DarkCyber for March 19, 2019, Now Available

March 19, 2019

DarkCyber for March 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/324801049.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.

This week’s story line up includes: Google search blockchain data; emojis puzzle lawyers; NATO soldiers fooled by social media come ons; big paydays for hackers; Dark Web search for marketers; and Iran’s hacker army

This week’s feature looks at the Beacon Dark Web search system. Developed by Echosec Systems in Canada, Beacon provides search and analytics for those interested in tracking brands, companies, and people in Dark Web content. The system’s developers enforce a code of behavior on licensees. If Echosec determines that a user violates its guidelines, access to Beacon will be cut off. Echosec offers a number of powerful features, including geofencing. With this function it is possible to locate images of military facilities and other locations.

The second feature in this week’s video focuses on Iran’s cyber warfare activities. One key individual—Behrooz Kamalian—has been maintaining a lower profile. Those whom he has trained have been suspected of participating in online gambling activities. Kamalian himself, despite his connections with the Iranian government, served a short stint in prison for this allegation. Iran has one of the large cyber warfare forces in the world, ranking fourth behind Russia, China, and the US.

The “Cybershots” for this week include:

  • Google has made available a search engine for blockchain data. Those skilled in blockchain and digital currency transactions may be able to deanonymize certain aspects of a transaction.
  • Emojis which carry meaning are creating issues for lawyers and eDiscovery systems. The colorful icons’ meaning are not easily understood.
  • A social media test for NATO soldiers’ resistance to online tricks was completed by central command. The result was that soldiers can be easily tricked into revealing secret information.
  • Organize hidden Web criminals are paying up to $1 million a year in salary and providing benefits to hackers.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.\

Kenny Toth, March 19, 2019

DarkCyber for March 12, 2019, Now Available

March 12, 2019

DarkCyber for March 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/322579803 ,

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cyber crime, and lesser known Internet services.

This week’s story line up includes: Cellebrite devices for sale on eBay; emojis can activate app functions; and sources selling bulk personal data.

The feature this week discusses speech analysis. Reports have surfaced which reveal that some US correctional facilities are building databases of inmates’ voice prints. The news appeared coincident with rumors that the US National Security Agency was curtailing its voice collection activities. Companies like Securus Technologies provide tools and services related to prison telephone and unauthorized mobile device use. The Securus Investigator Pro has been available and in use for almost a decade. Voice print technology which is analogous to a digital fingerprint system makes it possible to identify those on a call. Inclusion of behavioral tags promises to make voice print systems more useful. With a tag for the caller’s emotional state, investigators can perform cross correlation and other analytic functions to obtain useful information related to a person of interest.

Links are provided to explanations of Amazon’s policeware system which can be used to perform these types of analytic operations.
The final story provides a snapshot of a 100 page field manual about online deception. Published by the US Army, this document is a comprehensive review of systems and methods for military use of deception in an online environment. Checklists and procedural diagrams make clear why social media operations are successful in civilian and military contexts. The DarkCyber video includes a link so viewers can download this unclassified publication.

Kenny Toth, March 12, 2019

Cyber Saturday for February 16, 2018

February 16, 2019

Sifting through the information flowing into DarkCyber was less than thrilling. We did spot several items which may presage more cyber excitement in the new world of the Internet.

Security Lapse of the Week

The British newspaper Guardian (paywall) reported that a former US intelligence operative joined Team Iran. The flip exposed information and operatives. The high profile government contractor Booz Allen employed this individual for five months in 2008. Insider threats are a major threat to the security of organizations and individuals engaged in intelligence work. The fancy and expensive software available from numerous vendors may prevent some embarrassing and dangerous activities. Booz Allen was the employer of Edward Snowden, and that company may be a prospect for vendors of next generation insider threat identification systems.

Be Afraid

Deep Fakes is a phrase which is used to described spoofed videos. DarkCyber learned that researchers are allegedly afraid of their own advances in what is called “deep fakes for text.” The Generative Pre Trained Transformer 2 or GPT 2 can punch out content that

comes so close to mimicking human writing that it could potentially be used for “deep fake” content.

You can learn more about DFT and the GPT from Ars Technica.

Plus There Is a Scary Future Arriving

In our weekly DarkCyber video news programs we report about image recognition. In the January 19, 2019, program we explain how making sense of images can be used to pinpoint certain human trafficking hot spots. The Guardian (registration required for some users) explains that pop star Taylor Swift “showed us the scary future of facial recognition.” The focal point of the story is a vendor doing business at ISM. More information about the company is at this link.

