• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

European Union: Yes, Russia Warrants Some Attention

With so many smart people wrestling with the Google and cage fighting with England, I was surprised to read “EU, in First Ever Cyber Sanctions, Hits Russian Intelligence.” The allegedly accurate write up states:

Four members of Russia’s GRU military intelligence agency were singled out. The EU accuses them of trying to hack the wifi network of the Netherlands-based Organization for the Prohibition of Chemical Weapons, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.

In addition, two individuals described as “Chinese nationals” found themselves in the sanction target area.

There are several ways to look at this action. First, the Google is a bigger deal than the EU’s friend to the East. Second, the Brexit fishing rights thing distracted EU officials from mere intelligence and trans-national security matters. Third, maybe someone realized that cyber espionage and cyber attacks are something to think about. A couple of years or more seems pretty snappy compared to other EU projects.

Stephen E Arnold, August 3, 2020

Quantexa: A Better Way to Nail a Money Launderer?

We noted the Techcrunch article “Quantexa Raises $64.7M to Bring Big Data Intelligence to Risk Analysis and Investigations.” There were a number of interesting statements or factoids in the write up; for example:

Altogether, Quantexa has “thousands of users” across 70+ countries, it said, with additional large enterprises, including Standard Chartered, OFX and Dunn & Bradstreet.

We also circled in true blue marker this passage:

As an example, typically, an investigation needs to do significantly more than just track the activity of one individual or one shell company, and you need to seek out the most unlikely connections between a number of actions in order to build up an accurate picture. When you think about it, trying to identify, track, shut down and catch a large money launderer (a typical use case for Quantexa’s software) is a classic big data problem.

And lastly:

Marria [the founder] says that it has a few key differentiators from these. First is how its software works at scale: “It comes back to entity resolution that [calculations] can be done in real time and at batch,” he said. “And this is a platform, software that is easily deployed and configured at a much lower total cost of ownership. It is tech and that’s quite important in the current climate.”

Some “real time” systems require time consuming and often elaborate configuration to produce useful outputs. The buzzwords take precedence over the nuts and bolts of installing, herding data, and tuning the outputs of this type of system.

Worth monitoring how the company’s approach moves forward.

Stephen E Arnold, July 29, 2020

DarkCyber for July 28, 2020, Now Available

The July 28, 2020, DarkCyber is now available. You can view the program on YouTube or on Vimeo.

DarkCyber reports about online, cyber crime, and lesser known Internet services. The July 28, 2020, program includes six stories. First, DarkCyber explains how the miniaturized surveillance device suitable for mounting on an insect moves its camera. With further miniaturization, a new type of drone swarm becomes practical. Second, DarkCyber explains that the value of a stolen personal financial instrument costs little. The vendors guarantee 80 percent success rate on their stolen personally identifiable information or fullz. Third, SIM card limits are in place in South Africa. Will such restrictions on the number of mobile SIM cards spread to other countries or are the limits already in place, just not understood. Fourth, Coinbase bought a bitcoin deanonymization company. Then Coinbase licensed the technology to the US Secret Service. Twitter denizens were not amused. Fifth, Microsoft released a road map to a specific type of malware. Then two years later the story was picked up, further disseminating what amounts to a how to. DarkCyber explains where to download the original document. The final story presents DarkCyber’s view of the management lapses which made the Twitter hack a reality. Adult management is now imperative at the social media company doing its best to create challenges for those who value civil discourse and an intact social fabric.

The delay between our June 9, 2020, video about artificial intelligence composing “real” music and today’s program is easy to explain. Stephen E Arnold, the 76 year old wobbling through life, had the DarkCyber and Beyond Search team working on his three presentations at the US National Cyber Crime Conference. These programs are available via the NCC contact point in the Massachusetts’ Attorney General Office.

The three lectures were:

1. Amazon policeware, which we pre-recorded in the DarkCyber format
2. A live lecture about investigative software
3. A live lecture about Dark Web trends in 2020.

Based on data available to the DarkCyber team, the septuagenarian reached about 500 of the 2000 attendees. Go figure.

Kenny Toth, July 28, 2020

2020: Reactive, Semi-Proactive, and Missing the Next Big Thing

I wanted to wrap up my July 28, 2020, DarkCyber this morning. Producing my one hour pre recorded lecture for the US National Cyber Crime Conference sucked up my time.

