Multiple Vendors Form Alliance to Share Threat Intelligence
October 20, 2016
In order to tackle increasing instances of digital security threats, multiple intelligence threat vendors have formed an alliance that will share the intelligence gathered by each of them.
An article that appeared on Network World titled Recorded Future aligns with other threat intelligence vendors states that stated:
With the Omni Intelligence Partner Network, businesses that are customers of both Recorded Future and participating partners can import threat intelligence gathered by the partners and display it within Intelligence Cards that are one interface within Recorded Future’s platform
Apart from any intelligence, the consortium will also share IP addresses that may be origin point of any potential threat. Led by Recorded Future, the other members of the alliance include FireEye iSIGHT, Resilient Systems and Palo Alto Networks
We had earlier suggested about formation inter-governmental alliance that could be utilized for sharing incident reporting in a seamless manner. The premise was:
Intelligence gathered from unstructured data on the Internet such as security blogs that might shed light on threats that haven’t been caught yet in structured-data feeds
Advent of Internet of Things (IoT) will exacerbate the problems for the connected world. Will Omni Intelligence Partner Network succeed in preempting those threats?
Vishal Ingole, October 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
What Lurks in the Dark Web?
October 20, 2016
Organizations concerned about cyber security can effectively thwart any threats conditionally they know a threat is lurking in the dark. An Israeli SaaS-based startup claims it can bridge this gap by offering real-time analysis of data on Dark Web.
TechCrunch in an article Sixgill claims to crawl the Dark Web to detect future cybercrime says:
Sixgill has developed proprietary algorithms and tech to connect the Dark Web’s dots by analyzing so-called “big data” to create profiles and patterns of Dark Web users and their hidden social networks. It’s via the automatic crunching of this data that the company claims to be able to identify and track potential hackers who may be planning malicious and illegal activity.
By analyzing the data, Sixgill claims that it can identify illegal marketplaces, data leaks and also physical attacks on organizations using its proprietary algorithms. However, there are multiple loopholes in this type of setup.
First, some Dark Web actors can easily insert red herrings across the communication channels to divert attention from real threats. Second, the Dark Web was created by individuals who wished to keep their communications cloaked. Mining data, crunching it through algorithms would not be sufficient enough to keep organizations safe. Moreover, AI can only process data that has been mined by algorithms, which is many cases can be false. TOR is undergoing changes to increase the safeguards in place for its users. What’s beginning is a Dark Web arms race. A pattern of compromise will be followed by hardening. Then compromise will occur and the Hegelian cycle repeats.
Vishal Ingole, October 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Pattern of Life Analysis to Help Decrypt Dark Web Actors
October 18, 2016
Google funded Recorded Future plans to use technologies like natural language processing, social network analysis and temporal pattern analysis to track Dark Web actors. This, in turn, will help security professionals to detect patterns and thwart security breaches well in advance.
An article Decrypting The Dark Web: Patterns Inside Hacker Forum Activity that appeared on DarkReading points out:
Most companies conducting threat intelligence employ experts who navigate the Dark Web and untangle threats. However, it’s possible to perform data analysis without requiring workers to analyze individual messages and posts.
Recorded Future which deploys around 500-700 servers across the globe monitors Dark Web forums to identify and categorize participants based on their language and geography. Using advanced algorithms, it then identifies individuals and their aliases who are involved in various fraudulent activities online. This is a type of automation where AI is deployed rather than relying on human intelligence.
The major flaw in this method is that bad actors do not necessarily use same or even similar aliases or handles across different Dark Web forums. Christopher Ahlberg, CEO of Recorded Future who is leading the project says:
A process called mathematical clustering can address this issue. By observing handle activity over time, researchers can determine if two handles belong to the same person without running into many complications.
Again, researchers and not AI or intelligent algorithms will have to play a crucial role in identifying the bad actors. What’s interesting is to note that Google, which pretty much dominates the information on Open Web is trying to make inroads into Dark Web through many of its fronts. The question is – will it succeed?
Vishal Ingole, October 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Demand for British Passports Surge on Dark Web Post Brexit
October 17, 2016
A Freedom of Information Act request submitted by British general insurer Esure reveals that 270,000 British passports have been reported missing so far in 2016. A tiny percentage of these passports are for sale on Dark Web for a premium.