Also There Creepy Face Generating AI

Many bad actors attach their images to some social media posts. Some Facebook users have some pride in their law breaking achievements. What happens when the bad actor creates a Facebook account and then posts images with faces automatically generated by smart software? Good question. You can check out the service at this url for “This Person Does Not Exist.”

A Content Treasure Trove for Investigators

That delete button may not work the way you think. Whether you are reselling your old Macbook or deleting Twitter messages, those data may still be around and available for certain types of investigations. Twitter has allegedly retained messages sent to and from deactivated or suspended accounts. Security problem for some; big plus for others. For the Verge’s take, navigate to “Twitter Has Been Storing Your Deleted DMs for Years.”

Online Auction Fraud Group

The US Secret Service took down a gang running an online auction scam. The angle was that ads said:

“I’m in the military and being deployed overseas and have to sell fast.”

To find marks (suckers), the operation unfolded in this way:

Alleged conspirators in Romania posted fake ads on popular online auction and sales websites, including Craigslist and eBay, for high-cost goods (typically vehicles) that ran on air because they were figments of the imagination. They’d con people in the US with, among other lies, stories of how they were in the military and needed to sell their car before being deployed.

Then, according to the Naked Security story:

After their targets fell for it and sent payment, the conspirators allegedly laundered the money by converting it to crypto currency and transferring it to their foreign-based buddies. According to the indictment, the alleged foreign-based money launderers include Vlad-C?lin Nistor, who owns Coinflux Services SRL, and Rossen Iossifov, who owns R G Coins.

And That Fish You Ate Last Night?

An interesting scam has been quantified in Canada by the CBC. Those in the seafood supply chain mislabel their products. Seafood fraud is selling an undesirable species of fish for a more desirable one. How widespread is the practice? I learned:

Oceana Canada, a Toronto-based conservation organization, said it found there was mislabeling with 44 per cent of the seafood samples it tested this year and last in five Canadian cities  — and in 75 per cent of cases, cheaper fish were mislabeled as something more expensive.

And, Of Course, Stolen User Data

DarkCyber noted that another 127 million user records have been offered for sale. The vendor previously posted the availability of 620 million records. More about this now routine event at ZDNet.

Stephen E Arnold, February 16, 2019

Allegations Aloft on the Karma Feathered Wing of a Raven: Reuters and the UAE

February 9, 2019

Activists, diplomats, and foreign leaders were allegedly among the targets of a surveillance operation in the United Arab Emirates, according to Reuters’ article, “Exclusive: UAD Used Cyber Super-Weapon to Spy on iPhones of Foes.” Dubbed Project Raven, the operation broke into targets’ iPhones using a hack known as “Karma,” which may or may not still be operational after Apple updated the iPhone’s software in 2017. Indeed, the breaches were made possible by a flaw in Apple’s iMessage app in the first place: hackers found they could establish their connections by implanting malware through iMessage, even if the user never used the app.

Some may be surprised learn who was involved in Project Raven; reporters Joel Schectman and Christopher Bing write:

“Raven was largely staffed by U.S. intelligence community veterans, who were paid through an Emirati cyber security firm named DarkMatter, according to documents reviewed by Reuters. … The UAE government purchased Karma from a vendor outside the country, the operatives said. Reuters could not determine the tool’s creator.

I also noted this statement:

“The operatives knew how to use Karma, feeding it new targets daily, in a system requiring almost no input after an operative set its target. But the users did not fully understand the technical details of how the tool managed to exploit Apple vulnerabilities. People familiar with the art of cyber espionage said this isn’t unusual in a major signals intelligence agency, where operators are kept in the dark about most of what the engineers know of a weapon’s inner workings. …

Did the method work? I learned:

“The Raven team successfully hacked into the accounts of hundreds of prominent Middle East political figures and activists across the region and, in some cases, Europe, according to former Raven operatives and program documents.”

The article names a few of Raven’s known victims, including the noteworthy human rights activist Tawakkol Karman, also known as the Iron Woman of Yemen. Having been a prominent leader of her country’s Arab Spring protests in 2011, Karman is used to hacking notices popping up on her phone. However, even she was bewildered that Americans, famously champions of human rights, were involved.

Cynthia Murrell, February 09, 2019

DarkCyber for November 27, 2018, Now Available

November 27, 2018

DarkCyber for November 27, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/302658825.

This week’s program covers four stories related to the Dark Web and specialized Internet services.

