DarkCyber for February 19, 2019, Now Available

February 19, 2019

DarkCyber for February 19,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/317779445. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: image analysis applied to hotel rooms used for human trafficking; compromising an iPhone via a text message or email; a new report about digital currency crime; and shipping arms the old fashioned way, via the mail.

Facial recognition systems continue to be criticized for inaccuracy and potential human rights violations. A group of researchers have applied artificial intelligence and image analysis to locate hotels allegedly used for human trafficking and the commission of child sex crimes. Plus the team compiled a database of more than 50,000 hotel rooms. The system matches a known hotel room against a photograph obtained from a human trafficker’s advertisement. By pinpointing the location, law enforcement can direct its resources at that venue. Anyone can contribute by uploading hotel room and short term property rentals to a public website.

The second story focuses on a new way to compromise iPhones produced in the period from 2016 to mid 2017. The technique was allegedly used by former US government personnel working for organizations based in the United Arab Emirates. The Project Raven team used a technique which required only a single email or text message. The payload was sent directly to a target’s iPhone. Once the iPhone received the message, that device was accessible to the Project Raven personnel and allowed text messages, images, and other data to be accessed without the iPhone user’s knowledge. Apple closed the security hole, but the technique was interesting because no clicks, downloads, or other actions on the part of the target were necessary.

The third story describes the free “Crypto Crime Report” available from Chainalysis. This company is one of the leaders in the deanonymization of digital currency transactions, including Bitcoin. With the Dark Web losing traction, Chainalysis reports bad actors have turned to encrypted message apps like Telegram and WhatsApp to conduct advertise and sell their products and services. Customers have shifted from Dark Web ecommerce sites to these distributed, anonymous messaging services. The report includes details of investigative methods used to steal digital currency. The majority of thefts were the work of two gangs. Investigators are engaged in an increasingly fierce game of Whack a Mole.

The final story recounts how a spy stole a secret US missile and shipped the device to Russia in the mid 1960s. Today the same method is used by arms dealers in Europe. Postal services and commercial shipping companies have to identify weapons which are disassembled. The components are then placed in cartons which contain parts for common products like vacuum cleaners and kitchen equipment. The old methods remain valid despite today’s modern technology and knowledge of the methods used by bad actors.

Kenny Toth, February 19, 2019

DarkCyber for February 12, Now Available

February 12, 2019

DarkCyber for February 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/316376994. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Italy’s facial recognition system under fire; Marriott trains 500,000 employees to spot human traffickers; a new Dark Web search system from Portugal; and the most popular digital currencies on the hidden Web.

The first story explores the political criticism of Italy’s facial recognition system for law enforcement. The database of reference images contains about one third of Italy’s population. The system integrates with other biometric systems including the fingerprint recognition modules which is operating at several of Italy’s busiest airports. Despite the criticism, government authorities have no practical way to examine images for a match to a person of interest. DarkCyber believes image recognition is going to become more important and more widely used as its accuracy improves and costs come down.

The second story discusses Marriott Corporation’s two year training program. The hotel chain created information to help employees identify cues and signals of human trafficking. The instructional program also provides those attending with guidelines for taking appropriate action. Marriott has made the materials available to other groups. But bad actors have shifted their mode of operation to include short term rentals from Airbnb type vendors. Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access, said: ”The anonymity of these types of temporary housing makes it easier for human traffickers to avoid detection. Prepaid credit cards, burner phones, and moving victims from property to property create an additional set of challenges for law enforcement”

The third story provides information about a new hidden Web indexing service. The vendor is Dogdaedis. The system uses “artificial intelligence” to index automatically the hidden services its crawler identifies. A number of companies are indexing and analyzing the Dark Web. Furthermore the number of Dark Web and hidden Web sites is decreasing due to increased pressure from law enforcement. Bad actors have adapted, shifting from traditional single point hidden Web sites to encrypted chat services.

The final story extracts from a Recorded Future report the most popular digital currencies on the Dark Web. Bitcoin is losing ground to Litecoin and Monero.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 12, 2019

DarkCyber for February 5, 2019, Now Available

February 5, 2019

DarkCyber for February 5,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/315073592. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Alleged money laundering via the popular Fortnite game; and an excerpt from Stephen E Arnold’s “Dark Web, Version 2” lecture at the University of Louisville.

The first story explains how bad actors launder money via the online game Fortnite. The game allows players to purchase “digital assets” by purchasing via a credit card. The credit card funds allow the player to acquire V Bucks. These V Bucks can be converted to weapons, information, or other in-game benefits. But the digital assets can be sold, often on chat groups, Facebook, or other social media. In the process, the person buying the digital assets with a stolen credit card, for example, converts the digital assets to Bitcoin or another digital currency. Many people are unaware that online games can be used in this manner. Law enforcement will have to level up their game in order to keep pace with bad actors.

