DOCSLIB.ORG

The Dark Web

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Dark Web Jason McNew – Founder • 20+ years in the tech sector and IT • Air Force Veteran • 12 years at the White House Communications Agency • 10 years at Camp David • Held “Yankee White” security clearance • CISSP (Certified Information Systems Security Professional) • Master of Professional Studies (MPS) from Penn State – Information Sciences, Cyber Security & Information Assurance © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What is Cyber Security? Cyber security is the body of technologies, processes and practices designed to protect computers, handheld and other Internet connected devices, networks, programs and data from attack, damage, or unauthorized access. © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What is Cyber Security? Cyber security is about managing risk. For most businesses, security is a cost center, so security only makes sense to the extent that it reduces business risk or saves money. © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What is the “Dark Web”? • Underlying concept & core technology developed by U.S. NRL (Naval Research Lab) in 1990’s • Was intended as a way to provide anonymity on the Internet for journalists, human rights activists, etc. who live or operate under censorship • Product of that time period – USSR still existed. Internet version of RFE • Most popular dark network is known as “TOR” (The Onion Router) • TOR is maintained by The Tor Project, Inc – Mass. Based 501c3 © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What is the “Dark Web”? • TOR code is open source • TOR is not the only anonymizing network in existence • I2P, Freenet, GNUNet, Lantern • This cat is not going back in the bag © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved https://www.torproject.org/about/overview.html.en © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved https://www.torproject.org/about/overview.html.en © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved https://www.torproject.org/about/overview.html.en © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What does all this mean to me? • Information is commoditized, and then bought and sold on the Dark Web • Identities -- PII • Login accounts, usernames & passwords © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What does all this mean to me? http://securityaffairs.co/wordpress/66650/data-breach/1-4-billion-data-leak.html © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved What does all this mean to me? http://securityaffairs.co/wordpress/66650/data-breach/1-4-billion-data-leak.html © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved Value Of A Hacked PC https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/ © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved Value of stolen data © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved Value of stolen data © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved Value of stolen data © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved Value of stolen data “Among tens of thousands of records in the Grams data, we were able to identify more than 600 listings for individual identities— some including credit card information, others without. The listings ranged in price from less than $1 to about $450, converted from bitcoin. The median price for someone’s identity was $21.35.” © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved https://krebsonsecurity.com/2017/12/the-market-for-stolen-account-credentials/ © Copyright 2018, Stronghold Cyber Security, LLC. All rights reserved What do we do? • “Defense in Depth” – cyber security best practices. Create an SSP (System Security Plan) based off NIST CSF (Cybersecurity Framework) or relevant parts of NIST 800 • DO NOT repurpose login information across Internet resources • Use passphrases, and change them regularly • Better yet, use 2FA/MFA © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved “Classify” your passwords by their importance, and your own tolerance for risk https://www.strongholdcybersecurity.com/2017/11/13/the- password-pandemic/ © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved Use long, weird, easy to remember and easy to type passphrases instead of passwords https://www.strongholdcybersecurity.com/2017/12/05/create- awesome-passphrases/ © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved Scan Results for Attendees We found credentials for 10 of the companies in attendance here today on the Dark Web. Please see me after the presentation and I will provide those results to you. © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved Questions? © Copyright 2019, Stronghold Cyber Security, LLC. All rights reserved.
Load more

Recommended publications
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • A Privacy Threat for Internet Users in Internet-Censoring Countries
    A Privacy Threat for Internet Users in Internet-censoring Countries Feno Heriniaina R. College of Computer Science, Chongqing University, Chongqing, China Keywords: Censorship, Human Computer Interaction, Privacy, Virtual Private Networks. Abstract: Online surveillance has been increasingly used by different governments to control the spread of information on the Internet. The magnitude of this activity differs widely and is based primarily on the areas that are deemed, by the state, to be critical. Aside from the use of keywords and the complete domain name filtering technologies, Internet censorship can sometimes even use the total blocking of IP addresses to censor content. Despite the advances, in terms of technology used for Internet censorship, there are also different types of circumvention tools that are available to the general public. In this paper, we report the results of our investigation on how migrants who previously had access to the open Internet behave toward Internet censorship when subjected to it. Four hundred and thirty-two (432) international students took part in the study that lasted two years. We identified the most common circumvention tools that are utilized by the foreign students in China. We investigated the usability of these tools and monitored the way in which they are used. We identified a behaviour-based privacy threat that puts the users of circumvention tools at risk while they live in an Internet-censoring country. We also recommend the use of a user-oriented filtering method, which should be considered as part of the censoring system, as it enhances the performance of the screening process and recognizes the real needs of its users.
    [Show full text]
  • Blocking-Resistant Communication Through Domain Fronting
    Proceedings on Privacy Enhancing Technologies 2015; 2015 (2):46–64 David Fifield*, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson Blocking-resistant communication through domain fronting Abstract: We describe “domain fronting,” a versatile 1 Introduction censorship circumvention technique that hides the re- mote endpoint of a communication. Domain fronting Censorship is a daily reality for many Internet users. works at the application layer, using HTTPS, to com- Workplaces, schools, and governments use technical and municate with a forbidden host while appearing to com- social means to prevent access to information by the net- municate with some other host, permitted by the cen- work users under their control. In response, those users sor. The key idea is the use of different domain names at employ technical and social means to gain access to the different layers of communication. One domain appears forbidden information. We have seen an ongoing conflict on the “outside” of an HTTPS request—in the DNS re- between censor and censored, with advances on both quest and TLS Server Name Indication—while another sides, more subtle evasion countered by more powerful domain appears on the “inside”—in the HTTP Host detection. header, invisible to the censor under HTTPS encryp- Circumventors, at a natural disadvantage because tion. A censor, unable to distinguish fronted and non- the censor controls the network, have a point working fronted traffic to a domain, must choose between allow- in their favor: the censor’s distaste for “collateral dam- ing circumvention traffic and blocking the domain en- age,” incidental overblocking committed in the course of tirely, which results in expensive collateral damage.
    [Show full text]
  • The Impact of Media Censorship: Evidence from a Field Experiment in China
    The Impact of Media Censorship: Evidence from a Field Experiment in China Yuyu Chen David Y. Yang* January 4, 2018 — JOB MARKET PAPER — — CLICK HERE FOR LATEST VERSION — Abstract Media censorship is a hallmark of authoritarian regimes. We conduct a field experiment in China to measure the effects of providing citizens with access to an uncensored Internet. We track subjects’ me- dia consumption, beliefs regarding the media, economic beliefs, political attitudes, and behaviors over 18 months. We find four main results: (i) free access alone does not induce subjects to acquire politically sen- sitive information; (ii) temporary encouragement leads to a persistent increase in acquisition, indicating that demand is not permanently low; (iii) acquisition brings broad, substantial, and persistent changes to knowledge, beliefs, attitudes, and intended behaviors; and (iv) social transmission of information is statis- tically significant but small in magnitude. We calibrate a simple model to show that the combination of low demand for uncensored information and the moderate social transmission means China’s censorship apparatus may remain robust to a large number of citizens receiving access to an uncensored Internet. Keywords: censorship, information, media, belief JEL classification: D80, D83, L86, P26 *Chen: Guanghua School of Management, Peking University. Email: [email protected]. Yang: Department of Economics, Stanford University. Email: [email protected]. Yang is deeply grateful to Ran Abramitzky, Matthew Gentzkow, and Muriel Niederle
    [Show full text]
  • Download and Install a New Trusted Root Certificate in Order to Connect to ~250 Foreign Web Sites