DarkCyber reports that another call for a backdoors to encrypted communications. Cyrus Vance, the Manhattan district attorney, emphasized that government mandated backdoors are the only solution to device encryption. DarkCyber provides a link to the government report which substantiates this statement. Australia has issued a similar statement. Even though encrypted devices can be broken open, the time and resources required are significant. With the growing number of mobile devices in use by bad actors, the number of phones requiring decryption has created an evidence backlog. Encrypted devices, therefore, pose a significant challenge to law enforcement and intelligence professionals.

The second story reveals that autonomous killer drone technology is advancing rapidly. An autonomous drone is able to find, fix, and finish a target. DarkCyber describes the Elbit Systems’ Skystriker device which is about 95 percent autonomous at this time. Full autonomous operation is within view.

Other countries are working on similar technology. DarkCyber identifies autonomous sea going devices which can neutralize a target without a human in the kill chain. DarkCyber’s view is that countries without autonomous warfighting will find themselves at a strategic disadvantage.

The third story reports that facial recognition allowed 130 victims of child abuse to be identified by Dutch authorities. Mug shot image recognition and matching can perform at an accuracy level of about 90 percent. However, facial recognition from real time video feeds like surveillance cameras pose a more difficult problem. Accuracy rates for video identification can dip below 60 percent. Nevertheless, facial recognition technology is advancing rapidly with innovations from such firms as Boeing, Verint, and NSO. Startups are making significant technical contributions as well. Innovations from Trueface, Kairos, and PointGrab are likely to yield advances in recognition accuracy. DarkCyber provides links to two sources of information about facial recognition systems. One of these documents is a General Accountability Office report about facial recognition within the US government.

The final story describes an off tune Dark Web weapons deal. Three young men in England thought that buying Glock 19 firearms via the Dark Web was a foolproof scheme. Their idea was to specify that the weapons were shipped inside of an amplifier for an electric guitar. US and UK authorities identified the contraband and placed a video camera in the parcel. When the men received their delivery, the event was captured on video. The investigation yielded cash and narcotics. The individuals are now serving eight years in prison. It is unlikely that the amplifier is delivering Elvis’ hit “Jailhouse Rock” to the felons.

DarkCyber appears each Tuesday on the blog Beyond Search and on Vimeo. Watch for new programs each week at www.arnoldit.com/wordpress.

Kenny Toth, November 27, 2018

DarkCyber for September 18, 2018 Now Available

September 18, 2018

DarkCyber for September 18, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/290147202 . 

This week’s DarkCyber video news program covers … Bitfury’s deanonymization service and its unusual sales approach… the loss of UK law enforcement laptops… facial recognition for law enforcement challenged by tech company employees… and X1 and its eDiscovery system with Dark Web content support.

The first story explains that Bitfury, a UK company with an interesting staff line up, offers digital currency deanonymization services. The company’s approach to sales, however, is unusual. Specifically, the company refused to explain its services at a recent law enforcement conference. DarkCyber continues to recommend that agencies interested in digital currency deanonymization look at services available from Chainalysis and Elliptic, two companies which do explain their services to security and enforcement officials.

The second story reports that UK media pointed out that in one year, UK law enforcement lost 60 laptops. With tens of thousands of officers and operators, DarkCyber states that the alleged problem is blown out of proportion. Bad actors attempt to obtain laptops, mobiles, and other computing devices in order to compromise investigations. DarkCyber asserts that the loss of 60 laptops illustrates the good job UK authorities do with regard to preventing loss of laptops.

The third story describes the Amazon DeepLens system. In addition to explaining how this Amazon camera integrates with Amazon’s machine learning and analytics subsystems, DarkCyber reports that neither Amazon, IBM, or any other US company was able to sell their technology to Ecuador. That country purchased a state-of-the-art Chinese developed system. With employee pushback against their employers’ work for the US government, US facial recognition technology may find itself at a disadvantage with regard to technical development and system innovation.

The final story covers the X1 eDiscovery system for social content. The X1 technology can now acquire and process social media information as well as some Dark Web content. Instead of directly scraping Dark Web sites, the X1 method relies on the Tor2Web.org service. The new product costs about $2,000 per year. DarkCyber explains where to download a 14-day free trial.

Kenny Toth, September 18, 2018

DarkCyber for August 14, 2018, Now Available

August 14, 2018

DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/284579347 .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

This week’s program covers four Dark Web and security related stories.

The first story presents data about online drug sellers. The estimated number of vendors is in the 30,000 to 50,000 range. DarkCyber points out that such data are likely to be uncertain. Estimates of online sources for controlled substances are based on difficult-to-verify data. DarkCyber reports that as many as one half of the prescription drugs sold online may be fakes.

The second story reports that the Dark Web is changing. The shift from Tor-centric Web sites to encrypted chat and messaging systems is underway. Encrypted chat complicates the work of law enforcement and intelligence professionals. Plus, encrypted chat sessions can trigger mob actions which can spiral out of control and without warning. A lynching in India may be the direct result of forwarded encrypted chat messages.

The third story provides a snapshot of the NC4 policeware system Street Smart. A popular US magazine referenced the company without providing details about the system and its functions. DarkCyber explains that information about the software system are available on the NC4 Web site and in videos publicly available on YouTube.

The final story explains how 3D printing makes it comparatively easy for an individual to create what is called a “ghost gun.” The 3D printed weapon does not have an identification number, so tracing the gun is difficult. DarkCyber points out that copyright issues and regulations concerning the manufacture of weapons will consume time, money, and human resources.

Kenny Toth, August 14, 2018

Europe Creates a Potential Target for Bad Actors

August 9, 2018

The goal, most agree, is to keep sensitive information out of the hands of hackers and crooks, right? European officials might be planning to fly directly in the face of that logic, after we read a recent article in The Register, “Think Tank Calls for Post-Brexit National ID Cards: The Kids Have Phones, So What’s The Difference?”

Things got dicey here:

“The government intends to assign EU citizens unique numbers based on either a passport or national ID card number…he system will be accessed via GOV.UK or a smartphone app, and the report praised the security and privacy credentials promised for the database of citizen numbers…The data will be kept on Home Office servers in a tier 3 data centre, with individual pieces of information stored and encrypted separately.”

So, let’s get this straight? All of Europe will have its personal information on file in one location and they are just publicly telling the bad guys where to find it? What could go wrong? Google seems to be rolling out a program to warn governments when they are being hacked, which makes Google more “useful” to certain authorities.

But bad actors gravitate to data collections which have significant value. The ID card repository may become a high profile target.

Patrick Roland, August 9, 2018

Factoids for July 25, 2018

July 25, 2018

Some useful factoids:

  1. 11 percent of Americans do not use the Internet, down from 48 percent in Year 2000. Source: TheHustle
  2. Google’s capital expenditures for 2017-2018 were $5.5 billion. This is a 2X increase over the previous year. Source: GeekWire
  3. The health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong, were stolen. Source: Manila Times
  4. Stolen credit cards with PINS cost as little as US$8. Source: Daily Mail
  5. Almost two million start-ups were registered in the UK between 2013-2017 with 392,627 (20 percent) classified as technology firms. Source: Cambridge Network
  6. Companies selling flaws in software to government entities include Vupen in Montpellier, France; Netragard in Acton, Mass.; Exodus Intelligence in Austin, Tex.; and ReVuln (Malta). Source: Dark Government

Stephen E Arnold, July 25, 2018

Does Security Sell? Will Security Provide Revenue Lift?

June 14, 2018

Years ago Oracle positioned its enterprise search system as more secure than any other information access available at that time. How did that work out? Do you use SES? Why did Oracle buy Endeca, ostensibly an enterprise search system of sorts? What happened to Triple Hop? Artificial Linguistics? The other search systems Oracle has acquired? My hunch is that security did not sell.

Now Apple is betting that its secure Apply phone will cruise along, sucking up the majority of the profits from mobile phones. The company has determined that engineers working for vendors focused on law enforcement and intelligence agencies will no longer be able to use the connection and charging port to hack into a mobile device.

Who knows? Maybe Apple can make security generate big revenue flows and juicy profits?

Apple to Close iPhone Security Hole That Police Use to Crack Devices” explains that Apple will close a “technological loophole.” The move may rekindle the push from some law enforcement and intelligence professionals for a way to unlock bad actors’ iPhones.

Our weekly video DarkCyber described products available from Grayshift and has mentioned Cellebrite in our weekly reports.

Our view is that considerable discussion and legal fireworks will ensue. Compromise? Nope, that’s an approach not too popular in some circles. Are companies governments? Can governments impact how companies do business.

This is a major issue, and the outcome is not as clear as the information about China’s surveillance actions. How has Apple adapted to China’s rules? How is Apple adapting the US laws?

Interesting days ahead.

Stephen E Arnold, June 14, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta