Royal Mail, Delivering Narcotics Efficiently
January 17, 2017
Unsuspecting Royal Mail postmen are delivering narcotics and drugs ordered over Dark Web to punters and buyers with much efficiency. Taking cognizance of the fact, The Home Office is planning an investment of GBP 1.9 billion over next five years to fight this new face of crime.
The Sun in an article titled Royal Mail Postmen Unknowingly Deliver Drugs Parcels Bought From the Dark Web says:
Royal Mail postmen are unknowingly delivering drug parcels bought from the dark web, it has been revealed. Millions of pounds of drugs are bought online every day via the dark web and shipped to punters anonymously.
The postmen, however, cannot be blamed as they are ill-equipped to find out what’s hidden inside a sealed parcel. Though drug sniffing dogs exist on paper for the Royal Mail, many postmen say they never saw one in their service life. Technology is yet to catch-up with dogs that can sniff out the drugs.
As the postmen are being put at risk delivering these packages, the Home Office in a statement said:
We have committed to spending £1.9bn on cybersecurity over the next five years, including boosting the capabilities of the National Crime Agency’s National Cyber Crime Unit, increasing their ability to investigate the most serious cybercrime.
Law enforcement agencies, including the ones in the US will have to invest in detecting and preventing such crimes. So far the success ratio has been barely encouraging. Till then, unsuspecting people will be used as pawns by cybercriminals, royally!
Vishal Ingole, January 17, 2017
The Government Has a Sock Puppet Theater
January 13, 2017
Law enforcement officials use fake social media accounts and online profiles to engage with criminals. Their goal is to deter crime, possibly even catching criminals in the act for a rock solid case. While this happened way back in 2011, the comments are still coming. In light of the recent presidential election and the violent acts of the past year, it is no wonder the comments are still fresh. Tech Dirt talked about how the, “US Military Kicks Off Plan To Fill Social Networks With Fake Sock Puppet Accounts.”
The goal was for a company to develop a software that would allow one person to create and manage various social media profiles (including more than one profile on the same platform). These accounts will then, and we are speculating on this given how dummy accounts have been used in the past, to catch criminals. The article highlights how the government would use the sock puppet accounts:
Apparently a company called Ntrepid has scored the contract and the US military is getting ready to roll out these “sock puppet” online personas. Of course, it insists that all of this is targeting foreign individuals, not anyone in the US. And they promise it’s not even going to be used on US-based social networks like Facebook or Twitter, but does anyone actually believe that’s true?
Then the comments roll in a conversation that a span of five years the commentators argue about what it means to be American, reaffirming that the US government spies on its citizens, and making fun of sock puppets.
Whitney Grace, January 13, 2017
Dark Web Offers Tools for Vengeance to Disgruntled Workers
January 10, 2017
It seems the dark web is now making it easier for disgruntled employees to take their revenge to the next level, we learn from the KrebsOnSecurity article, “Rise of Darknet Stokes Fear of the Insider.” The article cites Gartner analyst Avivah Litan; she reports a steep increase in calls from clients concerned about vindictive employees, current or former, who might expose sensitive information on the dark web. Not surprisingly, companies with a lot of intellectual property at stake are already working with law-enforcement or private security firms to guard against the threat.
How, exactly, is the dark web making worker retaliation easier than ever before? Writer Brian Krebs explains:
Noam Jolles, a senior intelligence expert at Diskin Advanced Technologies, studies darknet communities. I interviewed her last year in ‘Bidding for Breaches,’ a story about a secretive darknet forum called Enigma where members could be hired to launch targeted phishing attacks at companies. Some Enigma members routinely solicited bids regarding names of people at targeted corporations that could serve as insiders, as well as lists of people who might be susceptible to being recruited or extorted.
Jolles said the proliferation of darkweb communities like Enigma has lowered the barriers to entry for insiders, and provided even the least sophisticated would-be insiders with ample opportunities to betray their employer’s trust.
I’m not sure everyone is aware of how simple and practical this phenomena looks from adversary eyes and how far it is from the notion of an insider as a sophisticated disgruntled employee,’ Jolles said. ‘The damage from the insider is not necessarily due to his position, but rather to the sophistication of the threat actors that put their hands on him.
According to research by Verizon, few vengeful employees turn out to have been in management positions. Most are workers lower on the totem pole who had to be given access to sensitive information to perform their jobs. The Verizon report cheerfully advises, “At the end of the day, keep up a healthy level of suspicion toward all employees.” What fun.
See the article for more about this threat, and how organizations might go about protecting themselves.
Cynthia Murrell, January 10, 2017
-
- Subscribe to Beyond Search
Feature archive
News archive
-