The second story is an excerpt from Stephen E Arnold’s invited lecture. He spoke on January 25, 2019 to an audience of 50 engineering students and faculty on the subject of “Dark Web, Version 2.” In his remarks, he emphasized that significant opportunities for innovation exist. Investigators need to analyze in a more robust way data from traditional telephone intercepts and the Internet, particularly social media.

Arnold said, “The structured data from telephone intercepts must be examined along with the unstructured data acquired from a range of Internet sources. Discovering relationships among entities and events is a difficult task. Fresh thinking is in demand in government agencies and commercial enterprises.” In the video, Mr. Arnold expands on the specific opportunities for engineers, programmers, and analysts with strong mathematics skills.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 5, 2019

DarkCyber for January 29, 2019, Now Available

January 29, 2019

DarkCyber for January 29, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/313630318. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Microsoft Bing and a child pornography allegation; Endace introduces facial recognition and a tie up with Darktrace; A report about drones and correctional institutions; and CIA report about hazardous compounds.

The first story discusses allegations of child pornography and other inappropriate content in the Microsoft Bing index. DarkCyber’s experts report that problematic content can be found within any free Web search system. The reasons range from bad actors use of code words to innocuous pages which contain links to objectionable content labeled as popular services. Filtering is one approach, but a cat and mouse game requires that Web search providers have to continue to enhance their content review procedures. Chatter about artificial intelligence is often hand waving, politically correct speech, or marketing.

Second, Endace is one of the leaders in lawful intercept hardware and software. However, Endace continues to innovate. The firm has added facial recognition to its service offering. Darktrace, one of the more innovative cyber security vendors, has announced a relationship with Endace. Darktrace’s three D visualization and analytics may spark new products and services for Endace. Verint, another cyber security firm, has also added support for Endace’s lawful intercept systems.

The third story calls attention to a free report about bad actors’ use of drones to deliver contraband into prisons. Correctional institutions in the US are adding anti drone technology. Drones have been used to deliver mobile phones and other contraband to inmates. DarkCyber provides a link so that viewers can request a copy of the Dedrone report.

The final story is a follow up to an earlier report about the chemicals and compounds frequently used for home made explosive devices. A viewer want to know where additional information could be found. DarkCyber provides a link to a CIA document which reviews chemical, biological, radiological, and nuclear substances.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 29, 2019

DarkCyber for January 22, 2019, Now Available

January 22, 2019

DarkCyber for January 22, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/312358055. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes… a report about a cyber crime  volunteer program in the Netherlands … a profile of the intelware company Numerica… a new Europol report about the hidden Web… and a Los Angeles’ online service points the finger at Craigslist with drug related allegations.

DarkCyber’s first story reports that Dutch police have begun a cyber crime volunteer program. Individuals with an interest in assisting law enforcement in researching Dark Web and related topics can participate in the new program. Skills required by the police include advanced mathematics and physics. More than 200 people have stepped forward to assist. An initial group of 14 individuals has been selected. One volunteer holds down a full time job but wants to contribute to the government’s efforts to reduce cyber crime.

The second story presents information about Numerica, a company which provides intelligence software or intelware to the US Department of Defense and law enforcement organizations. The Numerica approach relies on advanced technology and intuitive, easy-to-use interfaces for its products. The Lumen product allows jurisdictions to share data about incidents and suspects from a desktop computer or a mobile phone. The system can generate maps with geo-locations marked, brief “bubble gum” card summaries of suspects, and reports which include event and time information. The company is listed on the GSA schedule, which speeds procurement of the company’s solutions.

DarkCyber reviewed a 2018 Europol report about hidden Internet services. The report contains useful information about the relationship among digital currency, hidden Internet sites, and drug sales. Plus, the report identifies chat services as one communication channel which bad actors are using more frequently. The reason is that government efforts to shut down Tor centric Dark Web sites are forcing bad actors to find other means of hiding their activities. One of the chilling findings is that modern distributed services create more challenges for government authorities. Many hidden Internet services do not have a single focal point.

The final story reviews allegations by LA Taco, an online information service, that Craigslist is listing drugs in its online advertising service. The report alleges that Craigslist does not filter ad listings for code words used to allow insiders to locate certain drugs like fentanyl. According to LA Taco, dealers describe drugs as “white china plates.” The savvy drug buyer contacts the seller of what appears to be dinnerware and buys the controlled substances. These are serious allegations, but filtering for common words can delete many legitimate listings from the online service. No easy solution exists in the view of the DarkCyber research team.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 22, 2019

DarkCyber for January 8, 2019, Now Available

January 8, 2019

DarkCyber for January 8, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/309717457 . The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

The lead story is a profile of Sintelix, an Australian company developing software for law enforcement and intelligence professionals. The system can acquire content from the hidden Internet, the Surface Web, third-party sources, and content repositories in an organization; for example, arrest records. Sintelix provides IBM Analyst’s Notebook user with a streamlined, modern interface without giving up the unique features of the IBM Analyst’s Notebook. The three key features of the Sintelix technology are its speed of document and content processing. Hundreds of thousands of documents can be analyzed and indexed on a standard office desktop computer in a few hours. Sintelix also includes an application programming interface. This API makes it possible to use Sintelix with a wide range of third party solutions. Also, the system incorporates robust timeline features. Ana analyst can examine events over a month and then zoom into look at activities in an hour on a specific day.

The second story addresses a way to reduce the complexity of the Tor software bundle, which is required to access Dark Web sites, Many Tor users find the bundle confusing, which can lead to careless errors. . A number of user-induced errors can lead to the user’s loss of the privacy which the Tor software appears to offer. The fix is to use a hardware device which can run the Tor software. DarkCyber reports on an older system called PORTAL as well as a new Raspberry Pi approach. Will these devices provide a way to surf the Web in anonymity. Unlikely, but if properly configured, the devices may prevent some types of operator errors.

The third story discusses India’s legislation which mandates that technology companies provide access to encrypted content. Like Australia, India’s action is helpful to law enforcement and intelligence professionals. However, the mandatory decryption may increase the likelihood that bad actors will find a way to exploit the backdoor. The regulations require that a technology company like Apple or Facebook would have to respond to the government request within a day or two. Even with automated decryption technology, the time limit may prove difficult for some companies.

The final story describes a novel type of punishment for child abuse. The UK has begun deporting abusers to their country of origin and stripping the individual of his or her UK citizenship. So far one Indian who amassed 23 counts of child abuse have been flagged for deportation. Three abusers from Pakistan are likely to be deported as well. Once in their home country, authorities may take punitive action against the abusers.
A new blog Dark Cyber Annex will be available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 8, 2019

DarkCyber for December 25, 2018, Is Now Available

December 25, 2018

DarkCyber for December 25, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes… Australia legislates the unlocking of encryption backdoors… Dark Web counterfeiting ring kept unencrypted customer lists… which operating system provides online anonymity Tails or Qubes… and Dunkin Donuts loyalty points on the Dark Web just in time for the holidays.

First, Australia has become the first country to legislate that technology companies must assist law enforcement in decrypting encrypted messages. The law is controversial and has trigger expressions of concern from privacy advocates. DarkCyber reports that as a member of the Five Eyes organization, the Australian action may increase the resolve of the US, UK, Canada, and New Zealand to seek similar measures in 2019. Amendments to the new legislation are likely, but the Australian action is a significant development for law enforcement which is flying blind among the rapidly rising storm of encrypted communications which thwart many investigations.

Second, Austrian police cracked a Dark Web counterfeiting ring. Police seized fake euros and a list of customers. The names, shipping addresses, and other details were stored in an unencrypted form on computers and on paper. Austrian officials provided the information to Europol, which organized a series of coordinated operations in more than a dozen countries. Hundreds of arrests were made and the police are continuing their sweep. Dark Web criminals may use Tor for anonymity, but their understanding of operational security is poor.

Third, which secure operating is better for online anonymity? Tails is one of the systems used by many individuals. The system ships with Tor and other tools, including encrypted chat capabilities. Qubes is another system used by some individuals for increased security. Qubes, however, requires that the user set up the system, which relies on virtual machines. There are other options as well; for example, Whonix, JohnDo, and ImprediaOS, among others. The answer is that a person must understand the strengths and weaknesses of each option and choose a solution that fits one’s specific needs.

The final story reports that some Dark Web ecommerce vendors are selling Dunkin Donuts loyalty points. A customer with the Dunkin Donuts app and the stolen loyalty points can order donuts and other Dunkin Donuts products with minimal security checks. Discount sweets via the Dark Web have arrived just in time for the holidays.

Watch for information about our new blog (information service) DarkCyber. We will report the location of the service in Beyond Search.

Kenny Toth, December 25, 2018

DarkCyber for December 11, 2018 Now Available

December 11, 2018

DarkCyber for December 11, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes… a detailed report about weapons sales on the Dark Web … ThomsonReuters sells driving and personal data to ICE… and The outlines of Dark Web Version 2 become visible.

First, an information packed study about Dark Web weapons sales reveals that Glocks are the most popular illegal hand gun. How much is an illegal weapon? Prices range from $200 to more than $10,000. But fully automatic weapons are the most expensive. Cyber weapons cost a fraction of the price of a physical weapon. The information has been assembled by the RAND Corporation, and the report makes clear that despite the shut down of many Dark Web eCommerce sites, unregistered weapons are available via Tor and the Dark Web. The video provides the information needed to obtain a copy of this useful collection of hard to find data.

Second, DarkCyber reports that ThomsonReuters along with a handful of less well known companies are selling personal data to the US government. ThomsonReuters, according to a source available to DarkCyber, sells information related to driving; for example, data about license tags and information derived from surveillance cameras. With these types of data, government investigators are able to examine travel routes and may be able to pinpoint the location of vehicles. The value of proprietary data is that the accuracy and timeliness of the information can accelerate certain investigations.

The final story reveals that private group chats and encrypted instant messaging may be the future of the Dark Web. Instead of relying on special software to make online behavior anonymous, message oriented applications allow bad actors to work on the public Internet, safe from the eyes of investigators. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “Encryption is an issue. DarkCyber anticipates that the US, Canada, the UK, New Zealand, and Australia will aggressively seek back doors. The time and cost of traditional decryption are prohibitive as the volume of encrypted messages goes up.”

DarkCyber is released each week on Tuesday. The next program will be available on December 25, 2018.

Kenny Toth, December 11, 2018

DarkCyber for November 13, 2018, Now Available: Amazon Part Three, Simplifying Intelligence Analysis

November 13, 2018

DarkCyber for November 13, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/300178710. Amazon Policeware, Part 3. DarkCyber explains how Amazon has solved most of the problems associated with machine learning centric intelligence analysis and sense making systems.

Amazon’s approach to policeware pivots on ease of use and ready to use data.
Instead of programming a system and then undertaking expensive set up tasks, Amazon’s approach is the equivalent of heating a meal in a microwave. The time and convenience changes the landscape for advanced content processing and analytics.

With pre-curated data sets, templates, and familiar Amazon interfaces—law enforcement, military, and intelligence professionals can move from task to output in a day from weeks to months with traditional vendors’ systems. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “The benefit of the Amazon approach is low cost and quicker implementation. Instead of reinventing the wheel for each case or mission, the Amazon approach is repeatable,” which slashes training, configuring, and tuning work associated with policeware systems.”

Decades ago, IBM used mainframes and their proprietary hardware and software to create a barrier to change for government agencies using the systems. Amazon’s approach is to provide a platform which makes use of open source software to allow the US government to make necessary changes to software.

Amazon also offers value added functionality ranging from hardware like the DeepLens smart surveillance devices to patented analytics for real time cross correlation of data. Government agencies using these proprietary components will find themselves dependent on Amazon despite the support for open source software.
Existing vendors have business models built on time and materials billing for each use of their systems. Amazon has changed the game to emphasize quick and easy deployment at a lower cost for greater flexibility and performance.

Watch for the final segment of this four part series. The video will be released on November 20, 2018

DarkCyber for November 6, 2018, Is Now Available: Part Two, Amazon’s Disruptive Thrust

November 6, 2018

DarkCyber for November 6, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/298831585

In this program, DarkCyber explains how Amazon is using open source software and proprietary solutions to reinvent IBM’s concept of vendor lock in.

Decades ago, IBM used mainframes and their proprietary hardware and software to create a barrier to change for government agencies using the systems. Amazon’s approach is to provide a platform which makes use of open source software to allow the US government to make necessary changes to software.

Amazon also offers value added functionality ranging from hardware like the DeepLens smart surveillance devices to patented analytics for real time cross correlation of data. Government agencies using these proprietary components will find themselves dependent on Amazon despite the support for open source software. Stephen E Arnold, author of CyberOSINT, said: “Amazon’s use of open source makes it easy for customers to make changes to the Amazon policeware system. However, Amazon’s value adding proprietary software allows Amazon to lock in government agencies who want access to Amazon’s most advanced services, features, and functions. Amazon wants to reinvent IBM’s approach to lock in for the 21st century.”

An added twist is that many of the providers of policeware and advanced intelligence systems use the Amazon cloud platform to deliver their products and services to US government agencies. Examples include Palantir Technologies, 4iQ and Webhose. Companies leveraging Amazon’s platform have an advantage over firms which use other cloud solutions. However, in the longer terms, Amazon can exercise control over vendors, partners, and integrators as part of a lock in strategy tuned to the 21st century computing realities.

Watch for the third part of this four part series on November 13, 2018.

Kenny Toth, November 6, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta