Short Honk: Cyber Weapon Market

October 2, 2017

In November 2017, the focus of Beyond Search and HonkinNews will change. The free information services will increase their coverage of weaponized online. A preview of the type of information we will highlight appears in “Cyber Weapon Market to Reach US$521.87 Billion by the End of 2021.” A summary of the report appears in the article in OpenPR. The news item asserts:

According to TMR, the global cyber weapon market stood at US$390 bn in 2014. Rising at a CAGR of 4.4% CAGR, the market is expected to reach US$521.87 bn by the end of 2021. With a share of 73.8%, the defensive cyber weapon segment dominated the market by type in 2014. Regionally, North America accounted for the leading share of 36% in the global market in 2014.

If the estimate is accurate, there is money in things cyber. Watch for our new report E Discovery for Cyber Intelligence. Previews of the report will appear in our twice a month video program “HonkinNews” starting in six weeks.

Stephen E Arnold, October 2, 2017

Decoding IBM Watson

August 14, 2017

IBM Watson is one of the leading programs in natural language processing. However, apart from understanding human interactions, Watson can do much more.

TechRepublic in an article titled IBM Watson: The Smart Person’s Guide says:

IBM Watson’s cognitive and analytical capabilities enable it to respond to human speech, process vast stores of data, and return answers to questions that companies could never solve before.

Named after founding father of IBM, Thomas Watson, the program is already part of several organizations. Multi-million dollar setup fee, however, is a stumbling block for most companies who want to utilize the potential of Watson.

Watson though operates in seven different verticals, it also been customized for specialties like cyber security. After impacting IT and related industries, Watson slowly is making inroads into industries like legal, customer service and human resources, which comfortably can be said are on the verge of disruption.

Vishal Ingole, August 14, 2017

China Further Alienates Citizens by Banning VPNs

August 1, 2017

China is notorious for its police-state policies, particularly as it applies to any Western news or communication. For years clever Chinese citizens and international businesses located in China have relied on VPNs to evade Chinese firewalls. All that is changing now as China has announced all internet carriers must block VPNs in the next six months.

Bloomberg’s musing on the topic are accurate in their concern for the future of Chinese based companies:

It’s unclear how the new directive may affect multinationals operating within the country, which already have to contend with a Cybersecurity Law that imposes stringent requirements on the transfer of data and may give Beijing unprecedented access to their technology. Companies operating on Chinese soil will be able to employ leased lines to access the international web but must register their usage of such services for the record…

Whether a multinational corporation, a small mom-and-pop venture just getting off the ground, or an individual, the lack of VPNs will disrupt everyday life. Will this power move by the Chinese government usher in a new era of Dark Web usage or will a new lifeline to the world beyond the Great Wall emerge?

Catherine Lamsfuss, August 1, 2017

Darktrace Attracts Lucrative Clients, Releases New Product

July 7, 2017

We are happy to see innovative cyber-security firm Darktrace meet with success. Access AI informs us that “Darktrace Reports $125 Million in New Contracts.” The post lists some of the company’s diverse customers, including the Blackhawk Network, Rakuten Securities, the Church of England, and Birmingham International Airport. We also learn:

A well-performing final financial quarter has left the company with a revenue increasing 600 percent year on year. 60 countries worldwide are currently using the company’s Enterprise Immune System technology. Darktrace reports that customer renewals are at 90% and that with over 360 employees, the company has doubled inside over the past year.

What makes Darktrace so special? The company is bringing machine learning and other AI tech into the cybersecurity field, where they are sorely needed. Leveraging the mathematics chops of certain Cambridge University specialists, their unique model takes inspiration from biological immune systems. The press release,“Darktrace Cyber ‘Immune System’ Fights Back” at PR Newswire, heralds the arrival of their product Antigena, which offers a sort of self-defense system for networks. The write-up tells us:

Darktrace is the first company in the world to arm the defenders with proven machine learning and mathematics that work without any prior knowledge of attacks, rules or signatures. With Antigena, Darktrace now spots and inoculates against unknown threats, as they germinate within organizations in real time.

 

‘The battlefield is the corporate network – we cannot fight the battle on the border anymore. We are living through a new era of threat which is relentless and pernicious – and it’s inside our networks now. Today, we have arrived at new detection that reacts faster than any security team can,’ said Nicole Eagan, CEO, Darktrace. …

 

Darktrace Antigena is a new product innovation, which replicates the function of antibodies in the human immune system. As the Enterprise Immune System detects a threat in its tracks, Antigena modules act as an additional defense capability that automatically neutralize live threats, without requiring human intervention.

Besides automatically fending off potential threats, there’s another big, but perhaps underappreciated advantage to Antigena—no time-wasting false alerts. To learn about the rest of Darktrace’s products, navigate here. The company was founded in Cambridge in 2013, and now keeps a second headquarters in San Francisco and offices around the world. Darktrace puts the utmost confidence in their team’s considerable expertise not only in mathematics and software development but also in intelligence gathering and cyber operations.

