Law Enforcement Do Not Like Smartphones
December 26, 2017
Smartphones and privacy concerns are always hot topics after mass shootings and terroristic acts. The killers and terrorists always use their smartphones to communicate with allies, buy supplies, and even publicize their actions. Thanks to these criminals, law enforcement officials want tech companies to build backdoors into phones so they can always can the information. The remainder of the public does not like this. One apple spoils the entire batch. KPTV explains why smartphones are a problem in “Why Smartphones Are Giving Police Fits.”
After the recent mass shooting in Texas, police were unable to hack into the killer’s phone because of all the privacy software in place. Law enforcement do not like this because they are unable to retrieve data from suspects’ phones. Software developers insist that the encryption software is necessary for digital privacy, but police do not like that. It holds up their investigations.
…it could take specialists weeks to unlock the phone and access material that may reveal the killer’s motive and other information.
The FBI’s first option is likely to pressure the device-maker to help access the phone, but if that won’t work they could try breaking into it. Sometimes “brute force” attacks aimed at methodically guessing a user’s passcode can open a device, though that won’t work with all phones.
Arora said the difficulty of breaking into the phone would depend on numerous factors, including the strength of the gunman’s passcode and the make and model of the phone. Police may have more options if it’s an Android phone, since security practices can vary across different manufacturers.
The tech companies, though, are out to protect the average person, especially after the Edward Snowden incident. The worry is that if all smartphones have a backdoor, then it will be used for more harm than good. It establishes a dangerous precedent.
Law enforcement, however, needs to do their jobs. This is similar to how the Internet is viewed. It is a revolutionary tool, but a few bad apples using it for sex trafficking, selling illegal goods, and child porn ruins it for the rest of us.
Whitney Grace, December 26, 2017
SIXGILL: Dark Web Intelligence with Sharp Teeth
December 14, 2017
“Sixgill” refers to the breathing apparatus of a shark. Deep. Silent. Stealthy. SIXGILL offers software and services which function like “your eyes in the Dark Web.”
Based in Netanya, just north of Tel Aviv, SIXGILL offers services for its cyber intelligence platform for the Dark Web. What sets the firm apart is its understanding of social networks and their mechanisms for operation.*
The company’s primary product is called “Dark-i.” The firm’s Web site states that the firm’s system can:
- Track and discover communication nodes across darknets with the capability to trace malicious activity back to their original sources
- Track criminal activity throughout the cyber crime lifecycle
- Operate in a covert manner including the ability to pinpoint and track illegal hideouts
- Support clients with automated and intelligence methods.
The Dark-i system is impressive. In a walk through of the firm’s capabilities, I noted these specific features of the Dark-i system:
- Easy-to-understand reports, including summaries of alleged bad actors behaviors with time stamp data
- Automated “profiles” of Dark Web malicious actors
- The social networks of the alleged bad actors
- The behavior patterns in accessing the Dark Web and the Dark Web sites the individuals visit.
- Access to the information on Dark Web forums.
Details about the innovations the company uses are very difficult to obtain. Based on open source information, a typical interface for SIXGILL looks like this:
Based on my reading of the information in the screenshot, it appears that this SIXGILL display provides the following information:
- The results of a query
- Items in the result set on a time line
- One-click filtering based on categories taken from the the sources and from tags generated by the system, threat actors, and Dark Web sources
- A list of forum posts with the “creator” identified along with the source site and the date of the post.
Compared with reports about Dark Web activity from other vendors providing Dark Web analytic, monitoring, and search services, the Dark Web Notebook team pegs s SIXGILL in the top tier of services.
Fake Hitman Dark Web Site Rakes in the Bitcoin
November 16, 2017
No one can accuse these scammers of not going all in. Motherboard reports, “This Fake Hitman Site Is the Most Elaborate, Twisted Dark Web Scam Yet.” Reporter Joseph Cox describes the almost-certainly fake hitman-services website Besa Mafia. He writes:
Although many already suspected the site was a sham, Risk Based Security reported last week that supposedly hacked data shining more light on its behind-the-scenes dealings had been posted online. Included in that dump were alleged lists of ‘hitmen,’ photos of targets customers had uploaded, orders made on the site, and a large cache of messages purportedly between users and site admins.
Although the site is almost definitely a scam—and a seemingly profitable one at that—the sheer effort its creators have gone to puts Besa Mafia head and shoulders above just about anything else on the dark web.”
Yes, to protect its stream of bitcoin profit (apparently about $23,000 by the time of the data dump), the site admins literally threaten to burn the cars of those who give them negative reviews. Less dramatically, they also seem to be seeding the Dark Web with positive reviews of their own non-existent services
Another interesting point from the data dump—in a hedge, the website has been supplying information on would-be clients and contractors to law enforcement. The article reports:
In one message from the dump, the admin writes that the site not only cheats people out of their bitcoin; it also provides information to law enforcement about ordered hits. ‘This website is to scam criminals of their money. We report them for 2 reasons: to stop murder, this is moral and right; to avoid being charged with conspiracy to murder or association to murder, if we get caught,’ the admin writes.
