CyberOSINT banner

Erdogan Government Cracks down on Turkish Media

May 26, 2016

The Turkish government has been forcibly seizing and intimidating the nation’s media, we learn from “Erdogan’s Latest Media Takeover is About More than Just One Newspaper” at Mashable. Is this the future of publishing?

Turkish police fought protesters and manhandled journalists as the government wrested control of Zaman, Turkey’s most popular newspaper and, as journalist Suna Vidinli puts it, the country’s “last remaining effective voice of criticism in the press.” She continues:

“President Erdogan had long planned to take over Zaman as the paper was affiliated with Gulen Group, his main remaining adversary in his quest for absolute power. Earlier in the week, the Turkish Supreme Court — in a surprising and rare move — had released two top editors of Cumhuriyet, Can Dundar and Erdem Gul, from prison. They were imprisoned for writing about the illegal trafficking of weapons to radicals in Syria.

“Erdogan saw their release as a direct move against his authority and wowed to show who was boss. He signaled that the two journalists would be put back in prison soon and declared ‘things can get shaky in the following days.’ Hence, the takeover of Zaman was carefully planned as the most brutal confiscation of media to date in Turkish history.

“The confiscation of Zaman media group highlights some critical developments in Turkey. The government immediately took the media group offline, and a special tech team was brought in to completely wipe out the news archive and web content of the newspaper.”

The Chihan News Agency was also included in the seizure, a group we learn was the only non-governmental organization to monitor Turkish exit polls to ensure fair elections. The article notes that the remaining independent media in Turkey seem to have been effectively cowed, since none of them reported on the violent takeover. Governments, media groups, and human rights organizations around the world condemned the seizure; the U.S. State Department called Turkey’s pattern of media suppression “troubling.” We couldn’t agree more.

 

Cynthia Murrell, May 26, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

A Snapshot of American Innovation Today

May 23, 2016

Who exactly are today’s innovators? The Information Technology & Innovation Foundation (ITIF) performed a survey to find out, and shares a summary of their results in, “The Demographics of Innovation in the United States.” The write-up sets the context before getting into the findings:

“Behind every technological innovation is an individual or a team of individuals responsible for the hard scientific or engineering work. And behind each of them is an education and a set of experiences that impart the requisite knowledge, expertise, and opportunity. These scientists and engineers drive technological progress by creating innovative new products and services that raise incomes and improve quality of life for everyone….

“This study surveys people who are responsible for some of the most important innovations in America. These include people who have won national awards for their inventions, people who have filed for international, triadic patents for their innovative ideas in three technology areas (information technology, life sciences, and materials sciences), and innovators who have filed triadic patents for large advanced-technology companies. In total, 6,418 innovators were contacted for this report, and 923 provided viable responses. This diverse, yet focused sampling approach enables a broad, yet nuanced examination of individuals driving innovation in the United States.”

See the summary for results, including a helpful graphic. Here are some highlights: Unsurprisingly to anyone who has been paying attention, women and U.S.-born minorities are woefully underrepresented. Many of those surveyed are immigrants. The majority of survey-takers have at least one advanced degree (many from MIT), and nearly all majored in STEM subject as undergrads. Large companies contribute more than small businesses do while innovations are clustered in California, the Northeast, and close to sources of public research funding. And take heart, anyone over 30, for despite the popular image of 20-somethings reinventing the world, the median age of those surveyed is 47.

The piece concludes with some recommendations: We should encourage both women and minorities to study STEM subjects from elementary school on, especially in disadvantaged neighborhoods. We should also lend more support to talented immigrants who wish to stay in the U.S. after they attend college here. The researchers conclude that, with targeted action from the government on education, funding, technology transfer, and immigration policy, our nation can tap into a much wider pool of innovation.

 

 

Cynthia Murrell, May 23, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

The Trials, Tribulations, and Party Anecdotes Of “Edge Case” Names

May 16, 2016

The article titled These Unlucky People Have Names That Break Computers on BBC Future delves into the strange world of “edge cases” or people with unexpected or problematic names that reveal glitches in the most commonplace systems that those of us named “Smith” or “Jones” take for granted. Consider Jennifer Null, the Virginia woman who can’t book a plane ticket or complete her taxes without extensive phone calls and headaches. The article says,

“But to any programmer, it’s painfully easy to see why “Null” could cause problems for a database. This is because the word “null” is often inserted into database fields to indicate that there is no data there. Now and again, system administrators have to try and fix the problem for people who are actually named “Null” – but the issue is rare and sometimes surprisingly difficult to solve.”

It may be tricky to find people with names like Null. Because of the nature of the controls related to names, issues generally arise for people like Null on systems where it actually does matter, like government forms. This is not an issue unique to the US, either. One Patrick McKenzie, an American programmer living in Japan, has run into regular difficulties because of the length of his last name. But that is nothing compared to Janice Keihanaikukauakahihulihe’ekahaunaele, a Hawaiian woman who championed for more flexibility in name length restrictions for state ID cards.

