The Dark Web Small Yet Still Dark Place

February 15, 2019

The Dark Web is an easy scapegoat to blame for all of the Internet’s woes and perils. Even the name “Dark Web” elicits images of negative activity. The truth about the Dark Web is much more complicated than we are led to believe. The Dark Web is a tool to browse and publish information anonymously on the Internet. Yes, criminals do use it to sell stolen goods and for sex trafficking, but it is also a haven for journalists in oppressive regimes, freedom of the press, and freedom fighters around the world.

ZeroFOX shares more details about the Dark Web and its uses in the article, “Evolving Landscape And Emerging Threats On The Dark Web.” ZeroFOX’s article first explains some basic information about what the Dark Web is and how it started as a US Navy project. The project developed into the Onion Router or Tor browser that can access Web sites with the .onion extension.

As the Dark Web grows, its users are experimenting with ways to improve anonymity. Some of the methods are moving to deep web sites that are membership or invite only. These types of Web sites are breeding grounds for criminal activity. The threats increase as technology improves.

The Web sites that pose the greatest threat are the ones that are the hardest to access. Organizations often lack the ability and knowledge to monitor the Dark Web. The most common crimes on the Dark Web are:

“Physical threats, doxxing, and chatter against top executives, public servants/figures, and journalists

Consumer data for sale or exposed, often credit card dumps and credentials leaks

Distribution of copyrighted materials, movies, music and TV

Hacking techniques, vulnerabilities, and planned attacks on cyber forums

Sales of drugs, counterfeit/stolen goods, proprietary technology”

With increased pressure from law enforcement, bad actors are shifting from the “old” Dark Web to alternative ways to obfuscate, communicate, and sell their products and services, exchange information, and chip away at some social norms.

Whitney Grace, February 15, 2019

Dark Web Leads To Dark Deals For Children

February 14, 2019

Illegal drugs and arms trafficking are some of the worst crimes on the Dark Web, but the most abhorrent crime is sex trafficking. A large majority of sex trafficking victims are women, but children (boys and girls) are also in the victim pool. The New York Post reports how over “123 Missing Children Found In Michigan During Sex Trafficking Operation.” On September 26, 2018, Michigan law enforcement and Operation MISafeKid recovered over one hundred missing children.

Michigan law enforcement were investigating 301 open missing children cases of which 123 were found. All the recovered children were interviewed about if they were sexually abused or trafficked in any fashion. Of the 123 children, only three of them reported being possibly victimized. The sting also revealed leads to missing children in Texas and Minnesota. It is horrible that the most vulnerable humans are sold for sex, but authorities are all the more dedicated to saving them.

“ ‘The message to the missing children and their families that we wish to convey is that we will never stop looking for you,’ the US Marshals Service said. Several agencies were involved in the operation including the US Marshals Service, Michigan State Police, Detroit Police Department, Wayne County local law enforcement, as well as the National Center for Missing and Exploited Children and the Department of Housing and Urban Development’s Office of Inspector General.”

It takes many law enforcement agencies to track, investigate, and prosecute the sex trafficking ringleaders. It is hard to imagine how these ringleaders kept their victims in line, because children are loud by nature. How much intimidation did they use to maintain a low profile?

Whitney Grace, February 14, 2018

DarkCyber for February 12, Now Available

February 12, 2019

DarkCyber for February 12, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/316376994. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Italy’s facial recognition system under fire; Marriott trains 500,000 employees to spot human traffickers; a new Dark Web search system from Portugal; and the most popular digital currencies on the hidden Web.

The first story explores the political criticism of Italy’s facial recognition system for law enforcement. The database of reference images contains about one third of Italy’s population. The system integrates with other biometric systems including the fingerprint recognition modules which is operating at several of Italy’s busiest airports. Despite the criticism, government authorities have no practical way to examine images for a match to a person of interest. DarkCyber believes image recognition is going to become more important and more widely used as its accuracy improves and costs come down.

The second story discusses Marriott Corporation’s two year training program. The hotel chain created information to help employees identify cues and signals of human trafficking. The instructional program also provides those attending with guidelines for taking appropriate action. Marriott has made the materials available to other groups. But bad actors have shifted their mode of operation to include short term rentals from Airbnb type vendors. Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access, said: ”The anonymity of these types of temporary housing makes it easier for human traffickers to avoid detection. Prepaid credit cards, burner phones, and moving victims from property to property create an additional set of challenges for law enforcement”

The third story provides information about a new hidden Web indexing service. The vendor is Dogdaedis. The system uses “artificial intelligence” to index automatically the hidden services its crawler identifies. A number of companies are indexing and analyzing the Dark Web. Furthermore the number of Dark Web and hidden Web sites is decreasing due to increased pressure from law enforcement. Bad actors have adapted, shifting from traditional single point hidden Web sites to encrypted chat services.

The final story extracts from a Recorded Future report the most popular digital currencies on the Dark Web. Bitcoin is losing ground to Litecoin and Monero.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 12, 2019

Is Dark Web Search Getting Crowded?

February 7, 2019

Stephen E Arnold said in a recent DarkCyber video news report:

The Dark Web is one of the most crawled, most index content sources in the world.

The Dark Web may feel like a lawless Wild West for law enforcement and intelligence communities. A cesspool where illegal drugs and weapons and activities roam freely. But, the challenge of monitoring the actions on this covert online forum is getting easier because there are fewer sites to crawl and index, about 4,000 depending on the day one takes a count. Of these fewer than 60 account for most activity of interest to government authorities.

We learned in a recent Deep Dot Web article, “Categorizing Content on the Dark Web Via a Novel Crawler.”

According to the story:

“This crawler is developed to specifically crawl hidden services on the Tor network. Results were assessed via two steps: First, an initial group of hidden services were manually grouped into different categories and used to train a special document classifier (Support Vector Machine), which represents a statistical categorization algorithm that utilizes machine learning for content classification purposes. Secondly, an automated classifier was utilized to complete categorization of the remainder of dark web pages.”

While crawling through the muck of the deep web is currently the provenance of military, law enforcement and intelligence communities, that is poised to change.

Are there enough customers to support incumbents like Recorded Future and Digital Shadows as well as the newcomers?

Patrick Roland, February 7, 2019

The Job Requirements Of A Dark Web Hunter

February 5, 2019

Batman is one of the best superheroes ever created. Batman’s gimmick is that he is a master of criminal activity, except he does not use his powers for evil, but for good. If Batman wanted to he could be the kingpin of crime, but he would rather save Gotham and innocent lives. Batman is a fictional superhero, but there are real world equivalents. One type of real world Batman are ethical hackers, i.e. IT experts who use their powers for good. What does it take to be an IT Batman, though? We picked up a Verizon job posting that lists the requirements for a: “Dark Web-OSINT Investigative Research Consultant.”

Verizon is a leading North American mobile phone and Internet provider and they have a team dedicated to tracking and preventing threats to their network, customers, and sensitive data. The job posting is for an opening on the Verizon Threat Response Advisory Center Intelligence Team, specifically for an expert in the surface, deep, and Dark Web. The Dark Web consultant will support Verizon’s Threat Intelligence Platform Service, the Rapid Response Retainer, and will provide threat intelligence for the company at large.

Moving further into the posting it reads like a “superhero want ad”:

“In order to proactively detect and identify such activity or investigate on-going attacks from foreign adversaries and cyber criminals, VTRAC requires a seasoned Surface, Deep, and Dark Web Investigative Research Consultant (Darkweb Hunter) that can conduct in-depth and investigative research, identification, and detection of adversarial attempts to degrade and disrupt their landscape, supply chains, physical infrastructure, personnel, and ecosystem.

In order to identify and detect such activity, VTRAC requires a seasoned Surface, Deep, and Dark Web Investigative Research Consultant who has in-depth physical and cyber tradecraft methodology and Tactics, Technics and Procedures (TTP) knowledge of foreign intelligence services, state-sponsors of terrorism, U.S. and international criminal organizations, and hacktivists.”

The job tasks include open source intelligence (OSINT) investigative research, intelligence that protects the company’s infrastructure, security intelligence, report analysis, and consultation. Interested personnel need at least a bachelor’s degree or four or more years of experience, OSINT experience, knowledgeable in cyber threats and deep and Dark Web. Applicants will rise to the top of the pile if they have a master’s degree, counterintelligence experience, are an ethical hacker, and are familiar with CISSP.