They certainly thought this through. See the article for more details on this fake purveyor of violent services.
Cynthia Murrell, November 16, 2017
Dark Web Predator Awaits Sentencing
November 15, 2017
Here we have one of the darker corners of the Dark Web. A brief but disturbing article at the UK’s Birmingham Mail reports, “Birmingham University Academic Dr Matthew Falder Led Horrific Dark Web Double Life as ‘666devil’.” The 28-year-old academic in question has pled guilty to 137 charges, most if not all, it seems, of vile crimes against children. Reporter James Cartledge writes:
Since 2010, the geophysicist, who worked at Birmingham University till September, had degraded and humiliated more than 50 victims online using the names ‘666devil’ and ‘evilmind’. … He admitted the offences at a hearing at Birmingham Crown Court on Monday. He was arrested on June 21 this year and has been held in custody since that date. Falder, of Edgbaston, Birmingham, posed as a woman on sites such as Gumtree to trick his victims into sending him naked or partially-clothed images of themselves. The disgraced geophysicist then threatened to expose his victims if they did not send severe and depraved abuse images of themselves. He then distributed the images.
It gets worse from there. We’re told this is the first time the UK’s National Crime Agency had delved into the Dark Web’s hidden forums that share and discuss such “dark” material. Falder is scheduled to be sentenced on December 7 and shall remain in custody in the meantime.
Cynthia Murrell, November 15, 2017
A Flashing Way to Find Business Risks
November 8, 2017
Business intelligence involves many factors that range from enterprise systems to big data business analytics. Another aspect is determining the risk of business decisions. While a piece of software does not exist that can accurately predict the future, technology companies have come close. Programmable Web published the article, “Flashpoint Launches V4 Of Its Business Risk Intelligence API” that describes one company’s newest endeavors in business risk intelligence.
Flashpoint’s business risk intelligence API is officially on its fourth version. Dubbed Flashpoint API 4, the software provides a set of cybersecurity tools and the newest version includes a dataset for Risk Intelligence Observables (RIOs). RIOs dig deeper than past indicators in specified activities to deliver secure insights.
The Flashpoint API aims to deliver near to real-time access to its security services. Because of RESTful API access, Flashpoint technology is available to entry-level users and enterprises alike. Through the API, users can search across Finished Intelligence, Deep & Dark Web data, and RIOs. A key component of Flashpoint’s strategy is context surrounding threats, and the API’s customization options allow users to define and address context to suit specific needs. Contact the Flashpoint team for more information.
Perhaps the most impressive thing about version four’s release is the partner community. These include ThreatConnect, ThreatQuotient, Silobreaker, and Anomali. These four companies are part of Flashpoint’s Strategic Partner Network and all have the goal to help companies detect cybercrime and other threats.
Whitney Grace, November 8, 2017
Short Honk: Cyber Weapon Market
October 2, 2017
In November 2017, the focus of Beyond Search and HonkinNews will change. The free information services will increase their coverage of weaponized online. A preview of the type of information we will highlight appears in “Cyber Weapon Market to Reach US$521.87 Billion by the End of 2021.” A summary of the report appears in the article in OpenPR. The news item asserts:
According to TMR, the global cyber weapon market stood at US$390 bn in 2014. Rising at a CAGR of 4.4% CAGR, the market is expected to reach US$521.87 bn by the end of 2021. With a share of 73.8%, the defensive cyber weapon segment dominated the market by type in 2014. Regionally, North America accounted for the leading share of 36% in the global market in 2014.
If the estimate is accurate, there is money in things cyber. Watch for our new report E Discovery for Cyber Intelligence. Previews of the report will appear in our twice a month video program “HonkinNews” starting in six weeks.
Stephen E Arnold, October 2, 2017
Dark Web Notebook Now Available
June 5, 2017
Arnold Information Technology has published Dark Web Notebook: Investigative Tools and Tactics for Law Enforcement, Security, and Intelligence Organizations. The 250-page book provides an investigator with instructions and tips for the safe use of the Dark Web. The book, delivered as a PDF file, costs $49.
Orders and requests for more information be directed to darkwebnotebook@yandex.com. Purchasers must verify that they work for a law enforcement, security, or intelligence organization. Dark Web Notebook is not intended for general distribution due to the sensitive information it contains.
The author is Stephen E Arnold, whose previous books include CyberOSINT: Next Generation Information Access and Google Version 2.0: The Calculating Predator, among others. Arnold, a former Booz, Allen & Hamilton executive, worked on the US government-wide index and the Threat Open Source Intelligence Gateway.
The Dark Web Notebook was suggested by attendees at Arnold’s Dark Web training sessions, lectures, and webinars. The Notebook provides specific information an investigator or intelligence professional can use to integrate Dark Web information into an operation.