But I scanned two quite different write ups AFTER I read “Public Asked To Report Receipt of any Unsolicited Packages of Seeds.” Call me suspicious, but I noted this passage in the news release from the Virginia Department of Agriculture and Consumer Services:

The Virginia Department of Agriculture and Consumer Services (VDACS) has been notified that several Virginia residents have received unsolicited packages containing seeds that appear to have originated from China. The types of seeds in the packages are unknown at this time and may be invasive plant species. The packages were sent by mail and may have Chinese writing on them. Please do not plant these seeds.

And why, pray tell. What’s the big deal with seeds possibly from China, America’s favorite place to sell soy beans? Here’s the key passage:

Invasive species wreak havoc on the environment, displace or destroy native plants and insects and severely damage crops. Taking steps to prevent their introduction is the most effective method of reducing both the risk of invasive species infestations and the cost to control and mitigate those infestations.

Call me suspicious, but the US is struggling with the Rona or what I call WuFlu, is it not? Now seeds. My mind suggested from parts unknown that perhaps, just perhaps, the soy bean buyers are testing another bio-vector.

As the other 49 states realize that they too may want to put some “real” scientists to work examining the freebie seeds, I noted two other articles.

I am less concerned with the intricate arguments, the charts, and the factoids and more about how I view each write up in the context of serious thinking about some individuals’ ability to perceive risk.

The first write up is by a former Andreessen Horowitz partner. The title of the essay is “Regulating Technology.” The article explains that technology is now a big deal, particularly online technology. The starting point is 1994, which is about 20 years after the early RECON initiatives. The key point is that regulators have had plenty of time to come to grips with unregulated digital information flows. (I want to point out that those in Mr. Evans’ circle tossed accelerants into the cyberfires which were containable decades ago.) My point is that current analysis makes what is happening so logical, just a half century too late.

The second write up is about TikTok, the Chinese centric app banned in India and accursed of the phone home tricks popular among the Huawai and Xiaomi crowd. “TikTok, the Facebook competitor?’s” point seems to be that TikTok has bought its way into the American market. The same big tech companies that continue to befuddle analysts and regulators took TikTok’s cash and said, “Come on down.” The TikTok prize may be a stream of free flowing data particularized to tasty demographics. My point is that this is a real time, happening event. There’s nothing like a “certain blindness” to ensure a supercharged online service will smash through data collection barriers.

News flash. The online vulnerabilities (lack of regulation, thumb typing clueless users, and lack of meaningful regulatory action) are the old threat vector.

The new threat vector? Seeds. Bio-attacks. Bio-probes. Bio-ignorance. Big, fancy thoughts are great. Charts are wonderful. Reformed Facebookers’ observations are interesting. But the now problem is the bio thing.

Just missing what in front of their faces maybe? Rona masks and seed packets. Probes or attacks? The motto may be a certain foreign power’s willingness to learn the lessons of action oriented people like Generals Curtis LeMay or George Patton. Add some soy sauce and stir in a cup of Sun Tzu. Yummy. Cheap. Maybe brutally effective?

So pundits and predictive analytics experts, analyze but look for the muted glowing of threat vector beyond the screen of one’s mobile phone.

Stephen E Arnold, July 27, 2020

The Cloud Becomes the New PC, So the Cloud Becomes the Go To Attack Vector

Cloud providers are not Chatty Cathies when it comes to some of their customers’ more interesting activities. Take malware, for example. Bad actors can use cloud services for a number of activities, including a temporary way station when deploying malware, delivering bogus or spoofed Web sites as part of a social engineering play, or just launching phishing emails. Major cloud providers are sprawling operations, and management tools are still in their infancy. In fact, management software for cloud operators are in a cat-and-mouse race. Something happens, and the cloud provider responds.

“Hackers Found Using Google Cloud to Hide Phishing Attacks” provides some information about the Google and its struggles to put on a happy face for prospects and regulators while some Googlers are reading books about dealing with stressful work.

The article reports:

Researchers at cybersecurity firm Check Point on Tuesday cited an instance when hackers used advanced features on Google Cloud Platform to host phishing pages and hide them. Some of the warning signs that users generally look out for in a phishing attack include suspicious-looking domains, or websites without a HTTPS certificate. However, by using well-known public cloud services such as Google Cloud or Microsoft Azure to host their phishing pages, the attackers can overcome this obstacle and disguise their malicious intent, improving their chances of ensnaring even security-savvy victims…

What’s the fix?

Obviously vendors of cloud management software, hawkers of smart cyber security systems, and bright young PhD track cyber specialists have ideas.

The reality may be that for now, there is no solution. Exposed Amazon S3 buckets, Google based endeavors, and Microsoft (no, we cannot update Windows 10 without crashing some machines) Azure vectors are here to stay.

Perhaps one should tweet this message? Oh, right, Twitter was compromised. Yeah.

Stephen E Arnold, July 24, 2020

Russian Hacker: Maybe a Tattoo and New Opportunities for Friendship?

In my Dark Web 2020 lecture in July for the “now virtual” US National Cyber Crime Conference, I will review some of the information my study team has gathered about Russian digital crime factories. Some of these are hidden in plain sight. Others are less visible. In this interesting world, surprises are not uncommon. “Russian Cybercrime Boss Burkov Gets 9 Years” describes how “a well connected Russian hacker once described as an asset of supreme importance” booked a one-way ticket to prison. The write up explains that:

Aleksei Burkov of St. Petersburg, Russia admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts, and to being a founder of DirectConnection — a closely guarded underground community that attracted some of the world’s most-wanted Russian hackers.

Mr. Burkov (kopa to his Dark Web and hacker colleagues) operated DirectConnection (now offline). If you are interested in the legal explanation of Mr. Burkov’s activities, the indictment was online as of June 29, 2020, at this link. Some documents return cheerful 404 errors, and DarkCyber understands your pain.

Will Mr. Burkov share some of his knowledge about Russian cyber crime, a type of wrong doing that has been ignored by some authorities in Mr. Putin’s government? DarkCyber surmises that he may become a chatty Kathie once he experiences the delights of a sojourn in America.

Stephen E Arnold, June 29, 2020

Criminals Want Cash? An Astounding Insight for Whom Exactly?

Why is it so hard for some people to understand a concept? Cyber criminals break laws not because it is fun (some might get a kick out of it), but to steal money. The old adage “money makes the world go around” is the goal for cyber criminals, because with money they can live their desired lifestyle. Security Brief delves into a report about cyber criminal activities in: “Cybercriminals After Money More Than Anything Else-Verizon Report.”

Security Brief read the Verizon Business 2020 Data Breach Investigations Report, where there 32,000 breaches were analyzed. Of that 3950 were from eighty-one countries and 86% of the breaches were related money. When broken down by continents, 91% were in North America, 70% in Europe, Africa, and the Middle East, and 63% in Asia.

Most financially related organizations are taking precautions to protect their clients and fewer than one in twenty breaches exploit vulnerabilities. Other types of crumbier crime include:

“Other common cyber attacks include web application attacks, as threat actors go after cloud-based data. According to the report, more than 20% of attacks were against web application and used stolen credentials in some way. The report notes that the trend is worrying as more organizations shift business-critical workloads to the cloud.

Credential theft, phishing, business email compromise and other social engineering attacks caused more than 67% of breaches. Specifically, 37% of credential theft breaches used stolen or weak credentials, 25% involved phishing, and 22% involved human error.

Amongst malware incidents, ransomware was involved in 27% of cases, and 18% of organizations blocked at least one piece of ransomware in the last year.”

The article recommends businesses and users education themselves about common cyber crime attacks to prevent breaches. It is also a good idea to have a decent cyber security system that is regularly updated. Most breaches in North America involved stolen credentials, phishing/pretexting.

Money motivates cyber criminals? Why does that even need to be stated?

Whitney Grace, June 15, 2020

Brave Browsing Sniping

DarkCyber noted “The Brave Web Browser Is Hijacking Links, and Inserting Affiliate Codes.” The write up explains that the Brave browser is behaving in a way that is unseemly. The point is that a free Web browser is pitching privacy and at the same time performs some underhanded actions to generate revenue. The explanation of the digital sleight of hand is interesting and illustrates that those “gee, stuff is free” online users assume one thing and may find something different. The write up includes this list and suggestions for accessing Web sites in a non-Brave way. We quote:

There is no good reason to use Brave. Use Chromium — the open-source core of Chrome — with the uBlock Origin ad blocker. [Chromium download, uBO Chrome]

Or use Firefox with uBlock Origin — ‘cos it blocks more ads than the Chromium framework will let anything block. [uBO Firefox]

Or, if you want a really cleaned-out Chrome — ungoogled-chromium, with uBlock Origin. [GitHub]

If you’re on Android, use Firefox with uBlock Origin, or the new Firefox Focus browser. [Mozilla]

Brave is a browser for suckers who want to keep getting played — so it’s a 100% crypto enterprise. As Eich’s pinned tweet still tells us: “Who gets paid? If not you, then you’re ‘product’.” [Twitter]

DarkCyber is not sure if this comment is as ominous as it sounded to one DarkCyber researcher:

Brendan Eich has responded to this post by claiming “David lies about us all the time.” I have pointed out that this is a prima facie defamatory statement, and asked him to detail these claimed lies. [Twitter, archive]

Mr. Eich is the alleged perpetrator of the Brave misdeeds. Online marketing and advertising are fascinating disciplines.