In an article by Jennifer Baker titled Dark Web awash with pricey British passports after UK vote for Brexitstates:
The value of a fake British passport has increased by six percent since the vote in favor of Brexit, and is predicted to rise further if rules on European Union freedom of movement change
Each passport is being sold for around $3,360 and upwards in Bitcoin or its equivalent. Restriction of movement across borders from the European Union to the United Kingdom is considered to be the primary reason for the surge in demand for British passports.
While the asking price for smaller EU nation passports remains tepid on Dark Web, experts are warning that instances of British passport thefts will increase by 20 percent next year.
The offline and online black market for British passports is estimated to be around $57 million a year. According to Ms Baker:
The most common hotspots for passport theft included bars and restaurants (14 percent), the beach (14 percent), busy streets (14 percent) and hotel rooms (13 percent). However, it isn’t just overseas as one in five (19 percent) of people reported a passport being stolen from their own homes.
A stolen passport can be used without any hassles till it is reported lost or stolen, and Brexit rules come into force. Even after being reported, the passport can still be used for identity theft and other online scams. Can there be a better way to curb this practice of identity theft, Brexit or not?
Vishal Ingole, October 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Dark Web Casts a Shadow Toward Facebook
October 13, 2016
I read “Facebook Marketplace Becomes Black Market for Drugs and Guns.” The Dark Web is small, sort of a hassle, and generally disappointing for some of its most enthusiastic cheerleaders.
What’s that mean?
According to the write up:
Facebook launched Marketplace on Monday, October 3, offering users the opportunity to buy and sell items within their local community. On the day of its launch, the eBay and Craigslist competitor was already being used to list adult services, animals, drugs and other items that breach Facebook’s policies.
I learned:
Users took to social media to report listings on Marketplace, which included a hedgehog, a gun, a snake and a baby.
Facebook is in modification mode. Allegedly the company said via a spokesperson:
We are working to fix the problem and will be closely monitoring our systems to ensure we are properly identifying and removing violations before giving more people access to Marketplace.”
Several observations:
- Facebook reaches lots of people. The Dark Web doesn’t. Ergo. The Dark Web’s tendrils will reach toward the Facebook thing.
- Bad actors on the Dark Web are probably easier and quicker for authorities to observe.
- Facebook’s me too did not anticipate that its customers would bring the darkness to the otherwise sunny climes of grandmothers and their friends.
- Facebook’s strategic planning seems to have a bit of a gap.
Worth monitoring. From a distance.
Stephen E Arnold, October 13, 2016
Hacking Federal Agencies Now a Childs Play
October 12, 2016
A potentially dangerous malware called GovRat that is effective in cyber-espionage is available on Dark Web for as low as $1,000.
IBTimes recently published an article Malware used to target US Government and military being sold on Dark Web in which the author states –
The evolved version of GovRat, which builds on a piece of malware first exposed in November last year, can be used by hackers to infiltrate a victim’s computer, remotely steal files, upload malware or compromised usernames and passwords.
The second version of this malware has already caused significant damage. Along with it, the seller is also willing to give away credentials to access US government servers and military groups.
Though the exact identity of the creator of GovRat 2.0 is unknown, the article states:
Several of these individuals are known as professional hackers for hire,” Komarovexplained. He cited one name as ROR [RG] – a notorious hacker who previously targeted Ashley Madison, AdultFriendFinder and the Turkish General Directorate of Security (EGM).
Data of large numbers of federal employees are already compromised and details like email, home address, login IDs and hashed passwords are available for anyone who can pay the price.
InfoArmor a cybersecurity and identity protection firm while scanning the Dark Web forums unearthed this information and has already passed on the details to relevant affected parties. The extent of the damage is unknown, the stolen information can be used to cause further damage.
Vishal Ingole, October 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web for Sci-Tech Content without the Big Fees
October 11, 2016
Publishers are not happy. Sci-Hub, a Dark Web portal provides free access to 58 million academic papers and articles that usually are sold through costly subscriptions and pay walls in the real world.
In an article that appeared on ExpressVPN titled 9 Must-See .onion Sites from the Depths of the Dark Web, the author says that –
This (Sci-Hub) gives underfunded scientific institutions, as well as individuals, unprecedented access to the world’s collective knowledge, something certain to boost humankind’s search for an end to diseases, droughts, and hunger.
Sci-Hub is brainchild of Alexandra Elbakyan a Kazak girl who wanted free access to academic literature without having to worry about money.
According to Science Magazine, everybody from students, scholars, researchers to underfunded universities are accessing the pirated academic literature.
How will publishers respond? We assume there will be meetings, legal actions, more meetings, hand waving, and attempts to convince Ms. Elbakyan to do her online system the old fashioned way: Charge universities as much as humanly possible. If these procedures fail, Ms. Elbakyan may want to be accompanied by former Kazak Olympic wrestlers and at least one legal eagle as she wends her way through life.
Vishal Ingole, October 11, 2016
Need a Low Cost College Degree? Dark Web U Is for You
October 11, 2016
The lawless domain just got murkier. Apart from illegal firearms, passports, drugs and hitmen, you now can procure a verifiable college degree or diploma on Dark Web.
The Next Web in an article Dark Web crooks are selling fake degrees and certifications for the price of a smartphone REPORTS:
Cyber criminals have created a digital marketplace where unscrupulous students can
purchase or gain information necessary to provide them with unfair and illegal
academic credentials and advantages.
The certificates for these academic credentials are near perfect. But what makes this cybercrime more dangerous is the fact that hackers also manipulate the institution records to make the fake credential genuine.
The article ADDS:
A flourishing market for hackers who would target universities in order to change
grades and remove academic admonishments
This means that under and completely non-performing students undertaking an educational course need not worry about low grades or absenteeism. Just pay the hackers and you have a perfectly legal degree that you can show the world. And the cost of all these? Just $500-$1000.
What makes this particular aspect of Dark Web horrifying interesting is the fact that anyone who procures such illegitimate degree can enter mainstream job market with perfect ease and no student debt.
Vishal Ingole, October 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Terrorism and Technology Reports Released
October 11, 2016
Attempting to understand the level of threat a terrorist organization poses continues to be difficult. DefenseSystems.com published Report: Electronic jihad grows in sophistication, which shares the cyber-jihad survey from the Institute for Critical Infrastructure Technology. The authors of this survey present social media and other cyberspace tools to be “the great equalizer” in warfare. In addition to social media, there are a few hacker groups which have launched attacks on western websites and Arab media: the Cyber Caliphate, the dedicated hacker division of the Islamic State, and the Terrorist Team for Electronic Jihad. The write-up explains,
The cyber jihad survey notes that ISIS has mostly dedicated its expanding offensive cyber capabilities to specific social media accounts, including the Twitter and YouTube accounts of U.S. Central Command. Offensive capabilities are thought to include the use of malware, insider threats and “preconfigured tools.” Malware efforts have included spear-phishing emails containing malware designed to sweep up the IP addresses and geolocation data about anti-ISIS groups in the ISIS stronghold of Raqqa, Syria. As ISIS and other cyber-jihadists become more sophisticated and aggressive, experts worry that they will eventually attempt more audacious attacks.
However, a report from the federal government suggests ISIS’ Twitter traffic dropped 45 percent in the past two years. While terrorist group’s technology may be expanding in the arena of offensive strikes, officials believe the decline in Twitter popularity suggests recruitment may be slowing. We think there needs to more analysis of recruitment via Dark Web.
Megan Feil, October 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Need a Low Cost College Degree? Dark Web U Is for You
October 9, 2016
The lawless domain just got murkier. Apart from illegal firearms, passports, drugs and hit men, you now can procure a verifiable college degree or diploma on Dark Web.
The Next Web in an article Dark Web Crooks Are Selling Fake Degrees and Certifications for the Price of a Smartphone reports:
Cyber criminals have created a digital marketplace where unscrupulous students can purchase or gain information necessary to provide themselves with unfair and illegal academic credentials and advantages.
The certificates for these academic credentials are near perfect. But what makes this cybercrime more dangerous is the fact that hackers also manipulate the institution records to make the fake credential genuine.
The article adds:
A flourishing market for hackers who would target universities in order to change grades and remove academic admonishments
This means that under and completely non-performing students undertaking an educational course need not worry about low grades or absenteeism. Just pay the hackers and you have a perfectly legal degree that you can show the world. And the cost of all these? Just $500-$1000.
What makes this particular aspect of Dark Web horrifying interesting is the fact that anyone who procures such illegitimate degree can enter mainstream job market with perfect ease and no student debt.
Vishal Ingole, October 9, 2016
-
- Subscribe to Beyond Search
Feature archive
News archive
-