Stephen E Arnold, author of the Dark Web Notebook, said:
“The information in the Dark Web Notebook has been selected and presented to allow an investigator to access the Dark Web quickly and in a way that protects his or her actual identity. In addition to practical information, the book explains how to gather information from the Dark Web. Also included are lists of vendors who provide Dark Web services to government agencies along with descriptions of open source and commercial software tools for gathering and analyzing Dark Web data. Much of the information has never been collected in a single volume written specifically for those engaged in active investigations or operations.”
The book includes a comprehensive table of contents, a glossary of terms and their definitions, and a detailed index.
The book is divided into 13 chapters. These are:
- Why write about the Dark Web?
- An Introduction to the Dark Web
- A Dark Web Tour with profiles of more than a dozen Dark Web sites, their products, and services
- Dark Web Questions and Answers
- Basic Security
- Enhanced Security
- Surface Web Resources
- Dark Web Search Systems
- Hacking the Dark Web
- Commercial Solutions
- Bitcoin and Variants
- Privacy
- Outlook
In addition to the Glossary, the annexes include a list of DARPA Memex open source software written to perform specific Dark Web functions, a list of spoofed Dark Web sites operated by law enforcement and intelligence agencies, and a list of training resources.
Kenny Toth, June 5, 2017
Can Digital Shadows Meet the Award Hype for Their Cyber Defense Product
April 28, 2017
The article on Zawya titled Digital Shadows Continues to Make Waves with Two Prestigious Award Wins positions Digital Shadows as the juggernaut of the risk management market with its product SearchLight sweeping up honors left and right from Cyber Defense Magazine, Momentum Partners, and the 2016 SINET awards. Each accolade cites Digital Shadows cutting edge technology and strategy. What makes the company so innovative?
Digital Shadows monitors for digital risks beyond the boundary of an organization, identifying cyber threats, data leakage and reputational risk. It then notifies clients of data leaks online; hacktivists’ or cybercriminals’ plans to target the organization; employees or suppliers putting themselves and their company at risk; along with criminals selling company information and data on the surface and dark web.
Beyond this, the alerts themselves are verified and rated in urgency by a team of analysts who also advise the organization on how to proceed for customized threat intelligence. Alastair Paterson, CEO and Co-Founder, calls the process a “marriage” between the technology and the human team. Digital Shadows has seen monumental growth in the triple digits for the past three years including opening new offices in Dallas, San Francisco, and London and building an employee base of over 100 people.
Chelsea Kerwin, April 28, 2017
Google Volunteers to Make Piracy Harder, and These Free Legal Music Sites Can Help
March 22, 2017
The article titled Google Will Make ‘Pirated’ Content Harder to Find From 1 June on The Inquirer proclaims a new approach to preventing piracy. Numerous entertainment organizations have nagged Google to set stricter rules, and even gone so far as to call Google a gateway to pirated content. The article mentions,
Google has already taken some steps to try and curb ‘piracy’ but has long refused to remove entire sites from search results as they may also offer legal content available for download. These days, the firm is flooded with takedown requests, last year revealing that it gets asked to remove 100,000 links to pirated content every hour.
The anti-piracy code will be adopted by Google and other unnamed search firms in cooperation with the British Intellectual Property Office. In the meantime, the article titled 7 Sites to Get Free Music (Legally!) on MakeUseOf suggests some solid options for people who want to kick the illegal pirating habit. BeSonic, Jamendo, and NoiseTrade are included on the list, and for those classical music lovers, MusOpen might have just the free content you are looking for.
Chelsea Kerwin, March 22, 2017
Dark Web Drug Dealers Busted in Finland
March 1, 2017
Law enforcement’s focus on the Dark Web seems to be paying off, as we learn from the write-up, “Finland: Dark Web Drug Operation Exposed” at Hetq, an outlet of the Association of Investigative Journalists. In what was described as Finland’s largest drug bust, authorities seized over a million dollars’ worth of narcotics from a network selling their wares on the Dark Web. We learn:
The network is alleged to have imported €2 million (US$ 2.2 million) worth of drugs between 2014 and 2016, selling them on the dark web site Silkkitie. More than 40 kilograms of powdered narcotics, such as amphetamine, heroin and cocaine, as well as 40,000 ecstasy tablets and 30,000 LSD blotters were smuggled into Finland from the Netherlands and Germany, and then sold on the site. …
As part of the investigation, customs officers in April seized at least €1.1 million worth of heroin, cocaine, methamphetamine, MDMA and ecstasy in the coastal town of Kustavi. The same month, police arrested three Finnish citizens.
The write-up notes that Silkkitie users communicated through encrypted messages under pseudonyms, and that Bitcoin was the currency used. We’re also reminded that Silkkitie, a.k.a. Valhalla, is one of the Dark Web’s most popular drug marketplaces. The Finnish site was launched in 2013.
Cynthia Murrell, March 1, 2017
-
- Subscribe to Beyond Search
Feature archive
News archive
-