Stephen E Arnold, June 8, 2020

Is Cyber Crime Boring? Maybe The Characterization Masks a Painful Consequence?

DarkCyber read “Career Choice Tip: Cybercrime is Mostly Boring.” The article is clear. The experts cited are thorough and thoughtful. Practicing cyber crime is similar to what engineers, developers, and programmers do in the course of their work for firms worldwide. Much of that work is boring, filled with management friction, and repetitive.

The article states:

the academics stress that the romantic notions of those involved in cybercrime ignore the often mundane, rote aspects of the work that needs to be done to support online illicit economies. The researchers concluded that for many people involved, cybercrime amounts to little more than a boring office job sustaining the infrastructure on which these global markets rely, work that is little different in character from the activity of legitimate system administrators.

Exactly.

The paper is quoted in the article as explaining:

We find that as cybercrime has developed into industrialized illicit economies, so too have a range of tedious supportive forms of labor proliferated, much as in mainstream industrialized economies. We argue that cybercrime economies in advanced states of growth have begun to create their own tedious, low-fulfillment jobs, becoming less about charismatic transgression and deviant identity, and more about stability and the management and diffusion of risk. Those who take part in them, the research literature suggests, may well be initially attracted by exciting media portrayals of hackers and technological deviance.”

The DarkCyber study team discussed the Cambridge research summary and formulated some observations:

1. Boring means that cyber crime will be automated. Automated processes will be tuned to be more efficient. Greater efficiency translates to the benefit the cyber criminals seek. Thus, the forward momentum of boring cyber crime is an increase in the volume and velocity of attacks.
2. Certain criminal elements are hiring out of work or disgruntled technologist from mainstream companies, including high-profile Silicon Valley companies. Our research identified one criminal organization paying 90,000 euros per month and offering benefits to contract workers with specialized skills. The economic pressures translates to a talent pool available to certain criminal orchestrators. More talent feeds the engineering resources available to cyber crime constructs. DarkCyber believes a “Google effect” is beginning, just in the cyber crime market space.
3. Law enforcement, government agencies, and some providers of specialized services to law enforcement and intelligence entities will be unable to hire at the rate criminal constructs hire. Asymmetry will increase with bad actors having an opportunity to outpace enforcement and detection activities.

Net net: The task facing law enforcement, security, and intelligence professionals is becoming more difficult. Cyber crime may be boring, but boring tasks fuel innovation. With access to talent and cash, there is a widening chasm. Talking about boring does not make clear the internal forces pushing cyber crime forward.

Stephen E Arnold, June 1, 2020

DarkCyber for May 26, 2020 Now Available

DarkCyber for May 26, 2020, is an online video program focusing on cyber crime, intelligence, and lesser known Internet services. This week’s stories include NSO Group in the PR spotlight, Covid 19 phishing, Germany limits intel services scope of action, a source for bad actor hackers, ETSI.org as a job hunter’s game preserve, and four new drones for surveillance and kinetic action. (Kinetic means explosive munitions.)

The program is a production of Stephen E Arnold and the DarkCyber research team.

In addition to our news programs, we have begun adding special videos. You can view the most recent interview segments with a CIA professional is DarkCyber Exclusive: Litigation Likely for Short Selling.

More special video features are in the works. Remember. DarkCyber contains no demeaning “begging for dollars” pleas, no content marketing, and no subscription fees. As a result, DarkCyber videos and blog posts deliver information that may be difficult to locate and analysis that can cause consternation.

This week’s program is at https://vimeo.com/422426350.

Kenny Toth, May 26, 2020

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • AI and Two Villages: A Challenge in Some Large Countries
  • A French Outfit Points Out Some Issues with Starlink-Type Companies
  • From $20 a Month to $20K a Month. Great Idea… or Not?
  • Next-Gen IT Professionals: Up for Doing a Good Job?
  • AI Generated Code Adds To Technical Debt

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org