Ransomware as a Service Deals in Bitcoins of Course
June 14, 2016
Countless “as-a-service” models exist online. A piece from SCMagazine, Dark web forums found offering Cerber ‘ransomware as a service’, reveals more information about one such service called ransomware-as-a-service (RaaS), which we’ve heard about now for quite some time. Ransomware injects a virus onto a machine that encrypts the user’s files where they remain inaccessible until the victim pays for a key. Apparently, an Eastern European ransomware, Cerber, has been offering RaaS on Russian Dark Web forums. According to a cyber intelligence firm Sensecy, this ransomware was setup to include “blacklisted” countries so the malware does not execute on computers in certain locations. The article shares,
“Malwarebytes Labs senior security researcher Jerome Segura said the blacklisted geographies – most of which are Eastern European countries – provide “an indication of where the malware originated.” However, he said Malwarebytes Labs has not seen an indication that the ransomware is connected to the famed APT28 group, which is widely believed to be tied to the Russian government. The recent attacks demonstrate a proliferation of ransomware attacks targeting institutions in the U.S. and Western nations, as recent reports have warned. Last week, the Institute for Critical Infrastructure Technology (ICIT) released a study that predicted previously exploited vulnerabilities will soon be utilized to extract ransom.”
Another interesting bit of information to note from this piece is the going ransom is one bitcoin. Segura mentions the value ransomers ask for may be changing as he has seen some cases where the ransomer works to identify whether the user may be able to pay more. Regardless of the location of a RaaS provider, these technological feats are nothing new. The interesting piece is the supposedly untraceable ransom medium supplanting cash.
Megan Feil, June 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
SLI Systems Hopeful as Losses Narrow and Revenue Grows
June 14, 2016
The article titled SLI Systems Narrows First-Half Loss on Scoop reports revenue growth and plans to mitigate losses. SLI Systems is a New Zealand-based software as a service (SaaS) business that provides cloud-based search resources to online retailers. Founded in 2001, SLI Systems has already weathered a great deal of storms in the form of the dot-com crash that threatened to stall the core technology (developed at GlobalBrain.) According to a statement from the company, last year’s loss of $502K was an improvement from the loss of $4.1M in 2014. The article states,
“SLI shares have dropped 18 percent in the past 12 months, to trade recently at 76 cents, about half the level of the 2013 initial public offering price of $1.50. The software developer missed its sales forecast for the second half of the 2015 year but is optimistic new chief executive Chris Brennan and Martin Onofrio as chief revenue officer, both Silicon Valley veterans, can drive growth in revenue and earnings.”
The SLI of SLI stands for Search, Learn and (appropriately) Improve. The company hopes to achieve sustainable growth without raising additional capital by continuing to focus on innovation and customer retention rates, which slipped from 90% to 87% recently. Major clients include Lenovo, David Jones, Harvey Norman, and Paul Smith.
Chelsea Kerwin, June 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Unknown Future of Google Cloud Platform
June 10, 2016
While many may have the perception Google dominates in many business sectors, a recent graph published shows a different story when it comes to cloud computing. Datamation released a story, Why Google Will Dominate Cloud Computing, which shows Google’s position in fourth. Amazon, Microsoft and IBM are above the search giant in cloud infrastructure services when looking at the fourth quarter market share and revenue growth for 2015. The article explains why Google appears to be struggling,
“Yet as impressive as its tech prowess is, GCP’s ability to cater to the prosaic needs of enterprise cloud customers has been limited, even fumbling. Google has always focused more on selling its own services rather than hosting legacy applications, but these legacy apps are the engine that drives business. Remarkably, GCP customers don’t get support for Oracle software, as they do on Amazon Web Services. Alas, catering to the needs of enterprise clients isn’t about deep genius – it’s about working with others. GCP has been like the high school student with straight A’s and perfect SAT scores that somehow doesn’t have too many friends.”
Despite the current situation, the article hypothesizes Google Cloud Platform may have an edge in the long-term. This is quite a bold prediction. We wonder if Datamation may approach the goog to sell some ads. Probably not, as real journalists do not seek money, right?
Megan Feil, June 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
More Data to Fuel Debate About Malice on Tor
June 9, 2016
The debate about malicious content on Tor continues. Ars Technica published an article continuing the conversation about Tor and the claims made by a web security company that says 94 percent of the requests coming through the network are at least loosely malicious. The article CloudFlare: 94 percent of the Tor traffic we see is “per se malicious” reveals how CloudFlare is currently handling Tor traffic. The article states,
“Starting last month, CloudFlare began treating Tor users as their own “country” and now gives its customers four options of how to handle traffic coming from Tor. They can whitelist them, test Tor users using CAPTCHA or a JavaScript challenge, or blacklist Tor traffic. The blacklist option is only available for enterprise customers. As more websites react to the massive amount of harmful Web traffic coming through Tor, the challenge of balancing security with the needs of legitimate anonymous users will grow. The same network being used so effectively by those seeking to avoid censorship or repression has become a favorite of fraudsters and spammers.”
Even though the jury may still be out in regards to the statistics reported about the volume of malicious traffic, several companies appear to want action sooner rather than later. Amazon Web Services, Best Buy and Macy’s are among several sites blocking a majority of Tor exit nodes. While a lot seems unclear, we can’t expect organizations to delay action.
Megan Feil, June 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Palantir Technology Takes on Rogue Traders
June 9, 2016
Rogue trading has always been a problem for the stock market, but the more technology advances the easier it becomes for rogue traders to take advantage. The good news is that security and compliance officers can use the same tools that rogue traders use in their schemes to stop them. CNBC showed the story; “Tech Takes On Rogue Traders” that explains how technology is being used to stop the bad guys. The report is described as:
“Colleen Graham, Chief Supervisory Officer at Signac, discusses Palantir and Credit Suisse’s joint technology initiative to crack down on rogue traders.”
Palantir Technology is being used along with Credit Suisse to monitor trader behavior data trade data, risk data, and market data to monitor how a trader changes over time. They compare individual trader to others invested in similar stocks. Using a combination of all these data fields, unusual behavior is monitored to prevent rogue trading.
The biggest loss on Wall Street is rogue trading. The data Signac gathers helps figure out how rogue trading happens and what causes it. By using analytical software, compliance officers are able to learn from past crimes and teach the software to recognize similar patterns. In turn, this allows them to prevent future crimes. While some false positives are generated, all of the captured data is public. Supervisors and other people actually are supposed to read this data; Signac just does so at a more in-depth level.
Catching rogue traders helps keep Wall Street running smoother and even puts the stockbrokers and other financial force back to work.
Palantir scored a new deal from this venture. The same technology used to monitor the Dark Web is used to capture rogue traders.
Whitney Grace, June 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Enterprise Search Vendor Sinequa Partners with MapR
June 8, 2016
In the world of enterprise search and analytics, everyone wants in on the clients who have flocked to Hadoop for data storage. Virtual Strategy shared an article announcing Sinequa Collaborates With MapR to Power Real-Time Big Data Search and Analytics on Hadoop. A firm specializing in big data, Sinequa, has become certified with the MapR Converged Data Platform. The interoperation of Sinequa’s solutions with MapR will enable actionable information to be gleaned from data stored in Hadoop. We learned,
“By leveraging advanced natural language processing along with universal structured and unstructured data indexing, Sinequa’s platform enables customers to embark on ambitious Big Data projects, achieve critical in-depth content analytics and establish an extremely agile development environment for Search Based Applications (SBA). Global enterprises, including Airbus, AstraZeneca, Atos, Biogen, ENGIE, Total and Siemens have all trusted Sinequa for the guidance and collaboration to harness Big Data to find relevant insight to move business forward.”
Beyond all the enterprise search jargon in this article, the collaboration between Sinequa and MapR appears to offer an upgraded service to customers. As we all know at this point, unstructured data indexing is key to data intake. However, when it comes to output, technological solutions that can support informed business decisions will be unparalleled.
Megan Feil, June 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Websites Found to Be Blocking Tor Traffic
June 8, 2016
Discrimination or wise precaution? Perhaps both? MakeUseOf tells us, “This Is Why Tor Users Are Being Blocked by Major Websites.” A recent study (PDF) by the University of Cambridge; University of California, Berkeley; University College London; and International Computer Science Institute, Berkeley confirms that many sites are actively blocking users who approach through a known Tor exit node. Writer Philip Bates explains:
“Users are finding that they’re faced with a substandard service from some websites, CAPTCHAs and other such nuisances from others, and in further cases, are denied access completely. The researchers argue that this: ‘Degraded service [results in Tor users] effectively being relegated to the role of second-class citizens on the Internet.’ Two good examples of prejudice hosting and content delivery firms are CloudFlare and Akamai — the latter of which either blocks Tor users or, in the case of Macys.com, infinitely redirects. CloudFlare, meanwhile, presents CAPTCHA to prove the user isn’t a malicious bot. It identifies large amounts of traffic from an exit node, then assigns a score to an IP address that determines whether the server has a good or bad reputation. This means that innocent users are treated the same way as those with negative intentions, just because they happen to use the same exit node.”
The article goes on to discuss legitimate reasons users might want the privacy Tor provides, as well as reasons companies feel they must protect their Websites from anonymous users. Bates notes that there is not much one can do about such measures. He does point to Tor’s own Don’t Block Me project, which is working to convince sites to stop blocking people just for using Tor. It is also developing a list of best practices that concerned sites can follow, instead. One site, GameFAQs, has reportedly lifted its block, and CloudFlare may be considering a similar move. Will the momentum build, or must those who protect their online privacy resign themselves to being treated with suspicion?
Cynthia Murrell, June 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Possible Goodbye to the Dark Web
June 7, 2016
Should the Dark Web be eradicated? An article from Mic weighs in with an editorial entitled, Shutting Down the Dark Web Is a Plainly Absurd Idea From Start to Finish. Where is this idea coming from? Apparently 71 percent of internet users believe the Dark Web “should be shut down”. This statistic is according to a survey of over 24,000 people from Canadian think tank Centre for International Governance Innovation. The Mic article takes issue with the concept that the Dark Web could be “shut down”,
“The Dark Net, or Deep Web or a dozen other names, isn’t a single set of sites so much as a network of sites that you need special protocols or software in order to find. Shutting down the network would mean shutting down every site and relay. In the case of the private web browser Tor, this means simultaneously shutting down over 7,000 secret nodes worldwide. The combined governments of various countries have enough trouble keeping the Pirate Bay from operating right on the open web, never mind trying to shut down an entire network of sites with encrypted communications and hidden IP addresses hosted worldwide.”
The feasibility of shutting down the Dark Web is also complicated by the fact that there are multiple networks, such as Tor, Freenet or I2P, that allow Dark Web access. Of course, there is also the issue, as the article acknowledges, that many uses of the Dark Web are benign or even to further human rights causes. We appreciated a similar article from Softpedia, which pointed to the negative public perception stemming from media coverage of the takedown child pornography and drug sales site takedowns. It’s hard to know what isn’t reported in mainstream media.
Megan Feil, June 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Scottish Philosopher in Silicon Valley
June 6, 2016
When Alistair Duff, professor of information society and policy at Scotland’s Edinburgh Napier University, checked out Silicon Valley, he identified several disturbing aspects of the prevailing tech scene. The Atlantic’s Kevah Waddell interviews the professor in, “The Information Revolution’s Dark Turn.”
The article reminds us that, just after World War II, the idealistic “information revolution” produced many valuable tools and improved much about our lives. Now, however, the Silicon-Valley-centered tech scene has turned corporate, data-hungry, and self-serving. Or, as Duff puts it, we are now seeing “the domination of information technology over human beings, and the subordination of people to a technological imperative.”
Waddell and Duff discuss the professor’s Normative Theory of the Information Society; the potential for information technology to improve society; privacy tradeoffs; treatment of workers; workplace diversity; and his preference that tech companies (like Apple) more readily defer to government agencies (like the FBI). Regarding that last point, it is worth noting Duff’s stance against the “anti-statism” he believes permeates Silicon Valley, and his estimation that “justice” outranks “freedom” as a social consideration.
Waddell asks Duff what a tech hub should look like, if Silicon Valley is such a poor example. The professor responds:
“It would look more like Scandinavia than Silicon Valley. I’m not saying that we shouldn’t develop the tech industry—we can learn a massive amount from Silicon Valley….
“But what we shouldn’t do is incorporate the abuse of the boundary between work and home, we should treat people with respect, we should have integrated workforces. A study came out that only 2 percent of Google’s, Yahoo’s, and a couple of other top companies’ workforces were black. Twelve percent of the U.S. population is black, so that is not good, is it? I’m not saying they discriminate overtly against black people—I very much doubt that—but they’re not doing enough to change things.
“We need the best of Silicon Valley and the best of European social democracy, combined into a new type of tech cluster.
“There’s a book by Manuel Castells and Pekka Himanen called The Information Society and the Welfare State: The Finnish Model, which argues that you can have a different type of information society from the libertarian, winner-takes-all model pioneered in Silicon Valley. You can have a more human, a more proportioned, a tamer information society like we’ve seen in Finland.”
Duff goes on to say that the state should absolutely be involved in building the information society, a concept that goes over much better in Europe than in the U.S. He points to Japan as a country which has built a successful information society with guidance from the state. See the interview for more of Professor Duff’s observations.
Cynthia Murrell, June 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Palantir Technologies: Will the Company Prevail in DCGS?
June 3, 2016
I read “Army Eyes DCGS Reforms on Capitol Hill.” Not long ago, I described a decision which struck me as putting Palantir in a checkmate position. This write up explains that Palantir does have a deus ex machina to help it prevail in its DCGS travails. You can review my earlier write up and the GAO’s decision in “GAO DCGS Letter B-412746.”
If the “Army Eyes DCGS Reform” write up is spot on, there is some procurement excitement ahead. Those activities will not be in the “FAR” future. (FAR is a US government acronym for a collection of procurement guidelines.)
I learned:
Palantir is considering suing the Army over the DCGS-A 2 solicitation, according to a Politico report. The Army has said it expects to award a $206 million contract for DCGS-A 2 later this year.
Here’s the snippet I located of the “report”:
Politico said:
“The secretive Silicon Valley firm Palantir is considering suing the Army to block a planned $206 million contract to build a next-generation battlefield intelligence network, an industry lobbyist with knowledge of the issue told POLITICO. It’s the latest sign that commercial technology companies are becoming increasingly aggressive in seeking to wrestle big-dollar contracts from the Pentagon’s traditional suppliers.
How much money is at stake? Think in terms of $2.5 to $3.5 billion over the new two or three years. That’s without scope changes and the impedimenta government contracts entail. (If you are curious, you can find the RFP summary at this link.)
How does a commercial company go about derailing the Department of Defense. I used to work at an outfit which provided to President Theodore Roosevelt an advisor. That advisor helped design the Department of Navy. Think it is easy dislodging my former employer from its government contracts?
This is not Monty Hall time. Palantir Technologies has an opportunity to disrupt US government procurement procedures. Can the Hobbits prevail? I know that Tolkien fiction works out in fantasy worlds, but the procurement process might be a bridge too FAR.
If you want to read the regulations, start here.
Stephen E Arnold, June 3, 2016
-
- Subscribe to Beyond Search
Feature archive
News archive
-