Cynthia Murrell, July 7, 2017

Ubers Kalanick Knew About Google IP Theft

July 6, 2017

Travis Kalanick’s troubles seem to be far from over. A new report suggests that Uber was in the know-how of Anthony Levandowski misdeeds at Google in IP theft.

TechCrunch in an article titled Waymo Filing Says Ex-Uber CEO Travis Kalanick Knew Engineer Had Google Info says:

In the ongoing legal case between Uber and Waymo, a new filing suggests Uber knew that Anthony Levandowski possessed Google information as of last March, before Otto’s acquisition.

Levandowski who headed the AI based self-driving car division Waymo at Google left the company and started Otto. The newly founded venture was soon usurped by Uber in 2016 to propel self-driving car division. Waymo claims that this is a breach of trust and despite Uber knowing the wrongdoings of Otto’s founder, still proceeded with the acquisition.

IP thefts are not uncommon in the corporate world. Apple, Samsung, Google, Microsoft, IBM every blue-chip tech firm has been accused of IP theft at one point in their lifetime. However, what needs to see is how Google that also has equity in Uber proceeds with the case.

Vishal Ingole, July 6, 2017

Booz Allen Hamilton Under Scrutiny

July 5, 2017

Consulting firm Booz Allen Hamilton is facing an inquiry by the U.S Department of Justice for irregularities in billing inappropriately its clientele mostly comprising of government agencies.

As reported by Washington Times in a news piece titled Booz Allen Hamilton Under Federal Investigation over Billing Irregularities, Contractor Says, the reporter says:

Booz Allen was notified of the probe earlier this month and is working to resolve the matter with federal investigators, the company said in a Securities and Exchange Commission filing Thursday afternoon.

This is not the first time that the consulting firm dubbed as world’s most profitable spy organization has come under fire. In October 2016, an employee of the company was apprehended by federal authorities in possession of classified information. This was the second time an employee of the largest intelligence and defense contractor was arrested on charges of spying and selling classified information.

The investigation pertaining to irregularities in billing in ongoing.

Vishal Ingole, July 5, 2017

Dark Web Notebook Now Available

June 5, 2017

Arnold Information Technology has published Dark Web Notebook: Investigative Tools and Tactics for Law Enforcement, Security, and Intelligence Organizations. The 250-page book provides an investigator with instructions and tips for the safe use of the Dark Web. The book, delivered as a PDF file, costs $49.

Orders and requests for more information be directed to darkwebnotebook@yandex.com. Purchasers must verify that they work for a law enforcement, security, or intelligence organization. Dark Web Notebook is not intended for general distribution due to the sensitive information it contains.

The author is Stephen E Arnold, whose previous books include CyberOSINT: Next Generation Information Access and Google Version 2.0: The Calculating Predator, among others. Arnold, a former Booz, Allen & Hamilton executive, worked on the US government-wide index and the Threat Open Source Intelligence Gateway.

The Dark Web Notebook was suggested by attendees at Arnold’s Dark Web training sessions, lectures, and webinars. The Notebook provides specific information an investigator or intelligence professional can use to integrate Dark Web information into an operation.

Stephen E Arnold, author of the Dark Web Notebook, said:

“The information in the Dark Web Notebook has been selected and presented to allow an investigator to access the Dark Web quickly and in a way that protects his or her actual identity. In addition to practical information, the book explains how to gather information from the Dark Web. Also included are lists of vendors who provide Dark Web services to government agencies along with descriptions of open source and commercial software tools for gathering and analyzing Dark Web data. Much of the information has never been collected in a single volume written specifically for those engaged in active investigations or operations.”

The book includes a comprehensive table of contents, a glossary of terms and their definitions, and a detailed index.

The book is divided into 13 chapters. These are:

  1. Why write about the Dark Web?
  2. An Introduction to the Dark Web
  3. A Dark Web Tour with profiles of more than a dozen Dark Web sites, their products, and services
  4. Dark Web Questions and Answers
  5. Basic Security
  6. Enhanced Security
  7. Surface Web Resources
  8. Dark Web Search Systems
  9. Hacking the Dark Web
  10. Commercial Solutions
  11. Bitcoin and Variants
  12. Privacy
  13. Outlook

In addition to the Glossary, the annexes include a list of DARPA Memex open source software written to perform specific Dark Web functions, a list of spoofed Dark Web sites operated by law enforcement and intelligence agencies, and a list of training resources.

Kenny Toth, June 5, 2017

Can Digital Shadows Meet the Award Hype for Their Cyber Defense Product

April 28, 2017

The article on Zawya titled Digital Shadows Continues to Make Waves with Two Prestigious Award Wins positions Digital Shadows as the juggernaut of the risk management market with its product SearchLight sweeping up honors left and right from Cyber Defense Magazine, Momentum Partners, and the 2016 SINET awards. Each accolade cites Digital Shadows cutting edge technology and strategy. What makes the company so innovative?

Digital Shadows monitors for digital risks beyond the boundary of an organization, identifying cyber threats, data leakage and reputational risk. It then notifies clients of data leaks online; hacktivists’ or cybercriminals’ plans to target the organization; employees or suppliers putting themselves and their company at risk; along with criminals selling company information and data on the surface and dark web.

Beyond this, the alerts themselves are verified and rated in urgency by a team of analysts who also advise the organization on how to proceed for customized threat intelligence. Alastair Paterson, CEO and Co-Founder, calls the process a “marriage” between the technology and the human team. Digital Shadows has seen monumental growth in the triple digits for the past three years including opening new offices in Dallas, San Francisco, and London and building an employee base of over 100 people.

Chelsea Kerwin, April 28, 2017

Dataminr Presented to Foreign Buyers Through Illegal Means

April 4, 2017

One thing that any company wants is more profit.  Companies generate more profit by selling their products and services to more clients.  Dataminr wanted to add more clients to their roster and a former Hillary Clinton wanted to use his political connections to get more clients for Dataminr of the foreign variety.  The Verge has the scoop on how this happened in, “Leaked Emails Reveal How Dataminr Was Pitched To Foreign Governments.”

Dataminr is a company specializing in analyzing Twitter data and turning it into actionable data sets in real-time.  The Clinton aide’s personal company, Beacon Global Strategies, arranged to meet with at least six embassies and pitch Dataminr’s services.  All of this came to light when classified emails were leaked to the public on DCLeaks.com:

The leaked emails shed light on the largely unregulated world of international lobbying in Washington, where “strategic advisors,” “consultants,” and lawyers use their US government experience to benefit clients and themselves, while avoiding public scrutiny both at home and overseas.

Beacon isn’t registered to lobby in Washington. The firm reportedly works for defense contractors and cybersecurity companies, but it hasn’t made its client list public, citing non-disclosure agreements. Beacon’s relationship with Dataminr has not been previously reported.

The aide sold Dataminr’s services in a way that suggest they could be used for surveillance.  Beacon even described Dataminr as a way to find an individual’s digital footprint.  Twitter’s development agreement forbids third parties from selling user data if it will be used for surveillance.  But Twitter owns a 5% stake in Dataminr and allows them direct access to their data firehose.

It sounds like some back alley dealing took place.  The ultimate goal for the Clinton aide was to make money and possibly funnel that back into his company or get a kickback from Dataminr.  It is illegal for a company to act in this manner, says the US Lobbying Disclosure Act, but there are loopholes to skirt around it.

This is once again more proof that while a tool can be used for good, it can also be used in a harmful manner.  It begs the question, though, that if people leave their personal information all over the Internet, is it not free for the taking?

Whitney Grace, April 4, 2017

Dark Web Expert Was There From the Beginning

March 21, 2017

Journalist William Langewiesche at Vanity Fair presents the storied career of a hacker-turned-security expert, whom he pseudonymously calls Opsec, in the extensive article, “Welcome to the Dark Net, a Wilderness Where Invisible World Wars are Fought and Hackers Roam Free.” The engaging piece chronicles the rise of the Dark Web alongside Opsec’s cyber adventures, which began when he was but a child in the late ’80s. It also clearly explains how some things work on and around the Dark Web, and defines some jargon. I would recommend this article as a clear and entertaining introduction to the subject, so readers may want to check out the whole thing.

Meanwhile, I found this tidbit about a recent botnet attack interesting. For background, Opsec now works for a large, online entertainment company. Langewiesche describes an intrusion the security expert recently found into that company’s systems:

The Chinese [hacking team] first went into a subcontractor, a global offshore payment processor that handled credit-card transactions, and then, having gained possession of that network, quietly entered the Company through a legitimate back door that had been installed on the Company’s network to administer consumer accounts. The initial breach was a work of art. The Chinese wrote a piece of customized software purely for that job. It was a one-of-a-kind ‘callback dropper,’ a Trojan horse that could be loaded with any of many malware modules, but otherwise stood empty, and regularly checked in with its masters to ask for instructions. Once inside the network, the Chinese were able to move laterally because the Company, for the sake of operational efficiency, had not compartmentalized its network. …

First, using ‘bounce points’ within the network to further obscure their presence, [the hackers] went after the central domain controller, where they acquired their own administrative account, effectively compromising 100 million user names and passwords and gaining the ability to push software packages throughout the network. Second, and more important, the Chinese headed into the network’s ‘build’ system, a part of the network where software changes are compiled and then uploaded to a content-distribution network for the downloading of updates to customers. In that position they acquired the ability to bundle their own software packages and insert them into the regular flow, potentially reaching 70 million personal computers or more. But, for the moment, they did none of that. Instead they installed three empty callback Trojans on three separate network computers and left them standing there to await future instructions. Opsec and his team concluded that the purpose was to lay the groundwork for the rapid construction of a giant botnet.

Opsec suspects the same payment processor vulnerability was exploited at other companies, as well, as part of a plan to launch this giant botnet as part of a global cyber-war. Considering he only caught the attack due to one small error made by the hackers, the discovery is unnerving. Opsec has his ideas on how to fight such a series of attacks, but he is holding off at the behest of his employer. Officially, at least. See the article for more information.

Cynthia Murrell, March 21, 2017

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta