Other issues in this category (13)
Life in the shadows
Tuesday, August 1, 2017
Encryption ransomware, cryptocurrency, phishing, and the almighty Russian, Chinese, and North Korean hackers—it may seem like the Internet's dark side is enormous. There even exists an entire “shadow network”—the Darknet.
The Darknet is the common name for numerous Internet hosts that are accessed by users via anonymity-guaranteeing protocols. It’s believed the actual location of the hosts and sites on the network can't be determined, and, therefore, they can’t be blocked.
Because visitors (sellers and their customers) can remain anonymous, the Darknet is often used to sell forbidden goods such as drugs, weapons, etc. The Darknet is also home to criminal-managed sites used for information exchange, buying malware, or requesting certain needed services.
It may appear as if the Darknet is some kind of sinister and invincible monster lurking in the shadows.
Is it possible to estimate the Darknet's size?
To some extent, yes.
In early February 2017, Freedom Hosting II, whose services are popular on the Darknet, came under attack. As a result, 10,613 onion sites were compromised. On March 6, 2017, the OnionScan project, which studies the dark Web on an ongoing basis, released a report indicating that out of 30,000 previously known Tor services, only 4,400 remained active.
Does this mean that most of the dark web’s elusive sites are hosted by one provider? Because those involved in illegal trade want their sites to be easily accessible at all times and few providers turn a blind eye to the ever-growing number of shady sites, that’s quite possible. So they aren't that elusive after all.
Anonymous Darknet visitors prefer bitcoins to any other currency. The major buzz about the cryptocurrency's exciting prospects and how it is going to conquer the world has been around for quite some time. But how reliable is its infrastructure?
Despite the fact they’ve been widely publicised, cryptocurrencies essentially remain private projects. This means that although the bitcoin network encompasses thousands of nodes, a small number of ISPs connect them. For example, 13 providers account for 30% of the nodes, while another 39 maintain availability for 50% of Bitcoin’s computing power. A small number of ISPs are responsible for the lion's share of the traffic facilitating communication between Bitcoin nodes. And only three providers process 60% (two-thirds) of Bitcoin’s network traffic.
According to researchers, as many as 100 Bitcoin nodes have fallen victim to BGP hijacking each month. November 2015 witnessed the largest number of such incidents. Back then 8% of Bitcoin nodes (447) were compromised.
So to control the Darknet, one only needs to control a single provider, and three providers need to be compromised to bring down the Bitcoin network. That's not that hard! In fact, full control over the Darknet can't be established only because the police have to operate within the law. But, while the police are subject to public scrutiny, secret services aren't…
How do they catch attackers?
Let's see what the police can do.
Powerful computers are no substitute for good old-fashioned police investigationsWhenever investigators discover drug-related activities in the real world, they instantly try to find out what's going on online. Surveillance and secret operations enable them to determine where the real and virtual worlds meet. For example, Ross Ulbricht was arrested in 2013 after he accessed the Internet over a public Wi-Fi hotspot at the exact same moment a Silk Road website operator appeared online.
Gathering data on ordinary sitesDrug dealers only use their secret sites as online stores, but they search for clients on publically available sites. And this makes dealers more vulnerable. The law obligates site owners to divulge any information the police require. For example, five Reddit forum visitors who discussed purchasing illegal goods at r/darkmarkets were arrested after Reddit’s administration provided law enforcement agencies with their contact information.
Intercepting packages sent by postLaw enforcement agencies work with shipping companies and post offices so that they can examine suspicious packages. The police can also use the number of a suspicious shipment to determine its recipient.
Big data and self-learning machinesBig data is used by the police to establish connections that can't be discovered by any other means. Analysis routines factor in IP addresses and information that is available online. And these algorithms are constantly being perfected. It is a complex system that is very expensive to maintain, but the expense is worth it.
Monitoring money flowsAlthough cryptocurrency users can maintain a high degree of anonymity, they can be exposed whenever they buy or sell bitcoins. Police can demand that a bitcoin stock exchange reveal transaction information. Law enforcers also collaborate with banks to achieve a similar goal.
Although cryptocurrency users can maintain a high degree of anonymity, they can be exposed whenever they buy or sell bitcoins. Police can demand that a bitcoin stock exchange reveal transaction information. Law enforcers also collaborate with banks to achieve a similar goal.
Here's a relatively fresh case:
A cyber gang member was quite content with his job. He managed to remain anonymous using Linux, the Pretty Good Privacy (PGP) encryption program, bitcoins, etc. —he learnt all that stuff from his colleagues. He managed to earn as many as 100 bitcoins—quite a decent amount at the current exchange rate. He was in no rush to turn them into cash. That required interacting with banks, online payment services, etc. So he was just saving up. But eventually he decided to buy an iPhone for his girlfriend as a birthday gift. Better to pay with bitcoins, he thought—anonymity first. He found a Chinese entrepreneur who would sell him an authentic iPhone for bitcoins. He placed his order, paid for it, and sat to wait. Then a notification arrived from the post office so that his darling girlfriend could finally go and get the long-awaited parcel.
Elated with joy, she rushed to the post office, and two hours later a SWAT team busted our Romeo and took away him and all of his gear. And a couple of days later, they would also visit his shady business partners.
The Anti-virus Times recommends
Winding up as a cybercrime victim is easy: just trust all the strangers you meet and tell them whatever they want to learn. Maintaining security is more difficult. The modern Web is a two-faced Janus. It enables human rights activists to communicate about noble causes, but also gives criminals cover. Criminals aren’t likely to be exposed on the Web any time soon, so we remain responsible for our own security.