CyberOSINT banner

Businesses as Beneficiaries of the Dark Web

April 28, 2016

Who makes money off the Dark Web? Vice’s Motherboard covers this in a recent article, The Booming and Opaque Business of Dark Web Monitoring. Much coverage exists on the cybercriminals using Tor, but this article describes the two types of threat intelligence monitoring businesses which specialize in crawling the Dark Web. The first approach is algorithm-based, such as the method used by Terbium Labs’ Matchlight product which scans and scours marketplaces for sensitive data or intellectual property. The alternative approach used by some companies is explained,

“The other tactic is a more human approach, with analysts going undercover in hacking forums or other haunts, keeping tabs on what malware is being chatted about, or which new data dump is being traded. This information is then provided to government and private clients when it affects them, with each monitoring company digesting it in their own particular way. But, there is a lot of misleading or outright fabricated information in the dark web. Often, particular listings or entire sites are scams, and forum chatter can be populated with people just trying to rip each other off. For that reason, it’s not really good enough to just report everything and anything you see to a customer.”

Recent media coverage mostly zeroes in on cybercrime related to the Dark Web, so this article is a refreshing change of pace as it covers the businesses capitalizing on the existence of this new platform where stolen data and security breaches can find a home. Additionally, an important question about this business sector is raised: how do these Dark Web monitoring companies valuable leads from scams aimed at deceiving?

 

Megan Feil, April 28, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Developing Nations Eager to Practice Cyber Surveillance

April 28, 2016

Is it any surprise that emerging nations want in on the ability to spy on their citizens? That’s what all the cool governments are doing, after all. Indian Strategic Studies reports, “Even Developing Nations Want Cyber Spying Capabilities.” Writer Emilio Iasiello sets the stage—he contrasts efforts by developed nations to establish restrictions versus developing countries’ increased interest in cyber espionage tools.

On one hand, we could take heart from statements like this letter and this summary from the UN, and the “cyber sanctions” authority the U.S. Department of Treasury can now wield against foreign cyber attackers. At the same time, we may uneasily observe the growing popularity of FinFisher, a site which sells spyware to governments and law enforcement agencies. A data breach against FinFisher’s parent company, Gamma International, revealed the site’s customer list. Notable client governments include Bangladesh, Kenya, Macedonia, and Paraguay. Iasiello writes:

“While these states may not use these capabilities in order to conduct cyber espionage, some of the governments exposed in the data breach are those that Reporters without Borders have identified as ‘Enemies of the Internet’ for their penchant for censorship, information control, surveillance, and enforcing draconian legislation to curb free speech. National security is the reason many of these governments provide in ratcheting up authoritarian practices, particularly against online activities. Indeed, even France, which is typically associated with liberalism, has implemented strict laws fringing on human rights. In December 2013, the Military Programming Law empowered authorities to surveil phone and Internet communications without having to obtain legal permission. After the recent terrorist attacks in Paris, French law enforcement wants to add addendums to a proposed law that blocks the use of the TOR anonymity network, as well as forbids the provision of free Wi-Fi during states of emergency. To put it in context, China, one of the more aggressive state actors monitoring Internet activity, blocks TOR as well for its own security interests.”

The article compares governments’ cyber spying and other bad online behavior to Pandora’s box. Are resolutions against such practices too little too late?

 

Cynthia Murrell, April 28, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Bold Hackers

April 27, 2016

It looks like some hackers are no longer afraid of the proverbial light, we learn from “Sony Hackers Still Active, ‘Darkhotel’ Checks Out of Hotel Hacking” at InformationWeek. Writer Kelly Jackson Higgins cites Kaspersky security researcher Juan Andres Guerrero-Saade, who observes that those behind the 2014 Sony hack, thought to be based in North Korea, did not vanish from the scene after that infamous attack. Higgins continues:

“There has been a noticeable shift in how some advanced threat groups such as this respond after being publicly outed by security researchers. Historically, cyber espionage gangs would go dark. ‘They would immediately shut down their infrastructure when they were reported on,’ said Kurt Baumgartner, principal security researcher with Kaspersky Lab. ‘You just didn’t see the return of an actor sometimes for years at a time.’

“But Baumgartner says he’s seen a dramatic shift in the past few years in how these groups react to publicity. Take Darkhotel, the Korean-speaking attack group known for hacking into WiFi networks at luxury hotels in order to target corporate and government executives. Darkhotel is no longer waging hotel-targeted attacks — but they aren’t hiding out, either.

“In July, Darkhotel was spotted employing a zero-day Adobe Flash exploit pilfered from the HackingTeam breach. ‘Within 48 hours, they took the Flash exploit down … They left a loosely configured server’ exposed, however, he told Dark Reading. ‘That’s unusual for an APT [advanced persistent threat] group.’”

Seeming to care little about public exposure, Darkhotel has moved on to other projects, like reportedly using Webmail to attack targets in Southeast Asia.

On the other hand, one group which experts had expected to see more of has remained dark for some time. We learn:

“Kaspersky Lab still hasn’t seen any sign of the so-called Equation Group, the nation-state threat actor operation that the security firm exposed early last year and that fell off its radar screen in January of 2014. The Equation Group, which has ties to Stuxnet and Flame as well as clues that point to a US connection, was found with advanced tools and techniques including the ability to hack air gapped computers, and to reprogram victims’ hard drives so its malware can’t be detected nor erased. While Kaspersky Lab stopped short of attributing the group to the National Security Agency (NSA), security experts say all signs indicate that the Equation Group equals the NSA.”

The Kaspersky team doesn’t think for a minute that this group has stopped operating, but believe they’ve changed up their communications. Whether a group continues to lurk in the shadows or walks boldly in the open may be cultural, they say; those in the Far East seem to care less about leaving tracks. Interesting.

 

Cynthia Murrell, April 27, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Duck Duck Go as a Privacy Conscious Google Alternative

April 26, 2016

Those frustrated with Google may have an alternative. Going over to the duck side: A week with Duck Duck Go from Search Engine Watch shares a thorough first-hand account of using Duck Duck Go for a week. User privacy protection seems to be the hallmark of the search service and there is even an option to enable Tor in its mobile app. Features are comparable, such as one designed to compete with Google’s Knowledge Graph called Instant Answers. As an open source product, Instant Answers is built up by community contributions. As far as seamless, intuitive search, the post concludes,

“The question is, am I indignant enough about Google’s knowledge of my browsing habits (and everyone else’s that feed its all-knowing algorithms) to trade the convenience of instantly finding what I’m after for that extra measure of privacy online? My assessment of DuckDuckGo after spending a week in the pond is that it’s a search engine for the long term. To get the most out of using it, you have to make a conscious change in your online habits, rather than just expecting to switch one search engine for another and get the same results.”

Will a majority of users replace “Googling” with “Ducking” anytime soon? Time will tell, and it will be an interesting saga to see unfold. I suppose we could track the evolution on Knowledge Graph and Instant Answers to see the competing narratives unfold.

 

Megan Feil, April 26, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Watson Lacks Conversation Skills and He Is Not Evil

April 22, 2016

When I was in New York last year, I was walking on the west side when I noticed several other pedestrians moving out of the way of a man mumbling to himself.  Doing as the natives do, I moved aside and heard the man rumble about how, “The robots are taking over and soon they will be ruling us.  You all are idiots for not listening to me.”  Fear of a robot apocalypse has been constant since computer technology gained precedence and we also can thank science-fiction for perpetuating it.  Tech Insider says in “Watson Can’t Actually Talk To You Like In The Commercials” Elon Musk, Bill Gates, Stephen Hawking, and other tech leaders have voiced their concerns about creating artificial intelligence that is so advanced it can turn evil.

IBM wants people to believe otherwise, which explains their recent PR campaign with commercials that depict Watson carrying on conversations with people.  The idea is that people will think AI are friendly, here to augment our jobs, and overall help us.  There is some deception on IBM’s part, however.  Watson cannot actually carry on a conversation with a person.  People can communicate with, usually via an UI like a program via a desktop or tablet.  Also there is more than one Watson, each is programmed for different functions like diagnosing diseases or cooking.

“So remember next time you see Watson carrying on a conversation on TV that it’s not as human-like as it seems…Humor is a great way to connect with a much broader audience and engage on a personal level to demystify the technology,’ Ann Rubin, Vice President IBM Content and Global Creative, wrote in an email about the commercials. ‘The reality is that these technologies are being used in our daily lives to help people.’”

If artificial intelligence does become advanced enough that it is capable of thought and reason comparable to a human, it is worrisome.  It might require that certain laws be put into place to maintain control over the artificial “life.”  That day is a long time off, however, until then embrace robots helping to improve life.

 

Whitney Grace, April 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Digging for a Direction of Alphabet Google

April 21, 2016

Is Google trying to emulate BAE System‘s NetReveal, IBM i2, and systems from Palantir? Looking back at an older article from Search Engine Watch, How the Semantic Web Changes Everything for Search may provide insight. Then, Knowledge Graph had launched, and along with it came a wave of communications generating buzz about a new era of search moving from string-based queries to a semantic approach, organizing by “things”. The write-up explains,

“The cornerstone of any march to a semantic future is the organization of data and in recent years Google has worked hard in the acquisition space to help ensure that they have both the structure and the data in place to begin creating “entities”. In buying Wavii, a natural language processing business, and Waze, a business with reams of data on local traffic and by plugging into the CIA World Factbook, Freebase and Wikipedia and other information sources, Google has begun delivering in-search info on people, places and things.”

This article mentioned Knowledge Graph’s implication for Google to deliver strengthened and more relevant advertising with this semantic approach. Even today, we see the Alphabet Google thing continuing to shift from search to other interesting information access functions in order to sell ads.

 

Megan Feil, April 21, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Software That Contains Human Reasoning

April 20, 2016

Computer software has progressed further and keeps advancing faster than we can purchase the latest product.  Software is now capable of holding simple conversations, accurately translating languages, GPS, self-driving cars, etc.  The one thing that that computer developers cannot program is human thought and reason.  The New York Times wrote “Taking Baby Steps Toward Software That Reasons Like Humans” about the goal just out of reach.

The article focuses on Richard Socher and his company MetaMind, a deep learning startup working on pattern recognition software.  He along with other companies focused on artificial intelligence are slowly inching their way towards replicating human thought on computers.  The progress is slow, but steady according to a MetaMind paper about how machines are now capable of answering questions of both digital images and textual documents.

“While even machine vision is not yet a solved problem, steady, if incremental, progress continues to be made by start-ups like Mr. Socher’s; giant technology companies such as Facebook, Microsoft and Google; and dozens of research groups.  In their recent paper, the MetaMind researchers argue that the company’s approach, known as a dynamic memory network, holds out the possibility of simultaneously processing inputs including sound, sight and text.”

The software that allows computers to answer questions about digital images and text is sophisticated, but the data to come close to human capabilities is not only limited, but also nonexistent.  We are coming closer to understanding the human brain’s complexities, but artificial intelligence is not near Asimov levels yet.

 

 

Whitney Grace, April 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Data on Dark Web Not Excused from Fact or Fiction Debate

April 19, 2016

Remember when user information was leaked from the extramarital affairs website AshleyMadison? While the leak caused many controversies, the release of this information specifically on the Dark Web gives reason to revisit an article from Mashable, Another blow for Ashley Madison: User emails leaked on Dark Web as a refresher on the role Tor played. A 10-gigabyte file was posted as a Torrent on the Dark Web which included emails and credit card information among other user data. The article concluded,

“With the data now out there, Internet users are downloading and sifting through it for anything – or, rather, anyone – of note. Lists of email addresses of AshleyMadison users are being circulated on social media. Several appear to be connected to members of the UK government but are likely fake. As Wired notes, the site doesn’t require email verification, meaning the emails could be fake or even hijacked.”

The future of data breaches and leaks may be unclear, but the falsification of information — leaked or otherwise — always remains a possibility. Regardless of the element of scandal existing in future leaks, it is important to note that hackers and other groups are likely not above manipulation of information.

 

Megan Feil, April 19, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Mindbreeze Breaks into Slovak Big Data Market Through Partnership with Medialife

April 18, 2016

The article titled Mindbreeze and MEDIALIFE Launch Strategic Partnership on BusinessWire discusses what the merger means for the Slovak and Czech Republic enterprise search market. MediaLife emphasizes its concentrated approach to document management systems for Slovak customers in need of large systems for the management, processing, and storage of documents. The article details,

“Based on this partnership, we provide our customers innovative solutions for fast access to corporate data, filtering of relevant information, data extraction and their use in automated sorting (classification)… Powerful enterprise search systems for businesses must recognize relationships among different types of information and be able to link them accordingly. Mindbreeze InSpire Appliance is easy to use, has a high scalability and shows the user only the information which he or she is authorized to view.”

Daniel Fallmann, founder and CEO of Mindbreeze, complimented himself on his selection of a partner in MediaLife and licked his chops at the prospect of the new Eastern European client base opened to Mindbreeze through the partnership. Other Mindbreeze partners exist in Italy, the UK, Germany, Mexico, Canada, and the USA, as the company advances its mission to supply enterprise search appliances as well as big data and knowledge management technologies.

 

Chelsea Kerwin, April 18, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Microsoft Azure Plans Offers Goldilocks and Three Bears Strategy to Find Perfect Fit

April 15, 2016

The article on eWeek titled Microsoft Debuts Azure Basic Search Tier relates the perks of the new plan from Microsoft, namely, that it is cheaper than the others. At $75 per month (and currently half of for the preview period, so get it while it’s hot!) the Basic Azure plan has lower capacity when it comes to indexing, but that is the intention. The completely Free plan enables indexing of 10,000 documents and allows for 50 megabytes of storage, while the new Basic plan goes up to a million documents. The more expensive Standard plan costs $250/month and provides for up to 180 million documents and 300 gigabytes of storage. The article explains,

“The new Basic tier is Microsoft’s response to customer demand for a more modest alternative to the Standard plans, said Liam Cavanagh, principal program manager of Microsoft Azure Search, in a March 2 announcement. “Basic is great for cases where you need the production-class characteristics of Standard but have lower capacity requirements,” he stated. Those production-class capabilities include dedicated partitions and service workloads (replicas), along with resource isolation and service-level agreement (SLA) guarantees, which are not offered in the Free tier.”

So just how efficient is Azure? Cavanagh stated that his team measured the indexing performance at 15,000 documents per minute (although he also stressed that this was with batches organized into groups of 1,000 documents.) With this new plan, Microsoft continues its cloud’s search capabilities.

 

 

Chelsea Kerwin, April 15,  2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Next Page »