With all this knowledge, the Dark Web consultant could probably become Batman with the right technology, tools, and a giant robot to take over the physical tasks. As for the bottomless fortune part, maybe the Dark Web consultant could be a Robin Hood-steal the money from the bad guys and use it for good.

Whitney Grace, February 5, 2019

DarkCyber for February 5, 2019, Now Available

February 5, 2019

DarkCyber for February 5,2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/315073592. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Alleged money laundering via the popular Fortnite game; and an excerpt from Stephen E Arnold’s “Dark Web, Version 2” lecture at the University of Louisville.

The first story explains how bad actors launder money via the online game Fortnite. The game allows players to purchase “digital assets” by purchasing via a credit card. The credit card funds allow the player to acquire V Bucks. These V Bucks can be converted to weapons, information, or other in-game benefits. But the digital assets can be sold, often on chat groups, Facebook, or other social media. In the process, the person buying the digital assets with a stolen credit card, for example, converts the digital assets to Bitcoin or another digital currency. Many people are unaware that online games can be used in this manner. Law enforcement will have to level up their game in order to keep pace with bad actors.

The second story is an excerpt from Stephen E Arnold’s invited lecture. He spoke on January 25, 2019 to an audience of 50 engineering students and faculty on the subject of “Dark Web, Version 2.” In his remarks, he emphasized that significant opportunities for innovation exist. Investigators need to analyze in a more robust way data from traditional telephone intercepts and the Internet, particularly social media.

Arnold said, “The structured data from telephone intercepts must be examined along with the unstructured data acquired from a range of Internet sources. Discovering relationships among entities and events is a difficult task. Fresh thinking is in demand in government agencies and commercial enterprises.” In the video, Mr. Arnold expands on the specific opportunities for engineers, programmers, and analysts with strong mathematics skills.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, February 5, 2019

DarkCyber for January 29, 2019, Now Available

January 29, 2019

DarkCyber for January 29, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/313630318. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.

This week’s story line up includes: Microsoft Bing and a child pornography allegation; Endace introduces facial recognition and a tie up with Darktrace; A report about drones and correctional institutions; and CIA report about hazardous compounds.

The first story discusses allegations of child pornography and other inappropriate content in the Microsoft Bing index. DarkCyber’s experts report that problematic content can be found within any free Web search system. The reasons range from bad actors use of code words to innocuous pages which contain links to objectionable content labeled as popular services. Filtering is one approach, but a cat and mouse game requires that Web search providers have to continue to enhance their content review procedures. Chatter about artificial intelligence is often hand waving, politically correct speech, or marketing.

Second, Endace is one of the leaders in lawful intercept hardware and software. However, Endace continues to innovate. The firm has added facial recognition to its service offering. Darktrace, one of the more innovative cyber security vendors, has announced a relationship with Endace. Darktrace’s three D visualization and analytics may spark new products and services for Endace. Verint, another cyber security firm, has also added support for Endace’s lawful intercept systems.

The third story calls attention to a free report about bad actors’ use of drones to deliver contraband into prisons. Correctional institutions in the US are adding anti drone technology. Drones have been used to deliver mobile phones and other contraband to inmates. DarkCyber provides a link so that viewers can request a copy of the Dedrone report.

The final story is a follow up to an earlier report about the chemicals and compounds frequently used for home made explosive devices. A viewer want to know where additional information could be found. DarkCyber provides a link to a CIA document which reviews chemical, biological, radiological, and nuclear substances.

A new blog Dark Cyber Annex is now available at www.arnoldit.com/wordpress. Cyber crime, Dark Web, and company profiles are now appearing on a daily basis.

Kenny Toth, January 29, 2019

UK Finds Ways to Fight Dark Web

January 28, 2019

Battling the dark web and its many tentacles of crime is a game of cat and mouse. As soon as law enforcement agents catch on to a scheme, criminals can vanish. However, the tide feels like it is turning, as we discovered from an article found in Breaking News, “Dark Web Criminals Who Sold Fentanyl Around the World Jailed in UK.”

According to the story:

“Prosecutors said that over 2,800 packages were sent by the trio, and at least 635 grams of pure carfentanyl, which is described by some experts as being between 3,000 and 5,000 times stronger than heroin, was found at the premises following their arrests. A raid on the premises by officers following the defendants’ arrests in April 2017 is believed to be the largest single seizure of the two drugs in Europe.”

