Terror Database Enriched with Social Media Pix
April 24, 2018
A question is surging through the tech and espionage communities after a recent article that makes some big implications in both worlds. That’s because a company formed by ex-spies is using facial recognition software to create a database of images from social networks like Facebook. This raises a ton of questions, but they all start with the recent Daily Mail piece, “Surveillance Company Run by Ex-Spies is Harvesting Facebook Photos.”
According to the story, the program is called Face-Int and they have a specific goal in mind:
“Its creators say the software could lead to the identification of terror suspects, captured in promotional and other material posted online… “Experts are concerned that the company’s efforts extend beyond this remit, however, and into the political realm…’It raises the stakes of face recognition – it intensifies the potential negative consequences,’ Jay Stanley, senior policy analyst at the American Civil Liberties Union, told Forbes.”
While it is admirable that a company is aiming to help capture terrorists through social media, it leaves one to worry about several things. For starters, it’s pretty safe to assume many terrorists will not appear on social media or, at the least, not without something covering their face. Thus, accuracy becomes a concern. However, the larger concern is that This, however, does not touch upon the greater concern that private, law abiding citizens are also getting funneled into this database. The opportunities for invading one’s privacy is alarmingly high. Time will tell how this shakes out, but we have a hunch the general public will never be told.
Patrick Roland, April 24, 2018
DarkCyber for April 24, 2018, Now Available
April 24, 2018
DarkCyber for April 124, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/266003727 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s lead story focuses on universities as unwitting accomplices for student cyber criminals. Five students at Manchester University began selling drugs via SilkRoad. The students “graduated” to their own brand and branched out. Before UK law enforcement shut down the students’ operation, more than 6,000 drug sales were completed. Plus, university computer systems have become targets for malicious crypto currency mining operations. A student can take classes in computer science and be up and scamming quickly.
Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access” said: “The combination of easy access to high-value information about programming and computer systems plus the lure of easy money can turn a good student into a good criminal. Universities, despite their effort to implement more robust security, are targets for bad actors. Students can operate Dark Web businesses from their campus residence. Outsiders can exploit the institution’s computer system in order to install crypto currency mining software. At this time, colleges and universities are in a cat and mouse game with high stakes and stiff penalties for students, administrators, and school security professionals.”
DarkCyber revisits the security of virtual private networks. This week’s program answers a viewer’s question about improving the security of a VPN. In addition to changing the ports the VPN uses, DarkCyber points out that a tech savvy individual can operate his or her own VPN or use additional specialized software to shore up the often leaky security many VPN services provide.
Vendors of “policeware” are generally unknown to most tech professionals. DarkCyber highlights a new, UK based company doing business as Grey Heron. The company offers a range of cyber security services. The firm’s staff appears to include individuals once affiliated with the Hacking Team, another policeware vendor which found itself the victim of a cyber attack two years ago. If Gray Heron taps the Hacking Team’s technical talent, the firm may make an impact in this little known sector of the software market.
The final story in DarkCyber for April 24, 2018, highlights several findings from a study sponsored by Bromium, a cyber security company. The researchers at a UK university gathered data which provide some surprising and interesting information about the Dark Web. For example, the new report asserts that more than $200 billion is laundered on the Dark Web in a single year. If true, these newly revealed research data provide hard metrics about the role of digital currency in today’s online economy.
Beginning in May 2018, coverage of the Dark Web and related subjects will be increased within Beyond Search.
Kenny Toth, April 24, 2018
Blockchain as a CP Delivery System
April 18, 2018
With the rise of Bitcoin’s profile the encryption platform, Blockchain, used to keep things so secret has also seen a rise in its profile. But just like Bitcoin’s scrutiny under the spotlight, Blockchain’s less savory side is being exposed. We learned more from a recent CoinCenter story, defending the encryption, called “Addressing The Concerns of Illicit Images on Public Blockchains.”
According to the well thought out editorial,
“Bitcoin transactions allow one to add to them a short text memo. What some have done is to include encoded text in transaction memo fields and these are recorded in the Blockchain. Some of these encoded surprises on the blockchain include wedding vows, Bible verses, the Bitcoin logo and white paper, and quotes from Nelson Mandela. Unfortunately, some sick individuals have also added encoded images of child abuse.”
This is, however, not a new problem for the dark web. In fact, three years ago Forbes pointed out that Blockchain was a potential safe haven for malware and child abuse. That doesn’t erase the problems, though. The CoinCenter piece points out that a majority of interactions through Blockchain are on the up-and-up and that many legitimate businesses are investigating its uses. So, it’s safe to say this encryption tool is not going anywhere. We just wonder how it can ethically be policed.
Patrick Roland, April 18, 2018
Online Tracking of Weapons Can Be a Challenge
April 17, 2018
Gun sales online are prompting a lot of governmental concern, but not just in America. Australia, a nation with one of the lowest gun violence rates in the world, recently began cracking down on dark web sales of firearms with the help of US authorities. The results were promising, but still a little concerning. We learned more from a recent Daily Mail article, “Gun Trafficking Groups Selling to Australia Have Been Sentenced.”
According to the story, a seller of guns that were sent to Australia recently got three years in prison for the illegal transactions. We learned:
“The Atlanta-based group advertised guns for sale on the underground website BlackMarketReloaded that operated on The Onion Router, which masks the identity of its users, according to prosecutors.”
However, finding them through the murky waters of covert internet sites was nearly as tough as physically locating the guns. The story also pointed out, “In an attempt to avoid detection in the US Post or overseas the group hid the firearms in electronic equipment before placing them in packages.”
The Herculean effort needed to capture this dark web gun lord sounds similar to the recent arrest of one of Europe’s biggest online arms dealers, who was tracked down in Spain. This was the result of multiple countries and multiple agencies working for months to find this single person.
Clearly, the task of wiping the Dark Web clean of guns is difficult, but thankfully not impossible. We hope to hear about more success stories like this in the future. For more information, learn more about CyberOSINT (the Dark Web) here.
Patrick Roland, April 17, 2018
DarkCyber for April 17, 2018, Is Now Available
April 17, 2018
DarkCyber for April 17, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/264827844
DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
Push back from different organizations suggests that the unregulated, free wheeling days of digital currencies are winding down. France and Japan have taken action to curtail some digital currency practices. Plus Google and Twitter have banned ads for digital currencies.
In March 2018, Stephen E Arnold, producer of DarkCyber, was named to International Judicial Commission of Inquiry into Human Trafficking & Child Sex Abuse. He points out that as censorship increases, bad actors will step up their pace of innovation.
He said, “An uptick in the use of pastesites and encrypted chat make it increasingly difficult for investigators to identify and take action against those engaged in human trafficking and related crimes. Additional funding and faster cycle procurements of next generation are important priorities in the next six to nine months.”
DarkCyber answers a viewer’s question about the Katim secure mobile phone created by DarkMatter, a cyber security firm in the United Arab Emirates. The Katim device may be a market test or a way to determine interest in secure devices.
VPNs promise increased security for users. DarkCyber points out that a number of VPNs leak user data. Protocol flaws and VPN operators who keep logs of user behaviors make it clear that VPNs may be virtual, just not private.
For more information about DarkCyber, write us at darkcyber333 at yandex.com.
Kenny Toth, April 17, 2018
DarkCyber Profiles the Grayshift iPhone Unlocking Appliance
April 5, 2018
DarkCyber has released a special video report about Grayshift’s iPhone unlocking device for law enforcement forensics professionals. The GrayKey device unlocks most iPhones quickly and without the need to ship the suspect’s mobile phone off site.
The video is available on Vimeo at https://vimeo.com/262858305.
The video covers the pricing for the iPhone unlocker and its key features. Plus, the video product overview identifies the challenges that Grayshift will have to overcome if it wants to become the preferred provider of plug-and-unlock iPhone devices.
Stephen E Arnold said, “Grayshift’s GrayKey is important because it offers an easy-to-use iPhone unlocking system. Four digit passcode protected devices can be unlocked in two to three hours. Apple mobiles with six digit passcodes can be unlocked in two to three days. The device can be used in a mobile forensics lab and costs a fraction of some competitive solutions. GrayKey looks like the right product at the right time and at the right price.”
DarkCyber is a weekly video new program for law enforcement, intelligence, and security professionals. The special report series will focus on a single product, service, or technical innovation.
This is a special report in his CyberOSINT Tools series. These special reports will be issued when notable products, services, or technologies become available to law enforcement and intelligence professionals.
Stephen E Arnold is the author of “Dark Web Notebook” and “CyberOSINT: Next Generation Information Access.” He has been named as a technology adviser to the UK based Judicial Commission of Inquiry into Human Trafficking and Child Sex Abuse.” Mr. Arnold also lectures to law enforcement and intelligence professionals attending the Telestrategies ISS conferences in Prague, Washington, DC, and Panama City, Panama. In recent months, he has shared his research with law enforcement and intelligence professionals in the US and Europe. His most recent lectures focus on deanonymizing chat and digital currency transactions. One hour and full day programs are available via webinars and on-site presentations.
Kenny Toth, April 5, 2018
Apple and Its Snowden Moment
February 14, 2018
I don’t pay much attention to the antics of Apple, its employees, or its helpers. I did note this story in Boy Genius Report: “We Now Know Why an Apple Employee Decided to Leak Secret iPhone Code.” My take is that the trigger was a bit of the high school science club mentality and the confusion of what is straight and true with the odd ball ethos of clever, young tech wizards.
The cat is out of the bag. Removing content from Github does not solve the problem of digital information’s easy copy feature.
