The FBI Uses Its Hacking Powers for Good
March 4, 2016
In a victory for basic human decency, Engadget informs us, the “FBI Hacked the Dark Web to Bust 1,500 Pedophiles.” Citing an article at Vice Motherboard, writer Jessica Conditt describes how the feds identified their suspects through a site called (brace yourself) “Playpen,” which was launched in August 2014. We learn:
Motherboard broke down the FBI’s hacking process as follows: The bureau seized the server running Playpen in February 2015, but didn’t shut it down immediately. Instead, the FBI took “unprecedented” measures and ran the site via its own servers from February 20th to March 4th, at the same time deploying a hacking tool known internally as a network investigative technique. The NIT identified at least 1,300 IP addresses belonging to visitors of the site.
“Basically, if you visited the homepage and started to sign up for a membership, or started to log in, the warrant authorized deployment of the NIT,” a public defender for one of the accused told Motherboard. He said he expected at least 1,500 court cases to stem from this one investigation, and called the operation an “extraordinary expansion of government surveillance and its use of illegal search methods on a massive scale,” Motherboard reported.
Check out this article at Wired to learn more about the “network investigative technique” (NIT). This is more evidence that, if motivated, the FBI is perfectly capable of leveraging the Dark Web to its advantage. Good to know.
Cynthia Murrell, March 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Stolen Online Account Info Now More Valuable than Stolen Credit Card Details
March 2, 2016
You should be aware that criminals are now less interested in your credit cards and other “personally identifiable information” and more keen on exploiting your online accounts. As security firm Tripwire informs us in their State of Security blog, “Stolen Uber, PayPal Accounts More Coveted than Credit Cards on the Dark Web.” Writer Maritza Santillan explains:
“The price of these stolen identifiers on the underground marketplace, or ‘the Dark Web,’ shows the value of credit cards has declined in the last year, according to security firm Trend Micro. Last week, stolen Uber account information could be found on underground marketplaces for an average of $3.78 per account, while personally identifiable information, such as Social Security Numbers or dates of birth, ranged from $1 to $3.30 on average – down from $4 per record in 2014, reported CNBC. Furthermore, PayPal accounts – with a guaranteed balance of $500 –were found to have an average selling price of $6.43. Facebook logins sold for an average of $3.02, while Netflix credentials sold for about 76 cents. By contrast, U.S.-issued credit card information, which is sold in bundles, was listed for no more than 22 cents each, said CNBC.”
The article goes on to describe a few ways criminals can leverage these accounts, like booking Uber “ghost rides,” or assembling personal details for a very thorough identity theft. Pros say the trend means service providers to pay closer attention to usage patterns, and to beef up their authentication processes. Specifically, says Forrester’s Andras Cser, it is time to move beyond passwords; instead, he proposes, companies should look for changes in biometric data, like phone position and finger pressure, which would be communicated back to them by our mobile devices. So we’re about to be even more closely monitored by the companies we give our money to. All for our own good, of course.
Cynthia Murrell, March 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Tor Communication Software for Journalists and Sources Launches
February 29, 2016
A new one-to-one messaging tool for journalists has launched after two years in development. The article Ricochet uses power of the dark web to help journalists, sources dodge metadata laws from The Age describes this new darknet-based software. The unique feature of this software, Ricochet, in comparison to others used by journalists such as Wickr, is that it does not use a server but rather Tor. Advocates acknowledge the risk of this Dark Web software being used for criminal activity but assert the aim is to provide sources and whistleblowers an anonymous channel to securely release information to journalists without exposure. The article explains,
“Dr Dreyfus said that the benefits of making the software available would outweigh any risks that it could be used for malicious purposes such as cloaking criminal and terrorist operations. “You have to accept that there are tools, which on balance are a much greater good to society even though there’s a tiny possibility they could be used for something less good,” she said. Mr Gray argued that Ricochet was designed for one-to-one communications that would be less appealing to criminal and terrorist organisers that need many-to-many communications to carry out attacks and operations. Regardless, he said, the criminals and terrorists had so many encryption and anonymising technologies available to them that pointing fingers at any one of them was futile.”
Online anonymity is showing increasing demand as evidenced through the recent launch of several new Tor-based softwares like Ricochet, in addition to Wickr and consumer-oriented apps like Snapchat. The Dark Web’s user base appears to be growing and diversifying. Will public perception follow suit?
Megan Feil, February 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
More Hacked US Voter Data Appears on the Dark Web
February 25, 2016
From HackRead comes a piece called More US Voters Data Circulating on the Dark Net, which points to the lack of protection surrounding data on US voters. This data was leaked on the site The Hell on Dark Web. No reports yet suggest how this data was hacked. While no social security numbers or highly sensitive information was released, records include name, date of birth, voter registration dates, voting records, political affiliation and address. Continuing the explanation of implications, the article’s author writes,
“However, it provides any professional hacker substantial information to initiate and plan a phishing attack in the next election which takes place in the US. Recent discoveries, news and speculations have exposed the role of nation-state actors and cyber criminals in planning, instigating and initiating hacking attacks aimed at maligning the upcoming US elections. While social media has emerged as one of the leading platforms adopted by politicians when they wish to spread a certain message or image, cyber criminals and non-state actors are also utilizing the online platform to plan and initiate their hacking attacks on the US election.”
As the article reminds us, this is the not first instance of voter records leaking. Such leaks call into question how this keeps happening and makes us wonder about any preventative measures. The last thing needed surrounding public perception of voting is that it puts one at risk for cyber attacks. Aren’t there already enough barriers in place to keep individuals from voting?
Megan Feil, February 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
Google to Combat Terrorist Messages with Counter Narrative AdWords
February 22, 2016
Governments are not alone in the fight against terrorism. Google Will Show ‘Counter-Narrative’ AdWords To Users Searching For Terrorist Websites from Tech Week Europe explains how Google is playing a role in containing terrorist messages. In effort to prove their commitment to anti-terrorist initiatives to UK members of parliament, Google will employ a counter narrative strategy using Google AdWords as a marketing channel for their anti-extremist messages. According to the article,
“Users searching for words and websites associated with religious extremism that is linked to terrorism will be shown the ‘counter-narrative’ via Google AdWords, the sponsored links that appear at the top of a search results page. Dr House also told MPs at the Common’s home affairs select committee that Google had removed 14 million videos from YouTube in 2014 for reasons that include terrorist content, according to the Telegraph. Google reportedly offers AdWords grants to NGOs, so that their ‘counter-narrative’ websites can appear on search results for queries such as ‘join Isis’, reported The Telegraph.”
In the article’s concluding remarks, the author raises several questions regarding censorship, freedom of speech and user control; the saying with great power comes great responsibility comes to mind. Developments related to Google’s counter narratives will be important to follow as the bigger-picture conversation unfolds.
Megan Feil, February 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Recommind Enables Easier Oversight into E-Discovery for Legal Industry
February 19, 2016
A recent article, entitled Recommind Adds Muscle to Cloud e-Discovery from CMS Wire, highlights an upgrade to Recommind’s Axcelerate e-discovery platform. This information intelligence and governance provider for the legal industry has upped their offering by adding a new efficiency scoring feature to enable “extensive visibility into the overall e-discovery review process.” Recommind make the updated based on polling their clients and finding 80 percent do not have oversight in regards to the technological competency of their outside counsel:
“Citing the same survey, he added that 72 percent of respondents pointed to insufficient visibility into the discovery practices of their outside counsel — legal professionals working with them but outside the firm — as a major concern. Axcelerate Cloud also eliminates the cost unpredictability that arises with traditional hosting charges with cloud-based e-discovery tools providers and the infrastructure maintenance required for on-premises solutions.”
When insights from big data is what a company is after, stronger cloud-based functionality is often the first step. Reminds us of enterprise search firm Autonomy which was eventually sold to HP. What will be next for Recommind?
Megan Feil, February 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Was the Silk Road Trial Fair?
February 17, 2016
The Dark Web burst into the general consciousness with underground Web site called the Silk Road was busted. Ross Ulbricht aka the Dread Pirate Roberts ran the crime ridden Web site Silk Road that was a darknet playground for drug pushers, sex traffickers, money launders, hackers, and just about every other relatable crime that wants an untraceable presence. The Naked Security blog by Sophos proposes the question “Ross Ulbricht Appeals Silk Road Conviction-Did He Get A Fair Trial?”
In 2015, Ulbricht was convicted for money laundering, drug and hacking-related charges, and sentenced to two life terms with an additional forty years for running the entire Silk Road network. Ulbricht’s lawyers appealed the case based on the grounds that the law enforcement officials were guilty themselves of stealing bitcoins and extorting from Ulbricht. The evidence proving this was, of course, withheld in the trial and any favorable pro-Ulbricht evidence was suppressed.
“Ulbricht’s family paints a very different picture of him than federal prosecutors. The family has been waging a campaign to “Free Ross Ulbricht” that accuses the government of framing Ulbricht as part of the “failed War on Drugs,” and depicting his case as a milestone in the government’s crackdown on Internet freedom. Ulbricht’s defense attorneys argued at trial, and in his appeal, that Ulbricht had founded the Silk Road using the pseudonym Dread Pirate Roberts, but that he had sold his stake and was framed by subsequent operators.”
Ulbricht’s family says that the two corrupt agents Shaun Bridges and Carl Force had administrative privileges on Silk Road and would have been able to manipulate information in their favor. They claim the information was withheld when Ulbricht’s case went to court and the government kept it under seal to protect its agents.
Ulbricht and his family have many supporters saying that the two consecutive life terms without parole was too harsh of a punishment. They also claim that Ulbricht’s Fourth Amendment rights were breached.
The US government, however, thinks otherwise. They want to make an example of Ross Ulbricht and send a message to cyber criminals that they cannot hide behind the Dark Web’s invisibility cloak. The Dark Web might be a mask criminals wear, but a light can unmask them.
Whitney Grace, February 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Coveo Lauds Itself for Growth, Innovation, and Industry Awards
February 16, 2016
The article on EIN News titled Coveo Achieves Another Record-Breaking Quarter and Calendar Year of Rapid Growth discusses the search companies growth and recognition in a nakedly self-congratulating post. In 2015, Coveo released both Coveo Cloud, a streamlined search-as-a-service, and Coveo Reveal, a self-learning search service aimed at understanding intent to ensure improved accuracy and relevance in search results. The article states,
“The company expanded its SI ecosystem with several leading CRM and Customer Community system integrators, including Appirio, Bluewolf, Cloud Sherpas, Etherios, NTT Data Cloud Services and Vertiba. Exiting 2015, Coveo had in excess of 100 certified SI partners… Coveo for Sitecore was named as a 2015 CUSTOMER Magazine Product of the Year Award winner, marking the fourth consecutive year that Coveo has won this award (In January of 2015 Coveo received its fifth consecutive CUSTOMER Magazine product of the year award…)”
So just how big was that fish Coveo caught? The private company reports a “record breaking quarter” lists any number of current projects and industry recognitions. According to the article, the company now has a total amount of financing of $75 million. 2015 was clearly a very good year, particularly in the financial services market. What company can resist patting itself on the back?
Chelsea Kerwin, February 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Crime Has Its Limits
February 12, 2016
The Dark Web is an intriguing and mysterious phenomenon, but rumors about what can be found there are exaggerated. Infomania examines what is and what is not readily available in that murky realm in, “Murder-for-Hire on the Dark Web? It Can’t Be True!”
Anonymity is the key factor in whether certain types of criminals hang out their shingles on the TOR network. Crimes that can be more easily committed without risking identification include drug trafficking, fraud, and information leaks. On the other hand, contract assassins, torture-as-entertainment, and human trafficking are not actually to be found, despite reports to the contrary. See the article for details on each of these, and more. The article cites independent researcher Chris Monteiro as it summarizes:
The dark web is rife with cyber crime. But it’s more rampant with sensationalized myths about assassination and torture schemes — which, as Chris can attest, simply aren’t true. “What’s interesting is so much of the coverage of these scam sites is taken at face value. Like, ‘There is a website. Therefore its contents must be true.’ Even when mainstream media picks it up, very few pick it up skeptically,” he says.
Take the Assassination Market, for example. When news outlets got wind of its alleged existence in 2013, they ran with the idea of “Murder-for-hire!!” on the Internet underground. Although Chris has finally demonstrated that these sites are not real, their legend lives on in Internet folklore. “Talking about the facts — this is how cybercrime works, this is how Tor and Bitcoin work — is a lot less sexy than saying, ‘If you click on the wrong link, you’ll be kidnapped, and you’ll end up in a room where you’ll be livestreamed, murdered, and you’re all over the internet!’” Chris says. “All I can do is point out what’s proven and what isn’t.”
So, next time someone spins a scary tale about killers-for-hire who are easily found online, you can point them to this article. Yes, drug trafficking, stolen data, and other infractions are big problems associated with the Dark Web, but let us not jump at shadows.
Cynthia Murrell, February 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Size
February 11, 2016
I read “Researchers Index Dark Web, Find Most of It Contains Illegal Material.” The data come from researcher at a UK university. Here’s the Dark Web page count data:
5,205 live websites were indexed; a total of 2,723 pages were classified by content. Pages with fewer than 50 words and those with no content were dropped in the “none” category. According to the analysis, 57% of the sites hosted illicit content like drugs … The Tor project estimates there are about 35,000 total hidden services active, so this is far from a full survey, but enough to be a representative sample.
Interesting, but the headline suggests a far more comprehensive index.
Stephen E Arnold, February 11, 2016
-
- Subscribe to Beyond Search
Feature archive
News archive
-