England’s sophistication with tracking down dark web crime is to be applauded. It is also, oddly, a necessity. Studies have shown that the UK is among the top countries that buy drugs through the dark web. For the tie being, it seems Scotland Yard and the like are keeping up with the bad guys. We can only hope this trend continues.

Patrick Roland, January 28, 2019

Cyber Saturday, January 26, 2019

January 26, 2019

Information about the world of government centric information makes headlines. Usually one or two stories a week make it into the trade journals or on the talking head TV shows.

This morning was an exception.

If you a follower of cloak-and-dagger, cat-and-mouse style adventures, you may be interested in these stories.

Kremlin Secrets Maybe?

DDoSecrets (an acronym for Distributed Denial of Secrets) points to gigabytes of Kremlin related data. You can find the links at this tweet for now. Once the data are taken down, you may have to do your own sleuthing. You will need to be wise in the ways of Tor, however.

Facebook and Message Encryption

Worried about your Facebook Messenger and Instagram posts being viewed by someone other than the recipient. Like WhatsApp, the company will be rolling out end to end encryption before the end of 2019. Will this move make government authorities gathering information for an investigation happy? Will more countries adopt Australia-style backdoor regulations? This is an important development. Is Facebook sufficiently organized to make this happen? Details appear in the New York Times’ story “Zuckerberg Plans to Integrate WhatsApp, Instagram and Facebook Messenger.” This is also a story which may be pay walled.

Journalists Targeted

Writing real news — whether behind a pay wall or not — may be risky. According to the Association Press, an outfit which frightens me when I even consider quoting a sentence — some of the people at Citizen Lab have been under pressure as a result of their reporting. The subject? NSO, an cyber security firm, and the Khashoggi matter. Navigate to this link.

Better Filtering

Some may call Google You Tube recommendations censorship. I am not sure what to call Google’s actions. The company is a bit of a waffler on most things except selling online advertisements and chastising me because I disabled Google Play on one of my Android test mobile phones. According to the Guardian, YouTube will back off suggesting conspiracy theory videos. What’s a conspiracy theory video? Good question which Google assumes it can answer.

From my point of view, Dark cyber has become mainstream. Interesting.

Stephen E Arnold, January 26, 2019

Aleph: Another Hidden Internet Indexing Service

January 23, 2019

Law enforcement and intelligence organizations have a new tool to navigate the Dark Web, the Mail & Guardian reports in, “French Start-Up Offers ‘Dark Web’ Compass, but Not for Everyone.” The start-up, called Aleph Networks, has developed a way to navigate the Dark Web, but they wish it to only be wielded for good. In fact, report writer Frederic Garlan, the company performs ethics reviews of potential clients and turns down 30-40  percent of the licensing requests it receives. We also learn:

“Over the past five years Aleph has indexed 1.4 billion links and 450 million documents across some 140,000 dark web sites. As of December its software had also found 3.9 million stolen credit card numbers. ‘Without a search engine, you can’t have a comprehensive view’ of all the hidden sites, Hernandez said. He and a childhood friend began their adventure by putting their hacking skills to work for free-speech advocates or anti-child abuse campaigners, while holding down day jobs as IT engineers. [Co-founder Celine] Haeri, at the time a teacher, asked for their help in merging blogs by her colleagues opposed to a government reform of the education system. The result became the basis of their mass data collection and indexing software, and the three created Aleph in 2012. They initially raised €200,000 ($228,000) but had several close calls with bankruptcy before finding a keen client in the French military’s weapon and technology procurement agency. ‘They asked us for a demonstration two days after the Charlie Hebdo attack,’ Hernandez said, referring to the 2015 massacre of 12 people at the satirical magazine’s Paris offices, later claimed by a branch of Al-Qaeda. ‘They were particularly receptive to our pitch which basically said, if you don’t know the territory — which is the case with the dark web — you can’t gain mastery of it,’ Haeri added.”

That is a good point. Garlan notes the DARPA’s Memex program, which is based on the same principle. As for Aleph, it is now working to incorporate AI into its platform. While the company’s clients so far have mostly been government agencies, it plans to bring in more private-sector clients as it continues to attract investors. Based in Pommiers, France, Aleph Networks was launched in 2012.

Cynthia Murrell, January 23, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta