TechnoSecurity & Digital Forensics Conference Info

July 20, 2017

I am giving two talks about the Dark Web at the September 2017 TechnoSecurity & Digital Forensics Conference. With the take down of AlphaBay and the attentions Dark Web sources of synthetic drugs are getting in the main stream media, the sessions will be of particular relevance to law enforcement, security, and intelligence professionals. My first talk is a quick start basics lecture. My second presentation focuses on free an and source tools and the commercial services which can flip on the lights in the Dark Web.

The conference has emerged as one of the most important resources for corporate network security professionals, federal, state and local law enforcement digital forensic specialists, and cybersecurity industry leaders from around the world. The purpose is to raise international awareness of developments, teaching, training, responsibilities, and ethics in the field of IT security and digital forensics. The event will feature more than 70 speakers, 60 sessions, 20 new product demonstrations, and 25 sponsors and exhibits. exhibits. For full details and to register, please visit www.TechnoSecurity.us.

As a reader of Beyond Search, you qualify for a 30 percent discount. Just use the promotional code DKWB17 when you sign up online.

Stephen E Arnold, July 20, 2017

Information about Dark Web Notebook

July 11, 2017

An email arrived yesterday saying, “We can’t find the Dark Web Notebook” on Bing, Google, or any other online search system. If you want to locate information about this new book, just navigate to Google and search for

Arnold Dark Web Notebook

Alternatively, you can use these links:

Buy the book: https://gum.co/darkweb

Table of contents: http://www.xenky.com/darkwebnotebook

The Association of Former Intelligence Officers has a profile of the book on its members-only Web site. Log in to obtain access to book synopsis.

Kenny Toth, July 11, 2017

 

Stephen E Arnold: Dark Web Use Expected to Increase

June 27, 2017

Author predicts filtering and other restrictions on the open Internet will push more users toward secret encrypted platforms

Despite stepped-up efforts by federal and local law enforcement agencies, the Dark Web and the contraband markets that thrive there will continue to grow in the coming years. That’s the conclusion shared by author and consultant Stephen E Arnold in his new book Dark Web Notebook, a practical guide for law enforcement, intelligence, and corporate security personnel.

Dark Web Notebook Cover 31617

Arnold was a featured speaker this month at the at the Techno Security & Digital Forensics Conference in Myrtle Beach, SC, where he explained how the Dark Web operates and how investigators can assume a secret identity and acquire the necessary tools to explore hidden online communities.

In his lectures, Arnold noted that governments in the UK, China, Egypt, and other countries are implementing tighter restrictions on electronic communications while private companies such as Facebook and Google are implementing more content filtering. The result, he said, is that more activities that are normally conducted on the “surface web” are migrating to the encrypted platforms offered by the Dark Web. At the same time, private citizens are adopting apps and other encryption tools to protect their personal privacy.

“It’s like squeezing a sponge or a tube of toothpaste,” Arnold said. “The substance has to go somewhere. The Dark Web will become more attractive to people who want to conduct their affairs in secret and that will make the Dark Web an increasing area of interest to law enforcement, security and intelligence professionals.”

The Dark Web is also flashing on the radar of state and local law enforcement agencies. A June 10 article in the New York Times (https://www.nytimes.com/2017/06/10/business/dealbook/opioid-dark-web-drug-overdose.html) described how police in the resort town of Park City, UT, had to learn about the Dark Web after two 13-year-old boys died after taking a synthetic opioid called “Pinky” that was purchased on the Dark Web.

“This terrible tragedy is an example of how the influence of the Dark web is spreading into small town in the US and around the world. Law enforcement personnel at all levels are going to need to understand how this new environment functions if they hope to protect the citizens in their communities,” Arnold said.

Although much has been written about the Dark Web, Arnold’s book is unique in that it was created specifically for investigators. It presents step-by-step instructions that help investigators safely explore the digital underworld. The book is available as a 250-page digital download for $49 at https://gum.co/darkweb.

In addition to his lectures, Arnold also offers a hands-on tutorial for small groups of qualified participants. In these sessions, participants use a secure computer to create a “legend” identity and explore the Dark We. They also learn how to acquire other digital tools and services including Bitcoin, the digital currency favored by Dark Web vendors.

Arnold will present his lectures and tutorial again at the 2017 Techno Security & Digital Forensics Conference September 18-20 in San Antonio. Information about the conference is available at www.technosecurity.us.

About the Book

The 250-page book includes a tour of the Dark Web with profiles of vendors and markets, explanations of access tools such as the Tor browser, reviews of services for searching Dark Web content, research resources available on the public Internet, and details about commercial solutions.

Detailed descriptions of each chapter are posted at http://xenky.com/darkwebnotebook.

The book is available as a digital download for $49 at https://gum.co/darkweb.

About the Author

Stephen E Arnold’s career includes work at Halliburton Nuclear Utility Services and Booz, Allen & Hamilton. He built and sold several stary-up ventures including The Point Internet Service. He and his team built the online system for the Threat Open Intelligence Gateway (TOSIG) for the US government. He is the author of The Google Legacy (2005), Google Version 2 (2007), and Google: The Digital Gutenberg (2009). In 2015, he published CyberOSINT: Next Generation Information Access. He is a Summa cum laude graduate of Bradley University and he has completed work on his PhD at the University of Illinois.

About ArnoldIT

Arnold Information Technology conducts research into online information and services. Founded by Stephen E Arnold in 1991, the company has provided technology services to organizations worldwide.

Ric Manning, June 27, 2017

HonkinNews for 20 June 2017 Now Available

June 20, 2017

HonkinNews reminds everyone that success may be measured in the size of one’s golden parachute. We report that Yahoot (sorry, I meant, Yahoo) is now Oath with a colon. As we ponder the end of Yahoot, we mention that Yahoot’s former president is leaving the company in a cloud of purple haze with about $250 million. Yahoooo. The Dark Web presentations at the TechnoSecurity & Digital Forensics Conference seemed to be a hit. The two public lectures attracted 310 people. The special hands on session was sold out. We report that the launch of Dark Web Notebook (available at gum.com/darkweb) caught some attendees’ attention as well. This week’s program has the details. Concerned that your Big Data or content processing system is an error-generation machine? The solution is editorial controls before one starts crunching. HonkinNews reveals that using the term “data governance” is no substitute for management and planning ahead. What about Palantir? Watch this week’s program to learn that Palantir, once an outsider for some government work, is now an insider. You can find this week’s program at this link.

Kenny Toth, June 20, 2017

Dark Web? Likely to Gain Traction

June 14, 2017

I completed a series of presentations at the TechnoSecurity & Digital Forensics Conference, June 5, 6, and 7. After my two presentations, two attendees spoke with me as I was preparing for my three hour invitation only tutorial on June 7. The two individuals told me that the most surprising point I made was that the Dark Web will become more important.

As we talked about their comment, I learned that after my talks a number of people were discussing the “knowledge gap” I identified in the existing cyber training programs. Specifically, the how to aspect of obtaining information about the Dark Web was a topic of considerable interest.

image

Stephen E Arnold fields a question about the impact of censorship, filtering, and surveillance on the Dark Web.

However, I learned from these professionals that the stepped up efforts to require Internet companies to perform filtering for hate speech and other information was moving forward in parallel with Theresa May’s call for more stringent content filtering in the UK. Egypt is following suit. Are the actions of Nokia Symbian and the BlackBerry OS smartphones an example of greater controls on WhatsApp?

The conclusion I offered was that activities possible on Surface Web services would force some activities to the Dark Web. As a result, as law enforcement, intelligence, and government efforts increased on Surface Web traffic, services, Web sites, and apps, the importance of the Dark Web would go up.

In my talks I offered this information in the context of squeezing a sponge or tube of toothpaste. The substance has to go elsewhere.

To sum up, the Dark Web is poised to become of more interest to those engaged in law enforcement, security, and intelligence activities.

For more information about the Dark Web, you can navigate to www.xenky.com/darkwebnotebook to get information about my handbook designed for professionals working in the LE and intel field. My earlier book about CyberOSINT is described at www.xenky.com/cyberosint.

Watch for information about my participation in the TechnoSecurity conference in San Antonio, Texas, in September 2017. We are considering an advanced Dark Web session as well as an invitation only training session about creating a legend for a false identity. These sessions are available only to those currently working in US or its allies’ law enforcement and intelligence entities.

Stephen E Arnold, June 14, 2017

Dark Web Notebook Now Available

June 5, 2017

Arnold Information Technology has published Dark Web Notebook: Investigative Tools and Tactics for Law Enforcement, Security, and Intelligence Organizations. The 250-page book provides an investigator with instructions and tips for the safe use of the Dark Web. The book, delivered as a PDF file, costs $49.

Orders and requests for more information be directed to darkwebnotebook@yandex.com. Purchasers must verify that they work for a law enforcement, security, or intelligence organization. Dark Web Notebook is not intended for general distribution due to the sensitive information it contains.

The author is Stephen E Arnold, whose previous books include CyberOSINT: Next Generation Information Access and Google Version 2.0: The Calculating Predator, among others. Arnold, a former Booz, Allen & Hamilton executive, worked on the US government-wide index and the Threat Open Source Intelligence Gateway.

The Dark Web Notebook was suggested by attendees at Arnold’s Dark Web training sessions, lectures, and webinars. The Notebook provides specific information an investigator or intelligence professional can use to integrate Dark Web information into an operation.

Stephen E Arnold, author of the Dark Web Notebook, said:

“The information in the Dark Web Notebook has been selected and presented to allow an investigator to access the Dark Web quickly and in a way that protects his or her actual identity. In addition to practical information, the book explains how to gather information from the Dark Web. Also included are lists of vendors who provide Dark Web services to government agencies along with descriptions of open source and commercial software tools for gathering and analyzing Dark Web data. Much of the information has never been collected in a single volume written specifically for those engaged in active investigations or operations.”

The book includes a comprehensive table of contents, a glossary of terms and their definitions, and a detailed index.

The book is divided into 13 chapters. These are:

  1. Why write about the Dark Web?
  2. An Introduction to the Dark Web
  3. A Dark Web Tour with profiles of more than a dozen Dark Web sites, their products, and services
  4. Dark Web Questions and Answers
  5. Basic Security
  6. Enhanced Security
  7. Surface Web Resources
  8. Dark Web Search Systems
  9. Hacking the Dark Web
  10. Commercial Solutions
  11. Bitcoin and Variants
  12. Privacy
  13. Outlook

In addition to the Glossary, the annexes include a list of DARPA Memex open source software written to perform specific Dark Web functions, a list of spoofed Dark Web sites operated by law enforcement and intelligence agencies, and a list of training resources.

Kenny Toth, June 5, 2017

Dark Web Monitoring

May 26, 2017

As criminals have flocked to the Dark Web, the need for companies to protect themselves from hackers has escalated quickly. But are Dark Web Monitoring services worth the price tag, or is this today’s snake oil? Motherboard examines that issue in, “The Booming, and Opaque, Business of Dark Web Monitoring.”

There are two basic approaches to Dark Web Monitoring, explains contributor Joseph Cox. The first relies on algorithms to flag stolen data, while the second sends humans on fishing expeditions to Dark Web forums. Either way, though, the complexity and underground nature of the Dark Web make wild-goose chases inevitable. Cox writes:

Fundamental problems with the very idea of some of these services, such as the issue of verifying information gleaned from forums and marketplaces, means they might be providing an illusion of security, rather than the real thing.

 

There is a lot of misleading or outright fabricated information in the dark web. Often, particular listings or entire sites are scams, and forum chatter can be populated with people just trying to rip each other off. For that reason, it’s not really good enough to just report everything and anything you see to a customer.

Cox consulted with several Dark Web Monitoring vendors, who describe a balancing act—avoid passing along false flags (which cost clients time and money) while ensuring real threats do not slip through their fingers. A “confidence-level” some services include with each report aims to mitigate that uncertainty, but it is an inexact science. Especially since the Dark Web is ever changing.

Cynthia Murrell, May 26, 2017

Your Tax Information Might Be for Sale on Dark Web

May 23, 2017

Theft of personal and sensitive information continues to be a threat for Internet users. Tax information is available for sale for as low as $30 in bulk over Dark Web.

WTMJ-TV published a news report titled Officials Say Thieves Are Stealing Tax Info and Selling It on the Dark Web says:

It may be past tax time, but that doesn’t mean the stress is over. Experts say thieves are stealing W-2 information and selling it on the part of the Internet hidden from search engines known as the dark web.

In this particular instance, the culprit masquerading as a high-level company executive asked the clerk at a company office to mail all W-2 forms. Though the con was discovered immediately, albeit it was too late.

Despite strict IT security policies, data thieves manage to steal sensitive information using a technique called as social engineering. This includes gathering bits and pieces of information from multiple employees and using it together to con someone higher-up for stealing the information. Experts are of the opinion that prevention is the only protection in such cases.

Vishol Ingole, May 23, 2017

Dark Web Expert Was There From the Beginning

March 21, 2017

Journalist William Langewiesche at Vanity Fair presents the storied career of a hacker-turned-security expert, whom he pseudonymously calls Opsec, in the extensive article, “Welcome to the Dark Net, a Wilderness Where Invisible World Wars are Fought and Hackers Roam Free.” The engaging piece chronicles the rise of the Dark Web alongside Opsec’s cyber adventures, which began when he was but a child in the late ’80s. It also clearly explains how some things work on and around the Dark Web, and defines some jargon. I would recommend this article as a clear and entertaining introduction to the subject, so readers may want to check out the whole thing.

Meanwhile, I found this tidbit about a recent botnet attack interesting. For background, Opsec now works for a large, online entertainment company. Langewiesche describes an intrusion the security expert recently found into that company’s systems:

The Chinese [hacking team] first went into a subcontractor, a global offshore payment processor that handled credit-card transactions, and then, having gained possession of that network, quietly entered the Company through a legitimate back door that had been installed on the Company’s network to administer consumer accounts. The initial breach was a work of art. The Chinese wrote a piece of customized software purely for that job. It was a one-of-a-kind ‘callback dropper,’ a Trojan horse that could be loaded with any of many malware modules, but otherwise stood empty, and regularly checked in with its masters to ask for instructions. Once inside the network, the Chinese were able to move laterally because the Company, for the sake of operational efficiency, had not compartmentalized its network. …

First, using ‘bounce points’ within the network to further obscure their presence, [the hackers] went after the central domain controller, where they acquired their own administrative account, effectively compromising 100 million user names and passwords and gaining the ability to push software packages throughout the network. Second, and more important, the Chinese headed into the network’s ‘build’ system, a part of the network where software changes are compiled and then uploaded to a content-distribution network for the downloading of updates to customers. In that position they acquired the ability to bundle their own software packages and insert them into the regular flow, potentially reaching 70 million personal computers or more. But, for the moment, they did none of that. Instead they installed three empty callback Trojans on three separate network computers and left them standing there to await future instructions. Opsec and his team concluded that the purpose was to lay the groundwork for the rapid construction of a giant botnet.

Opsec suspects the same payment processor vulnerability was exploited at other companies, as well, as part of a plan to launch this giant botnet as part of a global cyber-war. Considering he only caught the attack due to one small error made by the hackers, the discovery is unnerving. Opsec has his ideas on how to fight such a series of attacks, but he is holding off at the behest of his employer. Officially, at least. See the article for more information.

Cynthia Murrell, March 21, 2017

Bitcoin Alternative Monero Accepted by AlphaBay

March 17, 2017

As institutions like banks and law enforcement come to grips with the flow of Bitcoin, another cyber currency is suddenly gaining ground. Bloomberg Technology reveals, “New Digital Currency Spikes as Drug Dealers Get More Secrecy.” The coin in question, Monero, has been around for a couple of years, but was recently given a boost by the marketplace AlphaBay, one of the most popular destinations for buyers of illicit drugs on the Dark Web. In the two weeks after the site announced it would soon accept Monero, the total worth of that currency in circulation jumped to over $100 million (from about $25 million the previous month). Writer Yuji Nakamura explains why a shift may be underway:

Bitcoin, the most popular digital currency in the world with a total value of $9.1 billion, also allows users to move funds discreetly and uses a network of miners to verify the authenticity of each trade. But its privacy has come under threat as governments and private investigators increase their ability to track transactions across the bitcoin network and trace funds to bank accounts ultimately used to convert digital assets to and from traditional currencies like U.S. dollars.

Monero similarly uses a network of miners to verify its trades, but mixes multiple transactions together to make it harder to trace the genesis of the funds. It also adopts ‘dual-key stealth’ addresses, which make it difficult for third-parties to pinpoint who received the funds.

For any two outputs, from the same or different transactions, you cannot prove they were sent to the same person,’ Riccardo Spagni, a lead developer of Monero, wrote by e-mail. Jumbling trades together makes it ‘impossible to tell which transaction, of a set of transactions, a particular input comes from. It appears to come from all of them.

Though Monero has yet to withstand the trials of AlphaBay-level volumes for long, its security features received praise from investor and prominent digital-currency-advocate Roger Ver. As of this writing, Monero is ranked fifth among digital currencies in overall market value. Click here for a list of digital currencies ranked, in real time, by market cap.

Cynthia Murrell, March 17, 2017

Next Page »

  • Archives

  • Recent Posts

  • Meta