Is Fresh Thinking about ISPs and Network Providers Needed?

September 14, 2022

Today (September 14, 2022) I reviewed some of our research related to what I call the “new” Dark Web. Specifically, I called attention to Internet Service Providers and Network Providers who operate mostly as background services. What gets the attention are the amazing failures of high profile systems like Microsoft and Google Cloud, among others. When I hear talk about “service providers”, the comments fall into two categories:

The giant regulated outfits some of which are government controlled and owned and others which are commercial enterprises with stakeholders and high profiles. The question, “Does cloud provider X allow its platform to deliver CSAM or phishing attacks?” is not top of mind.
Local Internet operations which resell connectivity provided by outfits in Category 1 above or who operate servers or lease “virtual” servers on Category 1’s equipment. Most of these outfits have visibility in a specific geographic area; for example, Louisville, not far from my hovel in a hollow.

Are these two categories sufficient? Do bad actors actually do bad things on systems owned, operated and managed by Category 1 companies? Is that local company really hosting CSAM or delivering malware for a client in Hazard County, Kentucky?

The answer to these questions is, “Yes.” However, technology is available, often as open source or purpose built by some ISP/network providers to make it difficult to determine who is operating a specific “service” on third party equipment. Encryption is only part of the challenge. Basic security methods play a role. Plus, there are some specialized open source software designed to make it difficult for government authorities to track down bad actors. (I identified some of these tools in my lecture today, but I will not include that information in this free blog post. Hey, life is cruel sometimes.)

I mention the ISP/Network Provider issue because the stakes are rising and the likelihood of speeding up some investigative processes is decreasing. In this post, I want to point you to one article, which I think is important to read and think about.

Navigate to “Naver Z Teams Up with Thai Telecom Giant to Build Global Metaverse Hub.” Naver is in South Korea. True is in Thailand. South Korea has some interesting approaches to law enforcement. Thailand is one of the countries with a bureaucratic method that can make French procedures look like an SR 71 flying over a Cessna 172. (Yes, this actually happened when the SR 71 was moving at about three times the speed of sound and the Cessna 172 was zipping along at a more leisurely 120 knots.)

The write up states:

Naver Z, the metaverse unit of South Korean internet giant Naver, has partnered with Thai telecom conglomerate True to build a global metaverse hub for creators.

The new service will build on the Zepeto metaverse platform. Never heard of it? The service has 20 million monthly active users.

Here’s a key point:

The platform is particularly attractive for K-pop fans. Zepeto recently collaborated with Lisa, a member of the popular South Korean girl group Blackpink, to host a virtual event where her fans could take selfies with her avatar on Zepeto.

So what?

What if a CSAM vendor uses the platform to distribute objectionable materials? What if the bad actor operates from the US?

What type of training and expertise are required to identify the offending content, track the source of the data, and pursue the bad actor?

Keep in mind that these are two big outfits. The metaverse is a digital datasphere. Much of that environment will be virtualized and make use of distributed services. Obfuscation adds some friction to the investigative processes.

For those charged with enforcing the law, the ISPs/and Network Providers — whether large or small — will become more important factors in some types of investigations.

Is CSAM going to find its way into the “metaverse”?

I think you know the answer to the question. Now do you know what information is needed to investigate an allegation about possibly illegal behavior in Zepeto or another metaverse?

Think about your answer, please.

Stephen E Arnold, September 14, 2022

Written by Stephen E. Arnold · Filed Under cybercrime, News, Online (general)

Comments

Comments are closed.

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.