Metadata Could Play Integral Role in Data Security
February 2, 2016
A friend recently told me how they can go months avoiding suspicious emails, spyware, and Web sites on her computer, but the moment she hands her laptop over to her father he downloads a virus within an hour. Despite the technology gap existing between generations, the story goes to show how easy it is to deceive and steal information these days. ExpertClick thinks that metadata might hold the future means for cyber security in “What Metadata And Data Analytics Mean For Data Security-And Beyond.”
The article uses biological analogy to explain metadata’s importance: “One of my favorite analogies is that of data as proteins or molecules, coursing through the corporate body and sustaining its interrelated functions. This analogy has a special relevance to the topic of using metadata to detect data leakage and minimize information risk — but more about that in a minute.”
This plays into new companies like, Ayasdi, using data to reveal new correlations using different methods than the standard statistical ones. The article compares this to getting to the data atomic level, where data scientists will be able to separate data into different elements and increase the analysis complexity.
“The truly exciting news is that this concept is ripe for being developed to enable an even deeper type of data analytics. By taking the ‘Shape of Data’ concept and applying to a single character of data, and then capturing that shape as metadata, one could gain the ability to analyze data at an atomic level, revealing a new and unexplored frontier. Doing so could bring advanced predictive analytics to cyber security, data valuation, and counter- and anti-terrorism efforts — but I see this area of data analytics as having enormous implications in other areas as well.”
There are more devices connected to the Internet than ever before and 2016 could be the year we see a significant rise in cyber attacks. New ways to interpret data will leverage predictive and proactive analytics to create new ways to fight security breaches.
Whitney Grace, February 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Big Data Is so Last Year, Data Analysts Inform Us
February 1, 2016
The article on Fortune titled Has Big Data Gone Mainstream? asks whether big data is now an expected part of data analysis. The “merger” as Deloitte advisor Tom Davenport puts it, makes big data an indistinguishable aspect of data crunching. Only a few years ago, it was a scary buzzword that executives scrambled to understand and few experts specialized in. The article shows what has changed lately,
“Now, however, universities offer specialized master’s degrees for advanced data analytics and companies are creating their own in-house programs to train talent in data science. The Deloitte report cites networking giant Cisco CSCO -4.22% as an example of a company that created an internal data science training program that over 200 employees have gone through. Because of media reports, consulting services, and analysts talking up “big data,” people now generally understand what big data means…”
Davenport sums up the trend nicely with the statement that people are tired of reading about big data and ready to “do it.” So what will replace big data as the current mysterious buzzword that irks laypeople and the C-suite simultaneously? The article suggests “cognitive computing” or computer systems using artificial intelligence for speech recognition, object identification, and machine learning. Buzz, buzz!
Chelsea Kerwin, February 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Wants ISIS to Stay Off the Regular Web
January 29, 2016
Propaganda from the Islamic State (Isis) exists not only in the Dark Web, but is also infiltrating the familiar internet. A Wired article discusses the best case scenario to stop such information from spreading in their article Google: ISIS must be ‘contained to the Dark Web’. Google describes ISIS only existing in the Dark Web as success. This information helps explain why,
“As Isis has become more prominent in Syria and Iraq, social media, alongside traditional offline methods, have have been used to spread the group’s messages and recruit members. In 2014 analysis of the group’s online activity showed that they routinely hijack hashtags, use bots, and post gruesome videos to Twitter, Facebook, and YouTube. The UK’s internet counter terrorism unit claims to remove 1,000 illegal pieces of terrorism related content from the internet each week — it says that roughly 800 of these are to do with Syria and Iraq. The group claims in the 12 months before June 2012 that 39,000 internet takedowns were completed.”
The director of Google Ideas is quoted as describing ISIS’ tactics ranging from communication to spamming to typical email scams; he explains they are not “tech-savy.” Unfortunately, tech chops is not a requirement for effective marketing, so the question still remains whether containing this group and their messages to the Dark Web is possible — and whether that means success with growing numbers of people using the Dark Web.
Megan Feil, January 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Anonymity Not Always Secured for Tor and Dark Web Users
January 28, 2016
From the Washington Post comes an article pertinent to investigative security technologies called This is how the government is catching people who use child porn sites. This piece outlines the process used by the FBI to identify a Tor user’s identity, despite the anonymity Tor provides. The article explains how this occurred in one case unmasking the user Pewter,
“In order to uncover Pewter’s true identity and location, the FBI quietly turned to a technique more typically used by hackers. The agency, with a warrant, surreptitiously placed computer code, or malware, on all computers that logged into the Playpen site. When Pewter connected, the malware exploited a flaw in his browser, forcing his computer to reveal its true Internet protocol address. From there, a subpoena to Comcast yielded his real name and address.”
Some are concerned with privacy of the thousands of users whose computers are also hacked in processes such as the one described above. The user who was caught in this case is arguing the government’s use of such tools violated the Fourth Amendment. One federal prosecutor quoted in the article describes the search processes used in this case as a “gray area in the law”. His point, that technology is eclipsing the law, is definitely one that deserves more attention from all angles: the public, governmental agencies, and private companies.
Megan Feil, January 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Trust and Security Lessons Offered by the Dark Web
January 27, 2016
Spreading lessons about trust is not what most people think when they think of the drug dealers, hackers and cyber criminals of the Dark Web, but an article from Medium begs to differ. Let’s hear it for the bad guys: What the Dark Web can teach us about trust focuses on the idea that these “bad guys” are successfully and efficiently making transactions, ultimately based on trust. The article states:
“Crucially, they offer the same kind of reliability of experience rather than ripping people off, thus creating a sustainable business model. Transactions are made using digital currency Bitcoin and are recorded and verified through a distributed public ledger called the block chain. In this way, such sites build trust by offering a straightforward transaction built on transparency, albeit achieved with complete anonymity.”
This trust may be seen as missing from many internet sites where collection of personal data is the price of admission; the Dark Web offers an alternative with the promise of information not being tracked. Ironically, the issue of information being collected, albeit through other means, and sold through channels in the Dark Web means the problem of security is not eradicated.
Megan Feil, January 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Cybercrime as a Service Drives Cyber Attacks on Uber Accounts and More
January 26, 2016
Several articles lately have shined light on the dynamics at play in the cybercriminal marketplaces of the Dark Web; How much is your Uber account worth?, for example, was recently published on Daily Mail. Summarizing a report from security researchers at Trend Micro for CNBC, the article explains this new information extends the research previously done by Intel Security’s The Hidden Data Economy report. Beyond describing the value hierarchy where Uber and Paypal logins cost more than social security numbers and credit cards, this article shares insights on the bigger picture,
“’Like any unregulated, efficient economy, the cybercrime ecosystem has quickly evolved to deliver many tools and services to anyone aspiring to criminal behavior,’ said Raj Samani, chief technology officer for Intel Security EMEA. ‘This “cybercrime-as-a-service” marketplace has been a primary driver for the explosion in the size, frequency, and severity of cyber attacks.
‘The same can be said for the proliferation of business models established to sell stolen data and make cybercrime pay.’”
Moving past the shock value of the going rates, this article draws our attention to the burgeoning business of cybercrime. Similarly to the idea that Google has expanded the online ecosystem by serving as a connector, it appears marketplaces in the Dark Web may be carving out a similar position. Quite the implications when you consider the size of the Dark Web.
Megan Feil, January 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Hackers Opt for Netflix and Uber over Credit Card Theft on Dark Web
January 25, 2016
It is no surprise that credit cards and other account information is sold on the Dark Web but which accounts are most valuable might surprise. Baiting us to click, the article It turns out THIS is more valuable to hackers than your stolen credit card details on the United Kingdom’s Express offers the scoop on the going rate of various logins cybercriminals are currently chasing. Hacked Uber, Paypal and Netflix logins are the most valuable. The article explains,
“Uber rolled-out multi-factor authentication in some markets last year which decreased the value of stolen account details on the Dark Web, the International Business Times reported. According to the Trend Micro study, the price for credit cards is so comparatively low because banks have advanced techniques to detect fraudulent activity.”
The sales of these accounts are under $10 each, and according to the article, they seem to actually be used by the thief. Products and experiences, as consumable commodities, are easier to steal than cash when organizations fail to properly protect against fraudulent activity. The takeaway seems to be obvious.
Megan Feil, January 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Total Patent Counts for 2015 Are in, and IBM Wins (Again)
January 21, 2016
The article on Reuters titled IBM Granted Most U.S. Patents in 2015, Study Finds confirms the 23rd consecutive win in this area for IBM. Patents are a key indicator of the direction and focus of a given business, and top companies take these numbers very seriously. Interestingly, 2015 was the first year since 2007 that the total count of U.S. patents fell. Following that trend, Microsoft Corp’s patents were also 31% lower than past totals, and as a result the company took only tenth place on the list. The article provides some other details on patent rankings,
“Among the technology giants notable for their intellectual property, Alphabet Inc’s (GOOGL.O) Google stepped up its patent activity, moving to the fifth position from eighth in 2014, while Apple Inc (AAPL.O) stayed at the 11th position. Patents are sometimes the subject of legal battles, and investors, analysts and enthusiasts alike track patents closely to see what companies are looking to develop next. Following IBM, Samsung Electronics Co Ltd (005930.KS) and Canon Inc (7751.T) rounded off the top three spots…”
There are no big surprises here, but one aspect of patents that the article does not cover is whether patents count as revenue? We were under the impression that money did that trick, but the emphasis on patents seems to suggest otherwise.
Chelsea Kerwin, January 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Woman Fights Google and Wins
January 21, 2016
Google is one of those big corporations that if you have a problem with it, you might as well let it go. Google is powerful, respected, and has (we suspect) a very good legal department. There are problems with Google, such as the “right to be forgotten” and Australian citizens have a big bone to pick with the search engine. Australian News reports that “SA Court Orders Google Pay Dr. Janice Duffy $115,000 Damages For Defamatory Search Results.”
Duffy filed a lawsuit against Google for displaying her name along with false and defamatory content within its search results. Google claimed no responsibility for the actual content, as it was not the publisher. The Australian Supreme Court felt differently:
“In October, the court rejected Google’s arguments and found it had defamed Dr Duffy due to the way the company’s patented algorithm operated. Justice Malcolm Blue found the search results either published, republished or directed users toward comments harmful to her reputation. On Wednesday, Justice Blue awarded Dr Duffy damages of $100,000 and a $15,000 lump sum to cover interest.”
Duffy was not the only one who was upset with Google. Other Australians filed their own complaints, including Michael Trkulja with a claim search results linked him to crime and Shane Radbone sued to learn the identities of bloggers who wrote negative comments.
It does not seem that Google should be held accountable, but technically they are not responsible for the content. However, Google’s algorithms are wired to bring up the most popular and in-depth results. Should they develop a filter that measures negative and harmful information or is it too subjective?
Whitney Grace, January 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Death of Dark Web Weapons
January 20, 2016
President Obama recently announced some executive orders designed to curb gun violence; one of these moves, according to the U.S. Attorney General, specifically targets weapon purchases through the Dark Web. However, Deep.Dot.Web asks, “Do People Really Buy Weapons from Dark Web Markets?” Not many of them, as it turns out. Reporter Benjamin Vitáris writes:
“Fast Company made an interview with Nicolas Christin, assistant research professor of electrical and computer engineering at Carnegie Mellon University (CMU). The professor is one of the researchers behind a recent deep-dive analysis of sales on 35 marketplaces from 2013 to early 2015. According to him, dark web gun sales are pretty uncommon: ‘Weapons represent a very small portion of the overall trade on anonymous marketplaces. There is some trade, but it is pretty much negligible.’ On the dark net, the most popular niche is drugs, especially, MDMA and marijuana, which takes around 25% of sales on the dark web, according to Christin’s analysis. However, weapons are so uncommon that they were put into the ‘miscellaneous’ category, along with drug paraphernalia, electronics, tobacco, viagra, and steroids. These together takes 3% of sales.”
Vitáris notes several reasons the Dark Web is not exactly a hotbed of gun traffic. For one thing, guns are devilishly difficult to send through the mail. Then there’s the fact that, with current federal and state laws, buying a gun in person is easier than through dark web markets in most parts of the U.S.; all one has to do is go to the closest gun show. So, perhaps, targeting Dark Web weapon sales is not the most efficient thing we could do to keep guns away from criminals.
Cynthia Murrell, January 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
