida nonprofit Child Rescue Coalition. It is a forensic tool that scans file sharing networks and chatrooms to locate computers that download child pornography. It is programmed to search for over two hundred terms related to child sex abuse. These scans are then used as probable cause to gain search warrants. Child Protection System’s scans were used to arrest over 12,000 people. The software can search down to the county level and it also looks for images of children deemed twelve and under. It saves a lot of investigation time:

“ ‘The Child Protection System “has had a bigger effect for us than any tool anyone has ever created. It’s been huge,’ said Dennis Nicewander, assistant state attorney in Broward County, Florida, who has used the software to prosecute about 200 cases over the last decade. ‘They have made it so automated and simple that the guys are just sitting there waiting to be arrested.’ The Child Rescue Coalition gives its technology for free to law enforcement agencies, and it is used by about 8,500 investigators in all 50 states. It’s used in 95 other countries, including Canada, the U.K. and Brazil. Since 2010, the nonprofit has trained about 12,000 law enforcement investigators globally.”

The Child Rescue Coalition wants to partner with social media platforms, schools, and more in order to discover who is downloading child pornography. These platforms often contain information of people discussing suspicious behavior, but does not indicate criminal activities. If data from the Child Protection System and these platforms were cross-matched it might indicate possible bad actors.

Some assert that surveillance software is that it is breaking privacy laws. Handing over all this surveillance power to governments requires safeguards to protect individuals’ privacy.

Whitney Grace, August 11, 2020

Spear Fishing: The Key to the Garmin Ransomware Attack

DarkCyber is not too keen on widely disseminated explanations of criminal procedures. “How to’s” may provide the equivalent of a jail house education to some. The article “Crypto-Ransomware in Action: A Closer Look at the WastedLocker Hijack of Garmin” explains the attack on the an outfit specializing geo-technology. Think GPS in consumer gizmos, aircraft, and vehicle. The write up quotes Kaspersky, a security outfit with some interesting allegations clinging to its shirt tails, as noting:

“This incident only highlights that there is a growing trend of targeted crypto-ransomware attacks against large corporations—in contrast to the more widespread and popular ransomware campaigns of the past, like WannaCry and NotPetya. While there are fewer victims, these targeted attacks are typically more sophisticated and destructive. And there is no evidence to suggest that they will decline in the near future. Therefore, it’s critical that organizations stay on alert and take steps to protect themselves.” [Fedor Sinitsyn, security expert at Kaspersky]

Additional details on the attack are available in the technical analysis on the Kaspersky Web site at this link. The write up includes screenshots and code samples. The details include this statement:

It uses a “classic” AES+RSA cryptographic scheme which is strong and properly implemented, and therefore the files encrypted by this sample cannot be decrypted without the threat actors’ private RSA key. The Garmin incident is the next in a series of targeted attacks on large organizations involving crypto-ransomware. Unfortunately, there is no reason to believe that this trend will decline in the near future.

DarkCyber agrees. Jail house learning?

Stephen E Arnold, August 11, 2020

DarkCyber for August 11, 2020, Now Available

DarkCyber is a video news program about the Dark Web, cyber crime, and lesser known Internet services. The program for August 11, 2020, covers four stories. This week’s program is available on YouTube at this link. [Note below]

Stephen E Arnold, the producer of DarkCyber, illustrates how to jam Alexa’s surveillance components. When a white noise is not enough, Arnold points to a Web site which sells a wide array of jamming equipment. The video features a diagram of how a jamming device can disrupt mobile signals, Wi-Fi, and Bluetooth from a vehicle. If a basic mobile jammer is not suitable, Arnold provides information about a military-grade detection and jamming device with a comprehensive kill chain subsystem. Arnold reminds the viewer that use of some jamming devices can have unexpected consequences.

The second story addresses the TikTok dust up between the US and China. Arnold focuses on the trivializing of the TikTok threat by pundits. These individuals, in Arnold’s opinion, are not assessing the social engineering risks posed by a TikTok-type service. Data from a consumer app can pinpoint an individual who may be susceptible to cash inducements or threats to compromise the security of a workplace. TikTok videos may be silly, but the operators of the services are unlikely to be blind to the value of the data and its utility.

The third story considers iPhone hacking. Software, available via the regular Web, promises to hack an iPhone. If that approach does not work, there are hackers advertising iPhone hacking on the regular Internet. But what if the hack requires more aggressiveness? Arnold provides a link to a Dark Web site which makes clear that its operator will do anything for money. Can the iPhone be hacked? That depends on one’s willingness to believe information published on the Internet.

The final story focuses on the August 2020 Interpol report about cyber crime in the time of Covid. The report is available without charge, and its findings echo those of speakers at the 2020 National Cyber Crime Conference, held in July 2020. Arnold provides the url from which the new report can be downloaded without charge.

I wanted to point out that we will no longer post a copy of the video on Vimeo. That company sent an email demanding that Stephen E Arnold upgrade to a Pro account. Instead of saying, “We are raising prices,” Vimeo threatened Arnold with termination of his account because the free DarkCyber video is a commercial enterprise. Arnold wrote Vimeo twice pointing out that he retired in 2013, produces the video without financial support or sponsorship, and makes the content available to anyone interested in the Dark Web, cybercrime, and lesser known Internet services. Arnold told me,

“Millennial marketers at Vimeo thinks it is doing its job by making false accusations and then ignoring respectful questions about the fee change. Cancel culture to Vimeo, ‘You are history. This is your termination notice.’

We will give Facebook a whirl and include that url if the service allows easy access with a minimum of invasive surveillance, pop ups, and targeted advertising for WhatsApp.

Kenny Toth, August 11, 2020

Amazon Policeware: Fraud Detection

We spotted “Fraud Detector Launched on AWS Platform.” As one pre pandemic, face-to-face conference organizer told me, “No one cares about Amazon policeware. The future is quantum computing.”

Yeah, okay.

Amazon does not buy big booths at law enforcement and intelligence conferences. For now, that’s the responsibility of its partners. No booth, no attention at least for one super charged quantum cheerleader.

The write up states:

With Amazon Fraud Detector, customers use their historical data of both fraudulent and legitimate transactions to build, train, and deploy machine learning models that provide real-time, low-latency fraud risk predictions. To get started, customers upload historical event data (e.g. transactions, account registrations, loyalty points redemptions, etc.) to Amazon Simple Storage Service (Amazon S3), where it is encrypted in transit and at rest and used to customize the model’s training. Customers only need to provide any two attributes associated with an event (e.g. logins, new account creation, etc.) and can optionally add other data (e.g. billing address or phone number). Based upon the type of fraud customers want to predict, Amazon Fraud Detector will pre-process the data, select an algorithm, and train a model.

And what does an Amazon person whom remains within the Amazon box with the smile on the side say? The write up reports:

Customers of all sizes and across all industries have told us they spend a lot of time and effort trying to decrease the amount of fraud occurring on their websites and applications. By leveraging 20 years of experience detecting fraud coupled with powerful machine learning technology, we’re excited to bring customers Amazon Fraud Detector so they can automatically detect potential fraud, save time and money, and improve customer experiences—with no machine learning experience required.

Several observations:

1. Combined with “other” financial data available within the AWS system, Amazon’s fraud detection system may be of interest to some significant financial services firms.
2. The technology provides a glimpse of what AWS can support; for example, matching tax returns to “other” financial signals in order to flag interesting returns.
3. The technical widgets in the AWS structure makes it possible for a clever partner to reinvent a mostly unknown financial task: Identification or flagging of medical financial data for fraud. Subrogation with the point-and-click Amazon interface? Maybe.

To sum up, we offer a one hour lecture about Amazon’s policeware initiative. I know “free” is compelling, but this lecture costs money. For details write darkcyber333 at yandex dot com. Note: The program is different from our Amazon lecture for the 2020 US National Cyber Crime Conference.

No, it is not about the Quantum Computer Revolutions, but we do discuss Amazon’s Quantum Ledger Database. It works. Some quantum computing demonstrations do not.

Stephen E Arnold, August 4, 2020

Tech Downturn May Boost the Spirits of Criminal Combines

DarkCyber noted “Developer, Data Science Jobs: US Tech Is Taking a Worse Hit Than Other Sectors.” The write up reports:

New US tech job postings started to fall behind other sectors in mid-May and have slowed down even more since then, according to Indeed. Overall job postings, as expected are down too, but only by 21% year on year versus 36% for the tech sector.

DarkCyber wants to point out that when legitimate technology jobs disappear, the technical professionals turn to gig sites to drum up business.

However, the unsuspecting professional seeking a job in networking, cyber security, or video streaming may accept a project from a company outside the US. That job, however, may be for an illegal video streaming operation run out of a store front in another country.

How does a US technical professional avoid doing work which may be ultimately to the benefit of a bad actor? Research and judgment.

Stephen E Arnold, August 4, 2020

European Union: Yes, Russia Warrants Some Attention

With so many smart people wrestling with the Google and cage fighting with England, I was surprised to read “EU, in First Ever Cyber Sanctions, Hits Russian Intelligence.” The allegedly accurate write up states:

Four members of Russia’s GRU military intelligence agency were singled out. The EU accuses them of trying to hack the wifi network of the Netherlands-based Organization for the Prohibition of Chemical Weapons, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.

In addition, two individuals described as “Chinese nationals” found themselves in the sanction target area.

There are several ways to look at this action. First, the Google is a bigger deal than the EU’s friend to the East. Second, the Brexit fishing rights thing distracted EU officials from mere intelligence and trans-national security matters. Third, maybe someone realized that cyber espionage and cyber attacks are something to think about. A couple of years or more seems pretty snappy compared to other EU projects.

Stephen E Arnold, August 3, 2020

Quantexa: A Better Way to Nail a Money Launderer?

We noted the Techcrunch article “Quantexa Raises $64.7M to Bring Big Data Intelligence to Risk Analysis and Investigations.” There were a number of interesting statements or factoids in the write up; for example:

Altogether, Quantexa has “thousands of users” across 70+ countries, it said, with additional large enterprises, including Standard Chartered, OFX and Dunn & Bradstreet.

We also circled in true blue marker this passage:

As an example, typically, an investigation needs to do significantly more than just track the activity of one individual or one shell company, and you need to seek out the most unlikely connections between a number of actions in order to build up an accurate picture. When you think about it, trying to identify, track, shut down and catch a large money launderer (a typical use case for Quantexa’s software) is a classic big data problem.

And lastly:

Marria [the founder] says that it has a few key differentiators from these. First is how its software works at scale: “It comes back to entity resolution that [calculations] can be done in real time and at batch,” he said. “And this is a platform, software that is easily deployed and configured at a much lower total cost of ownership. It is tech and that’s quite important in the current climate.”

Some “real time” systems require time consuming and often elaborate configuration to produce useful outputs. The buzzwords take precedence over the nuts and bolts of installing, herding data, and tuning the outputs of this type of system.

Worth monitoring how the company’s approach moves forward.

Stephen E Arnold, July 29, 2020

DarkCyber for July 28, 2020, Now Available

The July 28, 2020, DarkCyber is now available. You can view the program on YouTube or on Vimeo.

DarkCyber reports about online, cyber crime, and lesser known Internet services. The July 28, 2020, program includes six stories. First, DarkCyber explains how the miniaturized surveillance device suitable for mounting on an insect moves its camera. With further miniaturization, a new type of drone swarm becomes practical. Second, DarkCyber explains that the value of a stolen personal financial instrument costs little. The vendors guarantee 80 percent success rate on their stolen personally identifiable information or fullz. Third, SIM card limits are in place in South Africa. Will such restrictions on the number of mobile SIM cards spread to other countries or are the limits already in place, just not understood. Fourth, Coinbase bought a bitcoin deanonymization company. Then Coinbase licensed the technology to the US Secret Service. Twitter denizens were not amused. Fifth, Microsoft released a road map to a specific type of malware. Then two years later the story was picked up, further disseminating what amounts to a how to. DarkCyber explains where to download the original document. The final story presents DarkCyber’s view of the management lapses which made the Twitter hack a reality. Adult management is now imperative at the social media company doing its best to create challenges for those who value civil discourse and an intact social fabric.

The delay between our June 9, 2020, video about artificial intelligence composing “real” music and today’s program is easy to explain. Stephen E Arnold, the 76 year old wobbling through life, had the DarkCyber and Beyond Search team working on his three presentations at the US National Cyber Crime Conference. These programs are available via the NCC contact point in the Massachusetts’ Attorney General Office.

The three lectures were:

1. Amazon policeware, which we pre-recorded in the DarkCyber format
2. A live lecture about investigative software
3. A live lecture about Dark Web trends in 2020.

Based on data available to the DarkCyber team, the septuagenarian reached about 500 of the 2000 attendees. Go figure.

Kenny Toth, July 28, 2020

2020: Reactive, Semi-Proactive, and Missing the Next Big Thing

I wanted to wrap up my July 28, 2020, DarkCyber this morning. Producing my one hour pre recorded lecture for the US National Cyber Crime Conference sucked up my time.

But I scanned two quite different write ups AFTER I read “Public Asked To Report Receipt of any Unsolicited Packages of Seeds.” Call me suspicious, but I noted this passage in the news release from the Virginia Department of Agriculture and Consumer Services:

The Virginia Department of Agriculture and Consumer Services (VDACS) has been notified that several Virginia residents have received unsolicited packages containing seeds that appear to have originated from China. The types of seeds in the packages are unknown at this time and may be invasive plant species. The packages were sent by mail and may have Chinese writing on them. Please do not plant these seeds.

And why, pray tell. What’s the big deal with seeds possibly from China, America’s favorite place to sell soy beans? Here’s the key passage:

Invasive species wreak havoc on the environment, displace or destroy native plants and insects and severely damage crops. Taking steps to prevent their introduction is the most effective method of reducing both the risk of invasive species infestations and the cost to control and mitigate those infestations.

Call me suspicious, but the US is struggling with the Rona or what I call WuFlu, is it not? Now seeds. My mind suggested from parts unknown that perhaps, just perhaps, the soy bean buyers are testing another bio-vector.

As the other 49 states realize that they too may want to put some “real” scientists to work examining the freebie seeds, I noted two other articles.

I am less concerned with the intricate arguments, the charts, and the factoids and more about how I view each write up in the context of serious thinking about some individuals’ ability to perceive risk.

The first write up is by a former Andreessen Horowitz partner. The title of the essay is “Regulating Technology.” The article explains that technology is now a big deal, particularly online technology. The starting point is 1994, which is about 20 years after the early RECON initiatives. The key point is that regulators have had plenty of time to come to grips with unregulated digital information flows. (I want to point out that those in Mr. Evans’ circle tossed accelerants into the cyberfires which were containable decades ago.) My point is that current analysis makes what is happening so logical, just a half century too late.

The second write up is about TikTok, the Chinese centric app banned in India and accursed of the phone home tricks popular among the Huawai and Xiaomi crowd. “TikTok, the Facebook competitor?’s” point seems to be that TikTok has bought its way into the American market. The same big tech companies that continue to befuddle analysts and regulators took TikTok’s cash and said, “Come on down.” The TikTok prize may be a stream of free flowing data particularized to tasty demographics. My point is that this is a real time, happening event. There’s nothing like a “certain blindness” to ensure a supercharged online service will smash through data collection barriers.

News flash. The online vulnerabilities (lack of regulation, thumb typing clueless users, and lack of meaningful regulatory action) are the old threat vector.

The new threat vector? Seeds. Bio-attacks. Bio-probes. Bio-ignorance. Big, fancy thoughts are great. Charts are wonderful. Reformed Facebookers’ observations are interesting. But the now problem is the bio thing.

Just missing what in front of their faces maybe? Rona masks and seed packets. Probes or attacks? The motto may be a certain foreign power’s willingness to learn the lessons of action oriented people like Generals Curtis LeMay or George Patton. Add some soy sauce and stir in a cup of Sun Tzu. Yummy. Cheap. Maybe brutally effective?

So pundits and predictive analytics experts, analyze but look for the muted glowing of threat vector beyond the screen of one’s mobile phone.

Stephen E Arnold, July 27, 2020

The Cloud Becomes the New PC, So the Cloud Becomes the Go To Attack Vector

Cloud providers are not Chatty Cathies when it comes to some of their customers’ more interesting activities. Take malware, for example. Bad actors can use cloud services for a number of activities, including a temporary way station when deploying malware, delivering bogus or spoofed Web sites as part of a social engineering play, or just launching phishing emails. Major cloud providers are sprawling operations, and management tools are still in their infancy. In fact, management software for cloud operators are in a cat-and-mouse race. Something happens, and the cloud provider responds.

“Hackers Found Using Google Cloud to Hide Phishing Attacks” provides some information about the Google and its struggles to put on a happy face for prospects and regulators while some Googlers are reading books about dealing with stressful work.

The article reports:

Researchers at cybersecurity firm Check Point on Tuesday cited an instance when hackers used advanced features on Google Cloud Platform to host phishing pages and hide them. Some of the warning signs that users generally look out for in a phishing attack include suspicious-looking domains, or websites without a HTTPS certificate. However, by using well-known public cloud services such as Google Cloud or Microsoft Azure to host their phishing pages, the attackers can overcome this obstacle and disguise their malicious intent, improving their chances of ensnaring even security-savvy victims…

What’s the fix?

Obviously vendors of cloud management software, hawkers of smart cyber security systems, and bright young PhD track cyber specialists have ideas.

The reality may be that for now, there is no solution. Exposed Amazon S3 buckets, Google based endeavors, and Microsoft (no, we cannot update Windows 10 without crashing some machines) Azure vectors are here to stay.

Perhaps one should tweet this message? Oh, right, Twitter was compromised. Yeah.

Stephen E Arnold, July 24, 2020

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Explaining Graykey: Helpful or Harmful for Law Enforcement?
  • Apple: Another Problem Becoming Evident
  • Early AI Adoption: Some Benefits
  • FOGINT: Security Tools Over Promise & Under Deliver
  • More Googley Human Resource Goodness

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org