February 14, 2017
A feature article on CNN recently provided some background on Dark Web marketplaces. Entitled Inside the illegal online weapons trade, this piece shares the story of Michael Andrew Ryan. Ryan adopted the moniker gunrunner and opened up a gun sales business on the Dark Web while based in a small town in Kansas. Dark Web trading statistics are tough to pinpoint. However, in comparison with other illegal online trading, gun sales on the Dark Web are less than 3% according to a Carnegie Mellon professor and researcher. The author writes,
By the way, it’s entirely legal to buy guns online in the U.S. — although the process is more complicated, depending on various factors. Nonetheless, the ATF said it’s taking enforcement to a new level by creating an Internet Investigations Center aimed at combating illegal online gunrunners. The center includes federal agents, legal counsel and investigators. Their job: track illegal online firearms trafficking and feed intelligence to agents in the field. It’s a gigantic task, which aims to hit a constantly moving target.
While we will not comment on the sensationalizing and dramatizing of the Dark Web through Ryan’s story, we can say found the concluding remarks above to be helpful. This presents a good picture of the interconnectivity between multiple layers of law enforcement. It also hints at a need for technology upgrades in this cybersecurity arena.
Megan Feil, February 14, 2017
February 13, 2017
Have you ever heard of dark pools? You may be hearing more about them as Bitcoin pioneer Jered Kenna and TradeZero offer digital currency dark pool trading. According to this International Business Times article, these two have created the world’s first dark pool exchange for Bitcoin. Their plan is to eventually scale to include other digital currencies. What is a dark pool? It is a private exchange to trade securities in a way where large transactions can occur without impacting the marketing. This means it can be used to avoid adverse price movements. We learned,
The Bitcoin market is less liquid than traditional FX and hence more volatile. Dark pool trading in Bitcoin would be useful to mainstream investors who may want to make large trades in Bitcoin, or use it as a currency hedge without alerting the market to their positions. Kenna, who launched the first US Bitcoin exchange in 2011, brings a wealth of experience to the table. He told IBTimes UK: “Dark pool trading certainly mitigates volatility where individuals making large trades are concerned.
Apparently, the size of the trade one would need to impact the Bitcoin market in is much smaller than what traditional traders experience. Jared Kenna appears to be projecting the future of Bitcoin, and non-traditional currencies in general, to explode. Why else would there be such a need for this kind of service? This is something we will be keeping an eye on, especially as it may come to be more interconnected with Dark Web matters.
Megan Feil, February 13, 2017
February 10, 2017
Business is apparently booming for Dark Web drug sales. Business Insider published an article that reports on this news: An in-depth new study shows that the online market for illegal drugs is skyrocketing. The study conducted by RAND Europe found the number of transactions on illegal drug sites has tripled since 2013, and revenues have almost doubled. Apparently, most of the shipping routes are within North America. The article tells us,
Elsewhere in the study, researchers found that wholesale transactions (which it categorised as sales worth over $1,000 [£770]) generated a quarter of total revenue for drug marketplaces. That figure was unchanged between 2013 and 2016, though. Cannabis was the most popular drug globally, making up 33% of drug marketplace transactions. But the report looked at sales to Holland specifically and found that it only made up 17% of transactions there. That’s likely because the sale of cannabis is legal in the country through licensed venues, reducing the need for people to use illegal online stores.
The year 2013 carries meaning because it was in fall 2013 that the Silk Road was shut down. This study suggests its closure did not eliminate Dark Web drug sales. As the article alludes to, as cannabis laws may or may not change in the United States, it will be interesting to see how this affects Dark web use and marketplace sales.
Megan Feil, February 10, 2017
February 7, 2017
Some articles about the Dark Web are erring on the side of humor about it’s threat-factor. Metro UK published 12 scary things which happen when you go on the ‘Dark Web’, which points out some less commonly reported happenings on the Dark Web. Amongst the sightings mentioned were: a German man selling pretzels, someone with a 10/10 rating at his carrot (the actual vegetable) marketplace, and a template for creating counterfeit Gucci designs. The article reports,
Reddit users shared their stories about the ‘dark web’ – specifically Tor sites, invisible to normal browsers, and notorious for hosting drug markets and child pornography. Using the free Tor browser, you can access special .onion sites – only accessible using the browser – many of which openly host highly illegal content including pirated music and films, drugs, child pornography and sites where credit card details are bought and sold.
While we chose not to summarize several of the more dark happenings mentioned by Redditors, we know the media has given enough of that side to let your imaginations run wild. Of course, as has also been reported by more serious publications, it is a myth that the Dark Web is only filled with cybercriminals. Unless pretzels have qualities that have yet to be understood as malicious.
Megan Feil, February 7, 2017
January 19, 2017
A prison librarian in England who purchased drugs and weapons over the Dark Web for supplying them to prisoners was sentenced to 7-years in prison.
The Register in a news report Prison Librarian Swaps Books for Bars After Dark-Web Gun Buy Caper says:
Dwain Osborne, of Avenue Road, Penge, in London, was nabbed in October of 2015 after he sought to procure a Glock 19 – a staple of police and security forces worldwide – and 100 rounds of ammunition on the dark web. A search of Osborne’s house revealed the existence of a storage device, two stolen passports, and a police uniform.
Osborne was under the impression that like other Dark Web actors, he too is untraceable. What made the sleuths suspicious is not known, however, the swift action and prosecution are commendable. Law enforcement agencies are challenged by this new facet of crime wherein most perpetrators manage to remain anonymous.
Most arrests related to the purchase of arms and drugs over Dark Web were result of undercover operations. However, going beyond this type of modus operandi is the need of the hour.
Systems like Apacke Teka seem to be promising, but it is premature to say how such kind of systems will evolve and most importantly, will be implemented.
Vishal Ingole, January 19, 2017
January 17, 2017
Unsuspecting Royal Mail postmen are delivering narcotics and drugs ordered over Dark Web to punters and buyers with much efficiency. Taking cognizance of the fact, The Home Office is planning an investment of GBP 1.9 billion over next five years to fight this new face of crime.
The Sun in an article titled Royal Mail Postmen Unknowingly Deliver Drugs Parcels Bought From the Dark Web says:
Royal Mail postmen are unknowingly delivering drug parcels bought from the dark web, it has been revealed. Millions of pounds of drugs are bought online every day via the dark web and shipped to punters anonymously.
The postmen, however, cannot be blamed as they are ill-equipped to find out what’s hidden inside a sealed parcel. Though drug sniffing dogs exist on paper for the Royal Mail, many postmen say they never saw one in their service life. Technology is yet to catch-up with dogs that can sniff out the drugs.
As the postmen are being put at risk delivering these packages, the Home Office in a statement said:
We have committed to spending £1.9bn on cybersecurity over the next five years, including boosting the capabilities of the National Crime Agency’s National Cyber Crime Unit, increasing their ability to investigate the most serious cybercrime.
Law enforcement agencies, including the ones in the US will have to invest in detecting and preventing such crimes. So far the success ratio has been barely encouraging. Till then, unsuspecting people will be used as pawns by cybercriminals, royally!
Vishal Ingole, January 17, 2017
January 16, 2017
Conventional search engines can effectively index text based content. However, Apache Tika, a system developed by Defense Advanced Research Projects Agency (DARPA) can identify and analyze all kinds of content. This might enable law enforcement agencies to track all kind of illicit activities over Dark Web and possibly end them.
An article by Christian Mattmann titled Could This Tool for the Dark Web Fight Human Trafficking and Worse? that appears on Startup Smart says:
At present the most easily indexed material from the web is text. But as much as 89 to 96 percent of the content on the internet is actually something else – images, video, audio, in all thousands of different kinds of non-textual data types. Further, the vast majority of online content isn’t available in a form that’s easily indexed by electronic archiving systems like Google’s.
Apache Tika, which Mattmann helped develop bridges the gap by analyzing Metadata of the content type and then identifying content of the file using techniques like Named Entity Recognition (NER). Apache Tika was instrumental in tracking down players in Panama Scandal.
If Apache Tika is capable of what it says, many illicit activities over Dark Web like human trafficking, drug and arms peddling can be stopped in its tracks. As the author points out in the article:
Employing Tika to monitor the deep and dark web continuously could help identify human- and weapons-trafficking situations shortly after the photos are posted online. That could stop a crime from occurring and save lives.
However, the system is not sophisticated enough to handle the amount of content that is out there. Being an open source code, in near future someone may be able to make it capable of doing so. Till then, the actors of Dark Web can heave a sigh of relief.
Vishal Ingole, January 16, 2017
January 13, 2017
The Dark Web continues to be under the microscope. Sophos’ blog, Naked Security, published an article, The Dark Web: Just How Dark Is It? questioning the supposed “dark” motivations of its actors. This piece also attempts to bust myths about the complete anonymity of Tor. There is an entry guard, which knows who the user is, and an exit node, which knows the user’s history and neither of these are easy to avoid. Despite pointing out holes in the much-believed argument full anonymity always exists on Tor, the author makes an effort to showcase “real-world” scenarios for why their average readers may benefit from using Tor:
If you think a web site is legitimate, but you’re not completely sure and would like to “try before you buy,” why not take an incognito look first, shielding your name, your IP number, even your country? If you’re investigating a website that you think has ripped off your intellectual property, why advertise who you are? If you want to know more about unexceptionable topics that it would nevertheless be best to keep private, such as medical issues, lifestyle choices or a new job, why shouldn’t you keep your identity to yourself? Similarly, if you want to offer online services to help people with those very issues, you’d like them to feel confident that you’ll do your best to uphold their privacy and anonymity.
We’re not convinced — but perhaps that is because the article put its foot in its mouth. First, they tell us Tor does not provide full anonymity and then the author attempts to advocate readers use Tor for anonymity. Which is it? More investigation under a different lens may be needed.
Kenny Toth, January 13, 2017
January 12, 2017
An article on Security Affairs called Boffins spotted over 100 snooping Tor HSDir nodes spying on Dark Web sites points to a new tactic that could be useful to companies offering Dark Web intelligence services. Within the inner workings of the Dark Web live at least 100, according to researchers, malicious hidden service directories (HSDirs). These are the relays of the network that allow people to visit hidden services. The author quotes researchers Filippo Valsorda and George Tankersley who presented at the Hack in the Box Security Conference,
When a person wants to host a hidden service, they have to advertise their service on a Tor Onion database, which is a DHT made up of a group of stable relay machines called HSDirs . The person who wants to visit the hidden service has to request information about that service from the database. Therefore, those relays or HSDirs can see who is making the request for a connection and when you want to connect. Therefore, to deanonymize a user’s traffic, an attacker could choose to become the HSDir nodes for the hidden service.
Additionally, researchers from Karlstad University in Sweden found 25 nodes within the The Onion Router (Tor) which showed entities snooping on the supposedly anonymous network. It appears gaps exist. The research shows an unspecified actor from Russia was eavesdropping. Are these snoopers Dark Web intelligence or cybercriminals? We shall stay tuned.
Megan Feil, January 12, 2017
January 11, 2017
Vendors of stolen credit card information on the dark web are now verifying their customers’ identities, we learn from an article at the International Business Times, “The Fraud Industry: Expect to be KYC’d by Criminals When Buying Stolen Credit Cards on the Dark Web.” Yes, that is ironic. But these merchants are looking for something a little different from the above-board businesses that take KYC measures. They want to ensure potential clients are neither agents of law-enforcement nor someone who will just waste their time. Reporter Ian Allison cites Richard Harris, an expert in fraud detection through machine learning, when he writes:
Harris said some websites begin with a perfunctory request that the buyer produce some stolen card numbers of their own to show they are in the game. ‘There are various websites like that where undercover cops have been caught out and exposed. Like anybody else, they are in business and they take the security of their business seriously,’ he said.
Things have moved on from the public conception of a hacker in a hoodie who might hack the Pentagon’s website one day and steal some credit card details the next. That was 10 or 15 years ago. Today this is a business, pure and simple. It is about money and lots of it, like for instance the recent hit in Japan that saw a criminal gang make off with ¥1.4bn (£8.9m, $13m) from over 1,400 ATMs in under three hours. They simultaneously targeted teller machines located in Tokyo, Kanagawa, Aichi, Osaka, Fukuoka, Nagasaki, Hyogo,Chiba and Nigata. The Japanese police suspect more than 100 criminals were involved in the heist.
Harris is excited about the potential for machine learning to help thwart such sophisticated and successful, criminals. The article continues with more details about today’s data-thievery landscape, such as the dark-web bulletin boards where trade occurs, and the development of “sniffers” — fake wi-fi hubs that entice users with a promise of free connectivity, then snatch passwords and other delectable data. Allison also mentions the feedback pages on which customers review dark-web vendors, and delves into ways the dark web is being used to facilitate human trafficking. See the write-up for more information.
Cynthia Murrell, January 11, 2017