 

Chelsea Kerwin, May 16, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Be the CIA Librarian

May 3, 2016

Research is a vital tool for the US government, especially the Central Intelligence Agency which is why they employee librarians.  The Central Intelligence Agency is one of the main forces of the US Intelligence Community, focused on gathering information for the President and the Cabinet.  The CIA is also the topic of much fictionalized speculation in stories, mostly spy and law enforcement dramas.  Having played an important part in the United States history, could you imagine the files in its archives?

If you have a penchant for information, the US government, and a library degree then maybe you should apply to the CIA’s current job opening: as a CIA librarian.  CNN Money explains one of the perks of the job is its salary: “The CIA Is Hiring…A $100,000 Librarian.”  Beyond the great salary, which CNN is quick to point out is more than the typical family income.  Librarians server as more than people who recommend decent books to read, they serve as an entry point for research and bridge the gap between understanding knowledge and applying it in the actual field.

“In addition to the cachet of working at the CIA, ‘librarians also have opportunities to serve as embedded, or forward deployed, information experts in CIA offices and select Intelligence Community agencies.’  Translation: There may be some James Bond-like opportunities if you want them.”

Most of this librarian’s job duties will probably be assisting agents with tracking down information related to intelligence missions and interpreting it.  It is just a guess, however.  Who knows, maybe the standard CIA agent touts a gun to the stacks?

 

Whitney Grace, May 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Local News Station Produces Dark Web Story

April 22, 2016

The Dark Web continues to emerge as a subject of media interest for growing audiences. An article, Dark Web Makes Illegal Drug, Gun Purchases Hard To Trace from Chicago CBS also appears to have been shared as a news segment recently. Offering some light education on the topic, the story explains the anonymity possible for criminal activity using the Dark Web and Bitcoin. The post describes how these tools are typically used,

“Within seconds of exploring the deep web we found over 15,000 sales for drugs including heroin, cocaine and marijuana. In addition to the drugs we found fake Illinois drivers licenses, credit card and bank information and dangerous weapons. “We have what looks to be an assault rifle, AK 47,” said Petefish. That assault rifle AK 47 was selling for 10 bitcoin which would be about $4,000. You can buy bitcoins at bitcoin ATM machines using cash, leaving very little trace of your identity. Bitcoin currency along with the anonymity and encryption used on the dark web makes it harder for authorities to catch criminals, but not impossible.”

As expected, this piece touches on the infamous Silk Road case along with some nearby cases involving local police. While the Dark Web and cybercrime has been on our radar for quite some time, it appears mainstream media interest around the topic is slowly growing. Perhaps those with risk to be affected, such as businesses, government and law enforcement agencies will also continue catching on to the issues surrounding the Dark Web.

 

Megan Feil, April 22, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Battlefield Moves Online Forming Cyber Industrial Complex

April 13, 2016

Undoubtedly, in recent decades many processes and products have moved online. Warfare may not be exempt from this migration. Meet The Cyber-Industrial Complex: Private Contractors May Get $7B Windfall From Pentagon’s Cyberwar On ISIS, an article from International Business Times, tells us more. Defense Secretary Ashton Carter recently confirmed U.S. development of digital weapons and training of online soldiers. According to the article,

“Cyberwar threatens to cause havoc worldwide, but it could be good for the U.S. economy and a handful of publicly listed companies. Defense Secretary Ashton Carter, as part of a $582.7 billion budget request to fund his department through 2017, recently said nearly $7 billion of that will be allocated toward improving the military’s ability to develop and deploy offensive cyberweapons. That’s great news for a number of private contractors, who stand to benefit from the spending., and the highly skilled individuals they may end up hiring.”

The article explains these capabilities have been utilized by the U.S. in the past, such as the Kosovo war, but now the U.S. is claiming these tools and tactics. It is an interesting leap to visualize what attacks will evolve to look like on an online battlefield. Equally interesting is the article’s point about conflict being a business opportunity for some; it may also be true to say more problems, more money.

 

Megan Feil, April 13, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

ID Agent Alerts Government Contractors to Cyber Risk

April 12, 2016

All kinds of information shows up on the Dark Web, including thousands of emails of federal contractors. A recent article from Fierce Government IT, Report: Thousands of contractor emails found on Dark Web, shares several findings from a study conducted by ID Agent, a firm promoting its Dark Web security intelligence product. The study, “Federal Supply Chain Analysis: Cyber Threats from the Dark Web” relied on historical data loss information regarding numbers of email accounts stolen to analyze contracting areas based on their cyber risk.

The write-up expands on where ID Agent sees opportunity,

“Having cyber criminals with access to these accounts is scary enough, but malicious actors operating on the Dark Web have also taken many more forms in recent years. “While stolen personal information is concerning, national and corporate espionage continues to play a major role in the activities conducted via the Dark Web,” the report noted. ID Agent is by no means a disinterested party in disclosing the risk of these email accounts, as it hopes to market its Dark Web ID product that regularly provides this sort of threat intelligence to customers. Still, the study’s findings are a wake-up call to government contractors and the agencies employing them.”

ID Agent uses a proprietary algorithm for situating the risk of various companies and organizations. While this is a new market space, they are certainly not the only game in town when it comes to security and intelligence solutions which take the Dark Web into account. This appears to be an expanding ecosystem.

 

Megan Feil, April 12, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

FBI Runs Child Porn Website to Take down Child Porn Website

April 12, 2016

The article on MotherBoard titled How The FBI Located Suspected Administrator of the Dark Web’s Largest Child Porn Site provides a comprehensive overview of the events that led to the FBI being accused of “outrageous conduct” for operating a child pornography site for just under two weeks in February of 2015 in order to take down Playpen, a dark web child porn service. The article states,

“In order to locate these users in the real world, the agency took control of Playpen and operated it from February 20 to March 4 in 2015, deploying a hacking tool to identify visitorsof the site. The FBI hacked computers in the US, Greece, Chile, and likely elsewhere.

But, in identifying at least two high ranking members of Playpen, and possibly one other, the FBI relied on information provided by a foreign law enforcement agency (FLA), according to court documents.”

Since the dial-up era, child pornographers have made use of the Internet. The story of comedian Barry Crimmins exposing numerous child pornographers who were using AOL’s early chat rooms to share their pictures is a revealing look at that company’s eagerness to turn a blind eye. In spite of this capitulation, the dark web is the current haven for such activities, and the February 2015 hacking project was the largest one yet.

 

 

 

Chelsea Kerwin, April 12, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
==

UK Cybersecurity Director Outlines Agencys Failures in Ongoing Cyberwar

April 8, 2016

The article titled GCHQ: Spy Chief Admits UK Agency Losing Cyberwar Despite £860M Funding Boost on International Business Times examines the surprisingly frank confession made by Alex Dewdney, a director at the Government Communications Headquarters (GCHQ). He stated that in spite of the £860M funneled into cybersecurity over the past five years, the UK is unequivocally losing the fight. The article details,

“To fight the growing threat from cybercriminals chancellor George Osborne recently confirmed that, in the next funding round, spending will rocket to more than £3.2bn. To highlight the scale of the problem now faced by GCHQ, Osborne claimed the agency was now actively monitoring “cyber threats from high-end adversaries” against 450 companies across the UK aerospace, defence, energy, water, finance, transport and telecoms sectors.”

The article makes it clear that search and other tools are not getting the job done. But a major part of the problem is resource allocation and petty bureaucratic behavior. The money being poured into cybersecurity is not going towards updating the “legacy” computer systems still in place within GCHQ, although those outdated systems represent major vulnerabilities. Dewdney argues that without basic steps like migrating to an improved, current software, the agency has no hope of successfully mitigating the security risks.

 

Chelsea Kerwin, April 8, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Glueware: A Sticky and Expensive Mess

April 5, 2016

I have been gathering open source information about DCGS, a US government information access and analysis system. I learned that the DCGS project is running a bit behind its original schedule formulated about 13 years ago. I also learned that the project is little over budget.

I noted “NASA Launch System Software Upgrade Now 77% overt Budget.” What interested me was the reference to “glueware.” The idea appears to be that it is better, faster, and maybe cheaper to use many different products. The “glueware” idea allows these technologies to be stuck or glued together. This is an interesting idea.

According to the write up:

To develop its new launch software, NASA has essentially kluged together a bunch of different software packages, Martin noted in his report. “The root of these issues largely results from NASA’s implementation of its June 2006 decision to integrate multiple products or, in some cases, parts of products rather than developing software in-house or buying an off-the-shelf product,” the report states. “Writing computer code to ‘glue’ together disparate products has turned out to be more complex and expensive than anticipated. As of January 2016, Agency personnel had developed 2.5 million lines of ‘glue-ware,’ with almost two more years of development activity planned.”

The arguments for the approach boil down to the US government’s belief that many flowers blooming in one greenhouse is better than buying flowers from a farm in Encinitas.

The parallels with DCGS and its well known government contractors and Palantir with its home brew Gotham system are interesting to me. What happens if NASA embraces a commercial provider? Good news for that commercial provider and maybe some push back from the firms chopped out of the pork loin. What happens if Palantir gets rebuffed? Unicorn burgers, anyone?

Stephen E Arnold, April 5, 2016

Next Page »