How will Apple handle its Snowden moment? Will the leaker flee to a friendly computing nation state like Google or Microsoft? Will the Apple iPhone code idealist hole up in a Motel 6 at SFO until the powers that be can debrief him and move him to a safe cubicle?
I think the episode suggests that insider threats are a challenge in today’s online environment. With the report that security service providers are suffering from false positives, the reality of protecting secrets is a bit different from the fog of assumption that some have about their next generation systems. I call it the “illusion of security.”
Reality is what one makes it, right?
Stephen E Arnold, February 14, 2018
OpenText Wants to Be the Big Dog in Cyber Security
February 4, 2018
My wife and I rescued a French bull dog. We also have a boxer, which is three times the size of the rescued canine. The rescued canine thinks he is a bull mastiff. We believe that the French bull dog has a perception problem.
Here’s a quote from “OpenText Enfuse 2018 To Showcase The Future of Cybersecurity and Digital Investigations”:
OpenText’s industry leading digital investigation, forensic security and data risk management solutions are defining the future of cybersecurity, digital investigations and e-Discovery, and serve to extend the security capabilities of OpenText’s leading information management platform.”
I noticed this statement at the bottom of the “real” news story:
Certain statements in this press release may contain words considered forward-looking statements or information under applicable securities laws.
I think our French bull dog might say something like this when he tries to impose his will on Max, our large, strong, aggressive boxer.
In the cyber marketplace, will IBM i2 roll over and play dead? Will Palantir Technologies whimper and scamper back to Philz Coffee? Will the UAE vendor DarkMatter get into the pizza business? Will the Google and In-Q-Tel funded Recorded Future decide that real estate development is where the action is?
Forward looking? Yeah, no kidding.
Stephen E Arnold, February 4, 2018
Dark Web Criminals Seek Alternatives to Bitcoin
January 8, 2018
Law enforcement has been getting better at using Bitcoin to track criminals on the dark web, so bad actors are exploring alternatives, we learn from the article, “Dark Web Finds Bitcoin Increasingly More of a Problem Than a Help, Tires Other Digital Currencies” at CNBC.
Reporter Evelyn Cheng writes:
In the last three years, new digital currencies such as monero have emerged in an effort to increase privacy. Unlike the open transaction record of bitcoin, monero’s technology hides the name of the sender, amount and receiver. A representative from monero did not respond to email and Twitter requests for comment. Monero hit a record high Monday of $154.58, up more than 1,000 percent this year, according to CoinMarketCap.
Digital currency ethereum is an increasing target for cybercrime as well, according to Chainalysis. Ethereum is up about 4,300 percent this year amid a flood of funds into the digital currency for initial coin offerings, which have raised the equivalent of nearly $1.8 billion in the last three years, CoinDesk data showed. Cybercriminals raised $225 million in ethereum so far this year, Chainalysis said in a report posted Aug. 7 on its website. Phishing attacks — disguised emails or other communication used to trick people into disclosing personal information — make up more than half of all ethereum cybercrime revenue this year at $115 million, the study said. The Ethereum Foundation did not return a CNBC request for comment.
Make no mistake, Bitcoin is still in the lead even with criminals—its popularity makes it easy to quickly convert with no third parties involved. As that popularity continues to increase and the currency becomes more mainstream, though, other options await.
Cynthia Murrell, January 8, 2018
Investigating Cybercrime
December 29, 2017
The devastating Equifax breach is being pursued by federal investigators who know what they are doing, we learn from the piece, “Cybercrimes Present Unique Challenges for Investigators” at SFGate. AP Writer Kate Brumback writes:
The federal investigators looking into the breach that exposed personal information maintained by the Equifax credit report company are used to dealing with high-profile hacks and the challenges they present. The U.S. attorney’s office and FBI in Atlanta have prosecuted developers and promoters of the SpyEye and Citadel malware toolkits, used to infect computers and steal banking information. They’ve helped prosecute a hack into Scottrade and ETrade that was part of an identity theft scheme, and aided the international effort that in July shut down AlphaBay, the world’s largest online criminal marketplace.
The U.S. Attorney’s office has confirmed that, along with the FBI, it is investigating the breach at Atlanta-based Equifax, which the company said lasted from mid-May to July and exposed the data of 145 million Americans.
Though investigators would not tell Brumback anything about this specific investigation, they shared some of what it is like to pursue cybercrime in general. For example, one prosecutor notes that for every conviction there are about 10 times as many investigations that dead-end. Aliases and invite-only forums make it difficult to identify perpetrators; often, success is the result of a slip-up on the part of the bad actor. Another complication—as we know, the internet transcends boundaries, and several foreign governments do not extradite to the U.S. (or do, but slowly). Once we do catch the bad guys, they can be punished, but the issue of restitution tends to be prohibitively complicated. With a focus on prevention, investigators are now working with many companies before breaches occur.
Cynthia Murrell, December 29, 2017
-
- Subscribe to Beyond Search
Feature archive
News archive
-
