While we were being distracted by the Yahoo half-billion-user data breach, within the last few days, Krebs On Security, a blog which I often reference here was slammed with a distributed denial-of-service (DDoS) attack of gargantuan proportions, literally silencing the blog. This was after the venerable Brian Krebs published papers on the vDOS owners. vDOS is an attack-for-hire service hosted in Israel.
Hey, what a surprise, after Krebs, a well-known security blogger (and researcher) made the people behind the attack-for-hire service also well-known, he was himself targeted by the world's largest DDoS attack! These are rich teenagers - they earned more than $600,000 (well, in Bitcoin!) in two years. Apparently their service is in great demand.
How do we know this? Oh it figures - vDOS got hacked and their client base was fully extracted and published (this is known as being "doxed", a term which I sometimes use). And Krebs obtained the information in July. This, and the fact that the FBI took notice, is why those cyber-criminal-teenagers Itay Huri and Yarden Bidani (known as AppleJ4ck) were arrested in Israel.
It's possible that these teenagers, after being arrested in Israel, were simply drafted into the Israeli Defense Forces (IDF), because they are both 18 years old (my speculation). Now they can't use the internet for 30 days.
Wow! I was sure it was just going to be a slap on the hand for these two.
Seriously, I hope they can be extradited to the US for prosecution.
The curious thing is that the documents Krebs found indicated that vDOS was literally responsible for the majority of the DDoS attacks on the web, and that the number of packets and data sent might indeed have been Internet-crippling. Apparently DDoS attackers are now taking over personal home routers and using them to accomplish their attacks, which can result on a MUCH larger number of packets being sent because literally anybody can be sending them.
When a security blog gets hit and you are temporarily in the dark about a current threat, you will need to refer to some other security blogs. Here is a decent list.
If you get hacked, you can find out if your data was included in a recent massive breach at haveibeenpwned.com.
If you have more serious concerns, there is a company, terbiumlabs.com, that can persistently search the dark web for your personal info. The info you enter is encrypted on the client side (open your computer) so even they don't know what you are searching for. This is particularly useful for corporate customers, when they're breached, and also for companies monitoring their information security (infoSec).
Showing posts with label dark web. Show all posts
Showing posts with label dark web. Show all posts
Sunday, September 25, 2016
Sunday, July 24, 2016
State Actors Up The Ante?
One of the fastest changing landscapes on the planet isn't even a tangible one. It's more of a concept: security. Before we go on, for dear readers confused by modern hacker security terms, check out Kaspersky.
I'm a proponent of good encryption. The reason is simple: everybody needs security. You need to keep your banking passwords secure. You don't want malicious actors (trolls) taking over your Facebook account and somehow ruining your life.
You especially don't want anyone to rootkit your computers! Once that's done, they can steal your identity, install malware for collecting passwords and account names, and so forth. Now go to the next level: your computer might then be used as part of a DDoS attack against Homeland Security. Your computer could wind up as the storage location for the malicious actors' illegal data ... without your knowledge. You become their fall guy.
Yes, there are plenty of good reasons for all of us to keep our passwords safe and distinct.
But encryption is not all black and white, is it? And that's the rub. Enter the relativistic observer, to tell you some of the latest. Things are changing too fast to blink, after all.
It's long been known that people outside the law use the Dark Web to organize, proliferate, distribute, and communicate. And the Dark Web is run using the Tor network. Tor, short for The Onion Router, is a volunteer network of servers running special protocols that relay your browsing history and other data through virtual tunnels.
To be fair, the Tor project has lofty goals. And gets used by "family & friends, businesses, activists, media, and military & Law Enforcement", according to their web site. The US Navy uses Tor for open source intelligence gathering, for instance. The EFF suggests using Tor for maintaining secure correspondence and keeping our civil liberties intact.
For people operating outside the law, the Tor network also maintains their OpSec. The Dark Net is called this because the communication within it has "gone dark". Surveillance doesn't work there.
The Tor network and the Dark Web must be a real pain to law enforcement. Given enough desperation, it might be something they would seek to infiltrate.
So what law enforcement would do is this: create their own honeypot counterfeit Tor server (or relay). But put in their own undetectable flavor of malware. Then they can watch the criminal's Dark Net traffic. And watch the crime happening. Collect the privileged conversations.
These really exist, as doctored Tor relays. There are over 100 malicious relays that have been detected. And who could they be? My guess is state actors like the US, China and Russia. If not them, then who? The criminals themselves? This is a game of spy vs. spy, updated for the 21st century. Could the FBI be doing this? Their arrest of child pornography criminals in January 2016 was supposedly accomplished by cracking Tor.
There is a question as to how invasive such investigations should be allowed to be. I'm not saying that the FBI shouldn't go after child pornographers; they totally should. I just think that *everybody* is too broad a target for law enforcement. Privacy is a basic human right.
I'm a proponent of good encryption. The reason is simple: everybody needs security. You need to keep your banking passwords secure. You don't want malicious actors (trolls) taking over your Facebook account and somehow ruining your life.
You especially don't want anyone to rootkit your computers! Once that's done, they can steal your identity, install malware for collecting passwords and account names, and so forth. Now go to the next level: your computer might then be used as part of a DDoS attack against Homeland Security. Your computer could wind up as the storage location for the malicious actors' illegal data ... without your knowledge. You become their fall guy.
Yes, there are plenty of good reasons for all of us to keep our passwords safe and distinct.
But encryption is not all black and white, is it? And that's the rub. Enter the relativistic observer, to tell you some of the latest. Things are changing too fast to blink, after all.
It's long been known that people outside the law use the Dark Web to organize, proliferate, distribute, and communicate. And the Dark Web is run using the Tor network. Tor, short for The Onion Router, is a volunteer network of servers running special protocols that relay your browsing history and other data through virtual tunnels.
To be fair, the Tor project has lofty goals. And gets used by "family & friends, businesses, activists, media, and military & Law Enforcement", according to their web site. The US Navy uses Tor for open source intelligence gathering, for instance. The EFF suggests using Tor for maintaining secure correspondence and keeping our civil liberties intact.
For people operating outside the law, the Tor network also maintains their OpSec. The Dark Net is called this because the communication within it has "gone dark". Surveillance doesn't work there.
The Tor network and the Dark Web must be a real pain to law enforcement. Given enough desperation, it might be something they would seek to infiltrate.
So what law enforcement would do is this: create their own honeypot counterfeit Tor server (or relay). But put in their own undetectable flavor of malware. Then they can watch the criminal's Dark Net traffic. And watch the crime happening. Collect the privileged conversations.
These really exist, as doctored Tor relays. There are over 100 malicious relays that have been detected. And who could they be? My guess is state actors like the US, China and Russia. If not them, then who? The criminals themselves? This is a game of spy vs. spy, updated for the 21st century. Could the FBI be doing this? Their arrest of child pornography criminals in January 2016 was supposedly accomplished by cracking Tor.
There is a question as to how invasive such investigations should be allowed to be. I'm not saying that the FBI shouldn't go after child pornographers; they totally should. I just think that *everybody* is too broad a target for law enforcement. Privacy is a basic human right.
Subscribe to:
Posts (Atom)