ISIS Exploits User-Friendly Encryption Apps to Plan and Recruit
March 21, 2016
The article on Discovery News titled ISIS Taps Dark Web, Encryption Apps to Coordinate discusses the news that ISIS orchestrated the Paris terrorist attacks using encrypted messaging apps. The big social media companies like Google and Facebook enable an encryption method they call “perfect forward secrecy,” which lacks any sort of master key or backdoor. The article explains other systems,
“Extremist groups are even using messaging services found on Play Station 4 gaming consoles, a favorite of young male jihadis who particularly like “Call of Duty,” according to Steven Stalinsky, executive director of the Middle Eastern Media Research Institute, a group that monitors social media by extremist groups…Of particular concern is Telegram, a relatively new instant messaging app designed in Russia that has recently been upgraded to allow more secure communications by groups.”
The article points out that most of these techniques are intuitive, designed for regular people. Their exploitation by ISIS is due to their user-friendliness and the difficulty of interception. Rather than trying to crack the codes, some analysts believe that reverting to good old-fashioned methods like spies and informants may be the best answer to ISIS’s use of Western technology.
Chelsea Kerwin, March 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Sci Hub May Be Relegated to Dark Web Only
March 18, 2016
Academics are not done with innovating when it comes to the dissemination of free knowledge. Science Alert recently published Researcher illegally shares millions of science papers free online to spread knowledge. The article details Sci-Hub, an online service opened up by a researcher in Russia offers free access to more than 48 million journal articles, which is almost every peer-reviewed paper in existence. Additionally, it describes how Elsevier has sued Sci-Hub. The article summarizes how Sci-Hub works,
“The site works in two stages. First of all when you search for a paper, Sci-Hub tries to immediately download it from fellow pirate database LibGen. If that doesn’t work, Sci-Hub is able to bypass journal paywalls thanks to a range of access keys that have been donated by anonymous academics (thank you, science spies). This means that Sci-Hub can instantly access any paper published by the big guys, including JSTOR, Springer, Sage, and Elsevier, and deliver it to you for free within seconds. The site then automatically sends a copy of that paper to LibGen, to help share the love.”
What is fascinating about this case is that whether Elsevier or Sci-Hub wins, there may still be a means for Sci-Hub to continue offering unlimited journal access. As other articles on this subject have alluded, the founder of Sci-Hub sees its relegation to the Dark Web as its worst-case scenario.
Megan Feil, March 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Decides to Be Nice to
March 18, 2016
Google is a renowned company for its technological endeavors, beautiful office campuses, smart employees, and how it is a company full of self-absorbed and competitive people. While Google might have a lot of perks, it also has its dark side. According to Quartz, Google wanted to build a more productive team so they launched Project Aristotle to analyze how and they found, “After Years Of Intensive Analysis, Google Discovers The Key To Good Teamwork Is being Nice.”
Project Aristotle studied hundreds of employees in different departments and analyzed their data. They wanted to find a “magic formula,” but it all beats down to one of the things taught in kindergarten: be nice.
“Google’s data-driven approach ended up highlighting what leaders in the business world have known for a while; the best teams respect one another’s emotions and are mindful that all members should contribute to the conversation equally. It has less to do with who is in a team, and more with how a team’s members interact with one another.”
Team members who understand, respect, and allow each other to contribute to conversation equally. It is a basic human tenant and even one of the better ways to manage a relationship, according to marriage therapists around the world. Another result of the project is dubbed “psychological safety,” where team members create an environment with the established belief they can take risks and share ideas without ridicule.
Will psychological safety be a new buzzword since Google has “discovered” that being nice works so well? The term has been around for a while, at least since 1999.
Google’s research yields a business practice that other companies have adopted: Costco, Trader Joes, Pixar, Sassie, and others to name a few. Yet why is it so hard to be nice?
Whitney Grace, March 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tails Increases Ease of Online Anonymity
March 17, 2016
The interest in browsing the internet anonymously does not appear to be fading. Softpedia recently posted Debian Makes It a Lot Easier for Users to Install the Tails Anonymous Live CD. Called the “amnesic incognito live system”, Tails is a GNU/Linux Live CD distribution which is based on the Debian operating system and allows your online activities to remain anonymous. Tails is driven by Tor and provides its users access to the anonymous Tor network. The article tells us,
Now, we all know how to write a Live ISO image on a USB key or a CD disc, right? But what you probably don’t know is that there’s an app for that, called Tails Installer, which the skilled Debian Privacy Tools maintainers team included in Debian repos. “The previous process for getting started with Tails was very complex and was problematic for less tech-savvy users,” developers explained. “It required starting Tails three times, and copying the full ISO image onto a USB stick twice before having a fully functional Tails USB stick with persistence enabled.”
As the article points out, Tails has a stamp of approval from Edward Snowden. It seems like before Debian, it would have been quite the stretch for many users to even consider adopting the use of Tails. However, using a Linux-based operating system, the pre-requisite for Tails, may also be a hurdle preventing wide-scale adoption. Time will tell.
Megan Feil, March 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bitcoin Textbook to Become Available from Princeton
March 16, 2016
Bitcoin is all over the media but this form of currency may not be thoroughly understood by many, including researchers and scholars. An post on this topic, The Princeton Bitcoin textbook is now freely available, was recently published on Freedom to Tinker, a blog hosted by Princeton’s Center for Information Technology Policy. This article announces the first completed draft of a Princeton Bitcoin textbook. At 300 pages, the manuscript is geared to those who hope to gain a technical understanding of how Bitcoin works and is appropriate for those who have a basic understanding of computer science and programming. According to the write-up,
“Researchers and advanced students will find the book useful as well — starting around Chapter 5, most chapters have novel intellectual contributions. Princeton University Press is publishing the official, peer-reviewed, polished, and professionally done version of this book. It will be out this summer. If you’d like to be notified when it comes out, you should sign up here. Several courses have already used an earlier draft of the book in their classes, including Stanford’s CS 251. If you’re an instructor looking to use the book in your class, we welcome you to contact us, and we’d be happy to share additional teaching materials with you.”
As Bitcoin educational resources catch fire in academia, it is only a matter of time before other Bitcoin experts begin creating resources to help other audiences understand the currency of the Dark Web. Additionally, it will be interesting to see if research emerges regarding connections between Bitcoin, the Dark Web and the mainstream internet.
Megan Feil, March 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Now Has Dowsing Ability
March 16, 2016
People who claim to be psychic are fakes. There is not a way to predict the future, instantly locate a lost person or item, or read someone’s aura. No scientific theory has proven it exists. One of the abilities psychics purport to have is “dowsing,” the power to sense where water, precious stones or metals, and even people are hiding. Instead of relying on a suspended crystal or an angular stick, Google now claims it can identify any location based solely on images, says The Technology Review in the article, “Google Unveils Neural Network With ‘Superhuman’ Ability To Determine The Location Of Almost Any Image.”
Using computer algorithms, not magic powers, and Tobias Weyand’s programming prowess and a team of tech savvy people, they developed a way for a Google deep-learning machine to identity location pictures. Weyand and his team designed PlaNET, the too, and accomplished this by dividing the world into 26,000 square grid (sans ocean and poles) of varying sizes depending on populous areas.
“Next, the team created a database of geolocated images from the Web and used the location data to determine the grid square in which each image was taken. This data set is huge, consisting of 126 million images along with their accompanying Exif location data.
Weyand and co used 91 million of these images to teach a powerful neural network to work out the grid location using only the image itself. Their idea is to input an image into this neural net and get as the output a particular grid location or a set of likely candidates.”
With the remaining 34 million images in the data set, they tested the PlaNET to check its accuracy. PlaNET can accurately guess 3.6% images at street level, 10.1% on city level, 28.4% country of origin, and 48% of the continent. These results are very good compared to the limited knowledge that a human keeps in their head.
Weyand believes that PlaNET is able to determine the location, because it has learned new parents to recognize subtle patterns about areas that humans cannot distinguish, as it has arguably been more places than any human. What is even more amazing is how much memory PlaNET uses: only 377 MB!
When will PlaNET become available as a GPS app?
Whitney Grace, March 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
How Sony Was Hacked
March 15, 2016
Remember when Sony was gearing up to release the controversial flick The Interview starring James Franco and Seth Rogen and how the CIA recruited them to kill Kim Jong-un, when suddenly their system was hacked? The people who hacked Sony called themselves “God’sApstls” and demanded the production company pay them an undisclosed amount of money or else they would “be bombarded as a whole.” Sony Pictures ignored the threat and the studio was taken offline for weeks, resulting in $35 million IT damages.
Motherboard investigated the current status of the Sony attack, it took place in 2014, which the company is still reeling from, “These Are The Cyberweapons Used To Hack Sony.” The FBI officially stated that the hackers were on the North Korean pay roll and still going about their business. A security researcher coalition thinks they can expose the hackers’ extensive malware arsenal.
“Andre Ludwig, the senior technical director at Novetta Research and Interdiction Group, said that the investigation started from four hashes (values that uniquely identify a file) that the Department of Homeland security published after the attack. With those few identifying strings, and after months of sleuthing, the researchers found 2,000 malware samples, both from online malware portal VirusTotal, as well as from antivirus companies. Of those, they manually reviewed and catalogued 1,000, and were able to identify 45 unique malware strains, revealing that the Sony hackers had an arsenal more sophisticated and varied than previously thought.”
The goal is to disrupt the hacker group often enough that they have to use their time, resources, and energy to rebuild their defenses and even lose some of their capabilities. They also might lose access to their past victims. There is good suspicion, however, to believe the hackers were not North Koreans:
“As it turns out, the hackers’ arsenal contains not only malware capable of wiping and destroying files on a hard disk like the Sony hack, but also Distributed Denial of Service (DDoS) tools, tools that allow for remotely eavesdropping on a victim’s computer, and more, according to the report. The researchers tracked some of this tools in cyberattacks and espionage operations that go as far as back as 2009, perhaps even 2007, showing the hackers that hit Sony have a long history.”
What the data reveals is that the hackers have been around for a long, long time (perhaps the North Korean government simply hired them?) and have had years to build up their arsenal. The counteroffensive, however, has built up its own and learned from the Sony hack job, pitting the hackers’ tools against them in hopes they will not be as effective in the future.
Warriors…er…coders, hackers, developers, etc. learn from each other to build stronger and better tools. The old adage, “the enemy of my enemy is my friend,” so who is the hackers’ enemy-other than the obvious USA?
Whitney Grace, March 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
How-To Overview of Building a Data Platform to Handle Real-Time Datasets
March 11, 2016
The article on Insight Data Engineering titled Building a Streaming Search Platform offers a glimpse into the Fellows Program wherein grad students and software engineers alike build data platforms and learn cutting-edge open source technologies. The article delves into the components of the platform, which enables close to real-time search of a streaming text data source, with Twitter as an example. It also explores the usefulness of such a platform,
On average, Twitter users worldwide generate about 6,000 tweets per second. Obviously, there is much interest in extracting real-time signal from this rich but noisy stream of data. More generally, there are many open and interesting problems in using high-velocity streaming text sources to track real-time events. … Such a platform can have many applications far beyond monitoring Twitter…All code for the platform I describe here can be found on my github repository Straw.”
Ryan Walker, a Casetext Data Engineer, describes how these products might deliver major results in the hands of a skilled developer. He uses the example of a speech to text monitor being able to transcribe radio or TV feeds and send the transcriptions to the platform. The platform would then seek key phrases and even be set up to respond with real-time event management. There are many industries that will find this capability very intriguing due to their dependence on real-time information processing, including finance and marketing.
Chelsea Kerwin, March 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Organized Cybercrime Continues to Evolves
March 10, 2016
In any kind of organized crime, operations take place on multiple levels and cybercrime is no different. A recent article from Security Intelligence, Dark Web Suppliers and Organized Cybercrime Gigs, describes the hierarchy and how the visibility of top-level Cybercrime-as-a-Service (CaaS) has evolved with heightened scrutiny from law enforcement. As recently as a decade ago, expert CaaS vendors were visible on forums and underground boards; however, now they only show up to forums and community sites typically closed to newcomers and their role encompasses more expertise and less information sharing and accomplice-gathering. The article describes their niche,
“Some of the most popular CaaS commodities in the exclusive parts of the Dark Web are the services of expert webinjection writers who supply their skills to banking Trojan operators.
Webinjections are code snippets that financial malware can force into otherwise legitimate Web pages by hooking the Internet browser. Once a browser has been compromised by the malware, attackers can use these injections to modify what infected users see on their bank’s pages or insert additional data input fields into legitimate login pages in order to steal information or mislead unsuspecting users.”
The cybercrime arena shows one set of organized crime professionals, preying on individuals and organizations while simultaneously being sought out by organized cyber security professionals and law enforcement. It will be most interesting to see how collisions and interactions between these two groups will play out — and how that shapes the organization of their rings.
Megan Feil, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Germany Launches Malware to Spy on Suspicious Citizens
March 10, 2016
The article titled German Government to Use Trojan Spyware to Monitor Citizens on DW explains the recent steps taken in Germany to utilize Trojans, or software programs, created to sneak into someone else’s computer. Typically they are used by hackers to gain access to someone’s data and steal valuable information. The article states,
“The approval will help officials get access to the suspect’s personal computer, laptop and smartphone. Once the spyware installs itself on the suspect’s device, it can skim data on the computer’s hard drive and monitor ongoing chats and conversations. Members of the Green party protested the launching of the Trojan, with the party’s deputy head Konstantin von Notz saying, “We do understand the needs of security officials, but still, in a country under the rule of law, the means don’t justify the end.”
Exactly whom the German government wants to monitor is not discussed in the article, but obviously there is growing animosity towards not only the Syrian refugees but also all people of Middle Eastern descent. Some of this hostility is based in facts and targeted, but the growing prejudice towards innocent people who share nothing but history with terrorists is obviously cause for concern in Germany, Europe, and the United States as well. One can only imagine how President Trump might cavalierly employ malware to spy on an entire population that he has already stated his distrust of in the most general terms.
Chelsea Kerwin, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