    The Information Safety & Capacity (ISC) Project FINAL REPORT 2011-2020 Submitted to: USAID/DCHA Submitted by: Counterpart International DISCLAIMER: This publication was produced by Counterpart International for review by the United States Agency for International Development under Cooperative Agreement AID-OAA-LA-11-00008 and Leader Cooperative Agreement Number: FD-A-00-09-00141-00. The authors’ views expressed in this publication do not necessarily reflect the views of the United States Agency for International Development or the United States Government. 2 The ISC Project Final Report Table of Contents 04 Executive Summary 20 Locally Created Resources and Tools 04 Introduction 20 Technology Development 05 Achievements & Milestones 22 Investment in Technology 06 Investing in Trust 22 Technology Support Grants: 2013 06 Initial Threats and Fixes 24 Technology Support Grants: 2016 06 State Actors and Suppression 24 Technology Support Grants: 2018 07 Looking Ahead 24 Technology Support Grants: 2019 08 Part One: ISC Project Vision and Strategy 25 Technology Support Grants: 2020 08 The Importance of Cybersecurity in Civil Society 26 Cyber Policy Support 09 Global Threats and Trends: Old and New 26 Internet Freedom Landscape 09 Cybersecurity Threats in the Beginning 27 Design Principles for Internet Freedom Support 10 Evolution of Threats Through Technological 28 Internet Governance and Internet Freedom: 2017- Innovation 2019 Awardees 11 The ISC Project’s Network of Digital Security 30 Internet Freedom Policy Advocacy: 2020 Specialists Awardees
    [Show full text]
  • Internet Censorship in Thailand: User Practices and Potential Threats
    Internet Censorship in Thailand: User Practices and Potential Threats Genevieve Gebhart∗†1, Anonymous Author 2, Tadayoshi Kohno† ∗Electronic Frontier Foundation †University of Washington [email protected] [email protected] 1 Abstract—The “cat-and-mouse” game of Internet censorship security community has proposed novel circumvention and circumvention cannot be won by capable technology methods in response [10, 25, 38]. alone. Instead, that technology must be available, The goal of circumventing censorship and attaining freer comprehensible, and trustworthy to users. However, the field access to information, however, relies on those largely focuses only on censors and the technical means to circumvent them. Thailand, with its superlatives in Internet circumvention methods being available, comprehensible, use and government information controls, offers a rich case and trustworthy to users. Only by meeting users’ needs can study for exploring users’ assessments of and interactions with circumvention tools realize their full technical capabilities. censorship. We survey 229 and interview 13 Internet users in With this goal in mind, the field lacks sufficient inquiry Thailand, and report on their current practices, experienced into the range of user perceptions of and interactions with and perceived threats, and unresolved problems regarding censorship. How do users assess censored content? What is censorship and digital security. Our findings indicate that the range of their reactions when they encounter existing circumvention tools were adequate for respondents to censorship? How does censorship affect the way they not access blocked information; that respondents relied to some only access but also produce information? extent on risky tool selection and inaccurate assessment of blocked content; and that attempts to take action with In addition to guiding more thorough anti-circumvention sensitive content on social media led to the most concrete strategies, these questions about users and censorship can threats with the least available technical defenses.
    [Show full text]
  • Evidence of Social Media Blocking and Internet Censorship in Ethiopia
    ETHIOPIA OFFLINE EVIDENCE OF SOCIAL MEDIA BLOCKING AND INTERNET CENSORSHIP IN ETHIOPIA Amnesty International is a global ABOUT OONI movement of more than 7 million The Open Observatory of Network Interference people who campaign for a (OONI) is a free software project under the Tor world where human rights are enjoyed Project that aims to increase transparency of internet censorship around the world. We aim to by all. empower groups and individuals around the world with data that can serve as evidence of internet Our vision is for every person to enjoy censorship events. all the rights enshrined in the Since late 2012, our users and partners around the Universal Declaration of Human world have contributed to the collection of millions of network measurements, shedding light on Rights and other international human multiple instances of censorship, surveillance, and rights standards. traffic manipulation on the internet. We are independent of any government, political We are independent of any ideology, economic interest or religion. government, political ideology, economic interest or religion and are funded mainly by our membership and public donations. © Amnesty International 2016 Except where otherwise noted, content in this document is licensed under a Creative Commons Cover photo: Youth in Addis trying to get Wi-Fi Connection. (attribution, non-commercial, no derivatives, international 4.0) licence. ©Addis Fortune https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode For more information please visit the permissions page on our website: www.amnesty.org Where material is attributed to a copyright owner other than Amnesty International this material is not subject to the Creative Commons licence.
    [Show full text]
  • Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications
    Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications Mingkui Wei Cybersecurity Engineering George Mason University, Fairfax, VA, 22030 Abstract according to the Host header but have the TLS connection still appear to belong to the allowed domain. The blocking- We debut domain shadowing, a novel censorship evasion resistance of domain fronting derives from the significant technique leveraging content delivery networks (CDNs). Do- “collateral damage”, i.e., to disable domain fronting, the censor main shadowing exploits the fact that CDNs allow their cus- needs to block users from accessing the entire CDN, resulting tomers to claim arbitrary domains as the back-end. By set- in all domains on the CDN inaccessible. Because today’s ting the front-end of a CDN service as an allowed domain Internet relies heavily on web caches and many high-profile and the back-end a blocked one, a censored user can access websites also use CDNs to distribute their content, completely resources of the blocked domain with all “indicators”, includ- blocking access to a particular CDN may not be a feasible ing the connecting URL, the SNI of the TLS connection, and option for the censor. Because of its strong blocking-resistant the Host header of the HTTP(S) request, appear to belong power, domain fronting has been adopted by many censorship to the allowed domain. Furthermore, we demonstrate that evasion systems since it has been proposed [24, 28, 34, 36]. domain shadowing can be proliferated by domain fronting, In the last two years, however, many CDNs began to disable a censorship evasion technique popularly used a few years domain fronting by enforcing the match between the SNI and ago, making it even more difficult to block.
    [Show full text]
  • Jonathan Zittrain's “The Future of the Internet: and How to Stop
    The Future of the Internet and How to Stop It The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Jonathan L. Zittrain, The Future of the Internet -- And How to Stop It (Yale University Press & Penguin UK 2008). Published Version http://futureoftheinternet.org/ Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:4455262 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA YD8852.i-x 1/20/09 1:59 PM Page i The Future of the Internet— And How to Stop It YD8852.i-x 1/20/09 1:59 PM Page ii YD8852.i-x 1/20/09 1:59 PM Page iii The Future of the Internet And How to Stop It Jonathan Zittrain With a New Foreword by Lawrence Lessig and a New Preface by the Author Yale University Press New Haven & London YD8852.i-x 1/20/09 1:59 PM Page iv A Caravan book. For more information, visit www.caravanbooks.org. The cover was designed by Ivo van der Ent, based on his winning entry of an open competition at www.worth1000.com. Copyright © 2008 by Jonathan Zittrain. All rights reserved. Preface to the Paperback Edition copyright © Jonathan Zittrain 2008. Subject to the exception immediately following, this book may not be reproduced, in whole or in part, including illustrations, in any form (beyond that copying permitted by Sections 107 and 108 of the U.S.
    [Show full text]
  • Download Free Filter Shekan for Windows 7
    Download free filter shekan for windows 7 Downloaded by over million people worldwide! Works on the PC and the Mac, including new operating systems (Windows 7 and Snow Leopard). OS: Windows XP/ Vista/ Windows 7/ Windows 8/ Windows 10 Hotspot Shield is available both as a free VPN and a paid Hotspot Shield Elite. Hotspot Shield is a free program that allows you to secure your connection I dnt know whether the problem is my Pc coz I am using windows 7 but this is not. Psiphon latest version: Free Access for All Internet Users. Using the programme could lead to legal issues. Free Download Safe download. 7 Windows 7. download filter shekan for windows 7, Windows Live Messenger , Windows 8 Transformation Pack , Mp3 Filter Download filter shekan sayfon social advice Users interested in Opera mini pc Windows 7 - Free Download Windows 7 opera mini pc. download psiphon Give Internet access to those who are barred from It.. Psiphon is an open source tool designed to circumvent censorship suffered by. Protect your children against harmful Web sites with this extremely powerful parental-filter application. Optenet Web Filter PC, now Vista compatible, places an. You can run Lantern on Windows XP • Windows Vista • Windows 7 • Win that you can find on , including Lantern, are either free. Get reliable VPN software for Windows at Hotspot Shield. Download it risk-free today and use public Wi-Fi while keeping your sensitive information secure. Download Filter Shekan For Windows 7 - best software for Windows. Filter Shekan Turbo. Filter Shekan Vpn For Iran, free filter shekan vpn for iran software downloads.
    [Show full text]
  • ENGLISH Internet Shutdowns
    Internet Shutdowns and Blockages دری Dari https://docs.google.com/document/d/1KZhHh38m0g1M6pb0cx5bveHqasTCXh_ueCnh2hs86kA/ edit?usp=sharing All of this only helps if you download these tools before censorship or network shutdowns happen. Your use of these tools can often be detected by your Internet provider, and show up as installed apps visible to anyone looking at your unlocked phone. Dedicated anti-censorship tools: ● Psiphon is a free and open source censorship circumvention VPN that uses a variety of techniques to bypass Internet censorship ○ https://www.psiphon3.com/en/download.html (iOS, Android, Windows) ○ Download via email: Send an email to [email protected] to receive mirror download links of Psiphon in multiple languages. ● Lantern is a free and open source censorship circumvention VPN that uses a variety of techniques to bypass Internet censorship. ○ https://getlantern.org/en_US/index.html (Windows, MacOSX, Linux, iOS, Android) ● Tor Browser is the de-facto anonymity web browser that uses the Tor network for improved anonymity and provides censorship circumvention. ○ https://www.torproject.org/download/ (Windows, MacOSX, Linux, Android); ○ Download via email: Send a request to GetTor ([email protected]) specifying your operating system (and your locale). Ex: "windows fa" ○ OnionBrowser (iOS) https://onionbrowser.com https://apps.apple.com/us/app/onion-browser/id519296448 VPNs with good anti-censorship track records: ● TunnelBear - https://www.tunnelbear.com/download - (Windows, MacOSX, Linux, iOS, Android) ○ NOTE: Tunnelbear
    [Show full text]
  • Practical Countermeasures Against Network Censorship
    Practical Countermeasures against Network Censorship by Sergey Frolov B.S.I.T., Lobachevsky State University, 2015 M.S.C.S., University of Colorado, 2017 A thesis submitted to the Faculty of the Graduate School of the University of Colorado in partial fulfillment of the requirements for the degree of Doctor of Philosophy Department of Computer Science 2020 Committee Members: Eric Wustrow, Chair Prof. Sangtae Ha Prof. Nolen Scaife Prof. John Black Prof. Eric Keller Dr. David Fifield ii Frolov, Sergey (Ph.D., Computer Science) Practical Countermeasures against Network Censorship Thesis directed by Prof. Eric Wustrow Governments around the world threaten free communication on the Internet by building increasingly complex systems to carry out Network Censorship. Network Censorship undermines citizens’ ability to access websites and services of their preference, damages freedom of the press and self-expression, and threatens public safety, motivating the development of censorship circumvention tools. Inevitably, censors respond by detecting and blocking those tools, using a wide range of techniques including Enumeration Attacks, Deep Packet Inspection, Traffic Fingerprinting, and Active Probing. In this dissertation, I study some of the most common attacks, actually adopted by censors in practice, and propose novel attacks to assist in the development of defenses against them. I describe practical countermeasures against those attacks, which often rely on empiric measurements of real-world data to maximize their efficiency. This dissertation also reports how this work has been successfully deployed to several popular censorship circumvention tools to help censored Internet users break free of the repressive information control. iii Acknowledgements I am thankful to many engineers and researchers from various organizations I had a pleasure to work with, including Google, Tor Project, Psiphon, Lantern, and several universities.
    [Show full text]