DOCSLIB.ORG

Darknet Cybercrime Threats to Southeast Asia 2020 Copyright © 2020, United Nations Office on Drugs and Crime (UNODC)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Darknet Cybercrime Threats to Southeast Asia 2020 Copyright © 2020, United Nations Office on Drugs and Crime (UNODC) Darknet Cybercrime Threats to Southeast Asia 2020 Copyright © 2020, United Nations Office on Drugs and Crime (UNODC). This publication may be reproduced in whole or in part and in any form for educational or non-profit purposes without special permission from the copyright holder, provided acknowledgement of the source is made. UNODC would appreciate receiving a copy of any publication that uses this publication as a source. Disclaimer This report has not been formally edited. The contents of this publication do not necessarily reflect the views or policies of UNODC, Member States, or contributory organizations, and neither do they imply any endorsement. The designations employed and the presentation of the material in this publication do not imply the expression of any opinion whatsoever on the part of UNODC or the Secretariat of the United Nations concerning the legal status of any country, territory, city or area or of its authorities, or concerning the delimitation of its frontiers or boundaries. Darknet Cybercrime Threats to Southeast Asia Foreword The United Nations Office on Drugs and response. There is an absolute need for a Crime (UNODC) is proud to present this ministerial lead on cyber affairs, in each introductory analysis of darknet-enabled country, to ensure that law enforcers receive threats against Southeast Asian countries, necessary political support to undertake the which has been made possible through most challenging operations. strong partnerships with global and regional law enforcement and justice authorities, Many criminal activities conducted over together with private industry and academia. darknets are predictable and preventable. The report was produced thanks to kind UNODC and its partners work hard to voluntary funding from the Government of address these challenges by supporting and Japan. encouraging policy development, research, training and capacity building support in This report assesses the Darkweb from user, Southeast Asia. criminal and law enforcement perspectives with a particular focus on cybercriminality Awareness is fundamental for addressing targeted at Southeast Asian countries. cybercrime. Given, however, the challenges Darknets (i.e. networks on the Darkweb) posed by darknets, stakeholders must provide the ideal environment for a wide increase their commitment and cooperation range of criminal activities. Just as new to developing policy, sharing intelligence threats appear on the Clearnet (i.e. the regular and enhancing international cooperation to Internet), darknets can facilitate similar counter darknet crime nationally, regionally attacks that provide perpetrators with a and internationally. greater degree of anonymity. This anonymity makes investigation and prevention more This UNODC analysis will inform challenging, but still possible. policymakers in Southeast Asia, including through the annual Senior Officials Meeting There has been a consistent increase in on Transnational Crime (SOMTC), as well darknet and Darkweb usage, both for as supporting law enforcement and judicial legitimate and illegitimate reasons, whilst cooperation, and providing opportunities for the COVID-19 pandemic also appears to darknet-focused crime prevention. have given rise to darknet cybercrime, including by criminals with no previous cyber Jeremy Douglas experience. Despite this, there is an overall Regional Representative, paucity of darknet criminality data specific Southeast Asia and the Pacific to Southeast Asia. There is little prioritisation of darknet criminality in the region, either in Neil J. Walsh policy or practice. This creates risk from the Chief, Cybercrime and Anti-Money criminality itself, which is compounded by the Laundering Section limited political, policy and law enforcement i Darknet Cybercrime Threats to Southeast Asia ii Darknet Cybercrime Threats to Southeast Asia Contents Foreword i Acknowledgements iv Abbreviations v Executive summary 1 Key findings 3 Recommendations 4 Introduction 5 Aim 5 Methodology 5 Darknets and the Darkweb 7 The Darkweb and cybercrime 12 Darknets in Southeast Asia 14 Context 14 Success: a patchwork response? 15 Triaging the highest risk international offenders: live-streaming 16 Profit and loss 16 The impact of COVID-19 17 Darkweb structure and crime areas: a deeper dive 18 A. Illicit marketplaces 18 B. Cryptocurrencies 20 C. Illicit products and services 24 Conclusion 33 Appendices 34 A1: Darknet use in Southeast Asian countries 34 A2: Darkweb technical analysis 41 A3: Technical analysis results 41 Glossary 45 References 52 iii Darknet Cybercrime Threats to Southeast Asia Acknowledgements UNODC thanks the Governments of Southeast Asia – Brunei Darussalam, Cambodia, Indonesia, Lao People’s Democratic Republic, Malaysia, Myanmar, the Philippines, Singapore, Thailand and Vietnam for their support throughout the development of this report. Preparation of this report would not have been possible without their assistance. UNODC gratefully acknowledges the financial contribution of the Government of Japan which enabled this research. This study was conducted by the UNODC Global Program on Cybercrime through its regional component based in the Regional Office for Southeast Asia and the Pacific (ROSEAP). Supervision Jeremy Douglas, Regional Representative, Southeast Asia and the Pacific. Neil J. Walsh, Chief, Cybercrime and Anti-Money Laundering Section. Core team Alexandru Caciuloiu (coordination, analysis, review and drafting) Pawinee (Ann) Parnitudom (data collection) Mikko Niemelae, Joshua James (analysis and drafting) Juha Nurmi, (research and data) Praphaphorn Tamarpirat (administrative and logistical support) This report also benefited from the valuable input of many UNODC staff members and external experts and organizations who reviewed or contributed to various sections of the report, including, Live Brenna, Kamola Ibragimova and Himal Ojha. iv Darknet Cybercrime Threats to Southeast Asia Abbreviations APT Advanced Persistent Threat ASEAN Association of Southeast Asian Nations ATM Automated Teller Machine CaaS Crime/Cybercrime-as-a-Service CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart CSE Child Sexual Exploitation CSEM Child Sexual Exploitation Material DoS Denial of Service DDoS Distributed Denial of Service FATF Financial Action Task Force IP Internet Protocol IRC Internet Relay Chat MaaS Malware-as-a-Service NCMEC National Center for Missing & Exploited Children OCSE Online Child Sexual Exploitation PGP Pretty Good Privacy PoS Point of Sale RaaS Ransomware-as-a-Service SOMTC Senior Officials Meeting on Transnational Crime Tor The Onion Router UNODC United Nations Office on Drugs and Crime 12P Invisible Internet Project v Darknet Cybercrime Threats to Southeast Asia The Price of Crime on the Darkweb DDOS attack Ransomware from $50 Trojans from a day $490 Hacking Stolen credit website from card number $150 from $9 Password stealing Stolen payment malware from data from $150 $270 Targeted Hacking email attack from from $40 $490 Source: Positive Technologies https://www.ptsecurity.com/ww-en/analytics/darkweb-2018/ vi Darknet Cybercrime Threats to Southeast Asia Executive summary People from all Southeast Asian countries use which drives a wide range of cyberattacks and darknets, the most popular being The Onion cybercrime. It is this leaked data that often leads to Router, more commonly referred to as Tor. attacks such as specific victim targeting, phishing, Although it is possible to provide a rough estimate fake invoicing, credit card theft, impersonation and of the number of darknet users in a country, it is selling confidential documents. not feasible to precisely identify their reasons for using darknets. Salient motivating factors appear The number of marketplaces in the Tor network to be the protection of privacy and circumventing has increased from one in 2011 to 118 in 2019. online censorship in addition to those who commit There has also been a large increase in the number cybercrimes. Cybercriminal use of darknets and variety of products for sale. For example, and the Darkweb (i.e. all the hosted content on the number of unique products available on the darknets) varies. For some it is a springboard to popular Darkweb marketplace, Valhalla, increased launch cyberattacks, for others it is a place to from 5,000 in 2015 to 13,000 in 2018. access illicit products and services, whilst for others it is a place that provides legitimate privacy Products available include drugs (including and anonymity from corporations who are tracking cocaine, heroin, and opioids), firearms and and using their personal data. ammunition, hacking tools and services, and a wide variety of other products. Some marketplaces also There is little evidence that countering darknet- specialize in the trade of payment card information enabled cybercrime is a policy or operational priority and counterfeit documents. in the region. Consequently, there is an overall lack of consistent, quantitative, and qualitative data The UNODC World Drug Report 20191 estimates that upon which analyses can be drawn. This leads to people who purchased drugs over the Darkweb a self-perpetuating cycle of policy gaps which limit doubled from 4.7 per cent in January 2014 to 10.7 law enforcement threat-recognition, prioritization per cent in January 2019. The purchase of drugs and resource mobilization. Of greater concern, this over the Darkweb is still a recent phenomenon creates opportunities for criminal exploitation with with nearly half of those
Load more

Recommended publications
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • Copyrighted Material
    Anonymizing 1 Your Activities In our daily lives we like to have a certain level of privacy. We have curtains on our win- dows, doors for our offices, and even special screen protectors for computers to keep out prying eyes. This idea of wanting privacy also extends to the use of the Internet. We do not want people knowing what we typed in Google, what we said in our Instant Message conversations, or what websites we visited. Unfortunately, your private information is largely available if someone is watching. When doing any number of things on the Internet, there are plenty of reasons you might want to go incognito. However, that does not mean you’re doing anything wrong or illegal. he justification for anonymity when researching malware and bad guys is pretty Tstraightforward. You do not want information to show up in logs and other records that might tie back to you or your organization. For example, let’s say you work at a finan- cial firm and you recently detected that a banking trojan infected several of your systems. You collected malicious domain names, IP addresses, and other data related to the malware. The next steps you take in your research may lead you to websites owned by the criminals. As a result, if you are not taking precautions to stay anonymous, your IP address will show up in various logs and be visible to miscreants. If the criminals can identify you or the organization from which you conduct your research, they may COPYRIGHTEDchange tactics or go into hiding, MATERIAL thus spoiling your investigation.
    [Show full text]
  • Evmpatch: Timely and Automated Patching of Ethereum Smart Contracts
    EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts Michael Rodler Wenting Li Ghassan O. Karame University of Duisburg-Essen NEC Laboratories Europe NEC Laboratories Europe Lucas Davi University of Duisburg-Essen Abstract some of these contracts hold, smart contracts have become an appealing target for attacks. Programming errors in smart Recent attacks exploiting errors in smart contract code had contract code can have devastating consequences as an attacker devastating consequences thereby questioning the benefits of can exploit these bugs to steal cryptocurrency or tokens. this technology. It is currently highly challenging to fix er- rors and deploy a patched contract in time. Instant patching is Recently, the blockchain community has witnessed several especially important since smart contracts are always online incidents due smart contract errors [7, 39]. One especially due to the distributed nature of blockchain systems. They also infamous incident is the “TheDAO” reentrancy attack, which manage considerable amounts of assets, which are at risk and resulted in a loss of over 50 million US Dollars worth of often beyond recovery after an attack. Existing solutions to Ether [31]. This led to a highly debated hard-fork of the upgrade smart contracts depend on manual and error-prone pro- Ethereum blockchain. Several proposals demonstrated how to defend against reentrancy vulnerabilities either by means of cesses. This paper presents a framework, called EVMPATCH, to instantly and automatically patch faulty smart contracts. offline analysis at development time or by performing run-time validation [16, 23, 32, 42]. Another infamous incident is the EVMPATCH features a bytecode rewriting engine for the pop- ular Ethereum blockchain, and transparently/automatically parity wallet attack [39].
    [Show full text]
  • ARK​ ​​Whitepaper
    ARK Whitepaper ​ ​​ A Platform for Consumer Adoption ​ ​ ​ ​ ​ ​ ​ ​ v.1.0.3 The ARK Crew ARK Whitepaper v.1.0.3 ​ ​ ​ ​ ​ ​ ​ ​ Table Of Contents ​ ​ ​ ​ Overview………………………………………………………………...……………………………….……………….………………………………………………………….….3 ​ Purpose of this Whitepaper………………………………………………………………………………………………………………………..….……….3 ​ ​ ​ ​ ​ ​ ​ Why?…………………………………………………………………………………………………………………….…………………………………………………….…………..4 ​ ​ ARK…………………………………………………………………………………………………….……………….…………………………………………………………………..5 ​ ​ ARK IS………………………………………………………………………………………………....……………….………………………………………………………………..5 ​ ​ ​ ​ ARK: Technical Details……………………………………….…….…..…………………………...……………….………………...…………………………...6 ​ ​ ​ ​ ​ ​ - Delegated Proof of Stake…………………………….……………...………………………….……………………………………….………...…...6 ​ ​​ ​ ​ ​ ​ ​ ​ ​ - Hierarchical Deterministic (HD) Wallets ​ ​​ ​ ​ ​ ​ ​ ​ (BIP32)…………………………………………………….....…………………..…..8 ​ - Fees……………………………………………………………………………………………………………….……………….…...………………………………..……...8 ​ ​​ ​ - ARK Delegates and Delegate Voting.…………………………………………………………………………………...………………….9 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ - Bridged Blockchains (SmartBridges)....................………………………………………………………………….………...…….10 ​ ​​ ​ ​ ​ ​ ​ - POST ARK-TEC Token Distribution …………………..…………………………………….………………….………..……..…..……….11 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ - Testnet Release……………………………………………….…………………………………………………………………….………...….....12 ​ ​ ​ And Beyond?…………………………………………………………………….………...……………………………………….………………………...……….…12 ​ ​ ​ ​ Addendum 1: ARK IS…(Cont.)...……..……..…………....…..………...………………………………………...………………………......……12
    [Show full text]
  • An Evolving Threat the Deep Web
    8 An Evolving Threat The Deep Web Learning Objectives distribute 1. Explain the differences between the deep web and darknets.or 2. Understand how the darknets are accessed. 3. Discuss the hidden wiki and how it is useful to criminals. 4. Understand the anonymity offered by the deep web. 5. Discuss the legal issues associated withpost, use of the deep web and the darknets. The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online ‘dark’ marketplaces. Operation Onymous, coordinated by Europol’s Europeancopy, Cybercrime Centre (EC3), the FBI, the U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI) and Eurojust, resulted in 17 arrests of vendors andnot administrators running these online marketplaces and more than 410 hidden services being taken down. In addition, bitcoins worth approximately USD 1 million, EUR 180,000 Do in cash, drugs, gold and silver were seized. —Europol, 20141 143 Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 144 Cyberspace, Cybersecurity, and Cybercrime THINK ABOUT IT 8.1 Surface Web and Deep Web Google, Facebook, and any website you can What Would You Do? find via traditional search engines (Internet Explorer, Chrome, Firefox, etc.) are all located 1. The deep web offers users an anonym- on the surface web. It is likely that when you ity that the surface web cannot provide. use the Internet for research and/or social What would you do if you knew that purposes you are using the surface web.
    [Show full text]
  • Into the Reverie: Exploration of the Dream Market
    Into the Reverie: Exploration of the Dream Market Theo Carr1, Jun Zhuang2, Dwight Sablan3, Emma LaRue4, Yubao Wu5, Mohammad Al Hasan2, and George Mohler2 1Department of Mathematics, Northeastern University, Boston, MA 2Department of Computer & Information Science, Indiana University - Purdue University, Indianapolis, IN 3Department of Mathematics and Computer Science, University of Guam, Guam 4Department of Mathematics and Statistics, University of Arkansas at Little Rock, AK 5Department of Computer Science, Georgia State University, Atlanta, GA [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract—Since the emergence of the Silk Road market in Onymous" in 2014, a worldwide action taken by law enforce- the early 2010s, dark web ‘cryptomarkets’ have proliferated and ment and judicial agencies aimed to put a kibosh on these offered people an online platform to buy and sell illicit drugs, illicit behaviors [5]. Law enforcement interventions such as relying on cryptocurrencies such as Bitcoin for anonymous trans- actions. However, recent studies have highlighted the potential for Onymous, along with exit scams and hacks, have successfully de-anonymization of bitcoin transactions, bringing into question shut down numerous cryptomarkets, including AlphaBay, Silk the level of anonymity afforded by cryptomarkets. We examine a Road, Dream, and more recently, Wall Street [6]. Despite these set of over 100,000 product reviews from several cryptomarkets interruptions, new markets have continued to proliferate. The collected in 2018 and 2019 and conduct a comprehensive analysis authors of [7] note that there appears to be a consistent daily of the markets, including an examination of the distribution of drug sales and revenue among vendors, and a comparison demand of about $500,000 for illicit products on the dark web, of incidences of opioid sales to overdose deaths in a US city.
    [Show full text]
  • Automatic Retrieval of Updated Information Related to COVID-19 from Web Portals 1Prateek Raj, 2Chaman Kumar, 3Dr
    European Journal of Molecular & Clinical Medicine ISSN 2515-8260 Volume 07, Issue 3, 2020 Automatic Retrieval of Updated Information Related to COVID-19 from Web Portals 1Prateek Raj, 2Chaman Kumar, 3Dr. Mukesh Rawat 1,2,3 Department of Computer Science and Engineering, Meerut Institute of Engineering and Technology, Meerut 250005, U.P, India Abstract In the world of social media, we are subjected to a constant overload of information. Of all the information we get, not everything is correct. It is advisable to rely on only reliable sources. Even if we stick to only reliable sources, we are unable to understand or make head or tail of all the information we get. Data about the number of people infected, the number of active cases and the number of people dead vary from one source to another. People usually use up a lot of effort and time to navigate through different websites to get better and accurate results. However, it takes lots of time and still leaves people skeptical. This study is based on web- scraping & web-crawlingapproach to get better and accurate results from six COVID-19 data web sources.The scraping script is programmed with Python library & crawlers operate with HTML tags while application architecture is programmed using Cascading style sheet(CSS) &Hypertext markup language(HTML). The scraped data is stored in a PostgreSQL database on Heroku server and the processed data is provided on the dashboard. Keywords:Web-scraping, Web-crawling, HTML, Data collection. I. INTRODUCTION The internet is wildly loaded with data and contents that are informative as well as accessible to anyone around the globe in various shape, size and extension like video, audio, text and image and number etc.
    [Show full text]
  • Deconstructing Large-Scale Distributed Scraping Attacks
    September 2018 Radware Research Deconstructing Large-Scale Distributed Scraping Attacks A Stepwise Analysis of Real-time Sophisticated Attacks On E-commerce Businesses Deconstructing Large-Scale Distributed Scraping Attacks Table of Contents 02 Why Read This E-book 03 Key Findings 04 Real-world Case of A Large-Scale Scraping Attack On An E-tailer Snapshot Of The Scraping Attack Attack Overview Stages of Attack Stage 1: Fake Account Creation Stage 2: Scraping of Product Categories Stage 3: Price and Product Info. Scraping Topology of the Attack — How Three-stages Work in Unison 11 Recommendations: Action Plan for E-commerce Businesses to Combat Scraping 12 About Radware 02 Deconstructing Large-Scale Distributed Scraping Attacks Why Read This E-book Hypercompetitive online retail is a crucible of technical innovations to win today’s business wars. Tracking prices, deals, content and product listings of competitors is a well-known strategy, but the rapid pace at which the sophistication of such attacks is growing makes them difficult to keep up with. This e-book offers you an insider’s view of scrapers’ techniques and methodologies, with a few takeaways that will help you fortify your web security strategy. If you would like to learn more, email us at [email protected]. Business of Bots Companies like Amazon and Walmart have internal teams dedicated to scraping 03 Deconstructing Large-Scale Distributed Scraping Attacks Key Findings Scraping - A Tool Today, many online businesses either employ an in-house team or leverage the To Gain expertise of professional web scrapers to gain a competitive advantage over their competitors.
    [Show full text]
  • How to Use Encryption and Privacy Tools to Evade Corporate Espionage
    How to use Encryption and Privacy Tools to Evade Corporate Espionage An ICIT White Paper Institute for Critical Infrastructure Technology August 2015 NOTICE: The recommendations contained in this white paper are not intended as standards for federal agencies or the legislative community, nor as replacements for enterprise-wide security strategies, frameworks and technologies. This white paper is written primarily for individuals (i.e. lawyers, CEOs, investment bankers, etc.) who are high risk targets of corporate espionage attacks. The information contained within this briefing is to be used for legal purposes only. ICIT does not condone the application of these strategies for illegal activity. Before using any of these strategies the reader is advised to consult an encryption professional. ICIT shall not be liable for the outcomes of any of the applications used by the reader that are mentioned in this brief. This document is for information purposes only. It is imperative that the reader hires skilled professionals for their cybersecurity needs. The Institute is available to provide encryption and privacy training to protect your organization’s sensitive data. To learn more about this offering, contact information can be found on page 41 of this brief. Not long ago it was speculated that the leading world economic and political powers were engaged in a cyber arms race; that the world is witnessing a cyber resource buildup of Cold War proportions. The implied threat in that assessment is close, but it misses the mark by at least half. The threat is much greater than you can imagine. We have passed the escalation phase and have engaged directly into full confrontation in the cyberwar.
    [Show full text]
  • A Framework for Identifying Host-Based Artifacts in Dark Web Investigations
    Dakota State University Beadle Scholar Masters Theses & Doctoral Dissertations Fall 11-2020 A Framework for Identifying Host-based Artifacts in Dark Web Investigations Arica Kulm Dakota State University Follow this and additional works at: https://scholar.dsu.edu/theses Part of the Databases and Information Systems Commons, Information Security Commons, and the Systems Architecture Commons Recommended Citation Kulm, Arica, "A Framework for Identifying Host-based Artifacts in Dark Web Investigations" (2020). Masters Theses & Doctoral Dissertations. 357. https://scholar.dsu.edu/theses/357 This Dissertation is brought to you for free and open access by Beadle Scholar. It has been accepted for inclusion in Masters Theses & Doctoral Dissertations by an authorized administrator of Beadle Scholar. For more information, please contact [email protected]. A FRAMEWORK FOR IDENTIFYING HOST-BASED ARTIFACTS IN DARK WEB INVESTIGATIONS A dissertation submitted to Dakota State University in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Cyber Defense November 2020 By Arica Kulm Dissertation Committee: Dr. Ashley Podhradsky Dr. Kevin Streff Dr. Omar El-Gayar Cynthia Hetherington Trevor Jones ii DISSERTATION APPROVAL FORM This dissertation is approved as a credible and independent investigation by a candidate for the Doctor of Philosophy in Cyber Defense degree and is acceptable for meeting the dissertation requirements for this degree. Acceptance of this dissertation does not imply that the conclusions reached by the candidate are necessarily the conclusions of the major department or university. Student Name: Arica Kulm Dissertation Title: A Framework for Identifying Host-based Artifacts in Dark Web Investigations Dissertation Chair: Date: 11/12/20 Committee member: Date: 11/12/2020 Committee member: Date: Committee member: Date: Committee member: Date: iii ACKNOWLEDGMENT First, I would like to thank Dr.
    [Show full text]
  • Combining Bittorrent with Darknets for P2P Privacy
    Combining Bittorrent with Darknets for P2P privacy Öznur Altintas Niclas Axelsson Abstract Over the last few years, traditional downloading of programs and application from a website has been replaced by another medium - peer to peer file sharing networks and programs. Peer- to-peer sharing has grown to tremendous level with many networks having more then millions of users to share softwareʼs, music files, videos and programs etc. However, this rapid growth leaves privacy concerns in its awake. P2P applications disable clients to limit the sharing of documents to a specific set of users and maintain their anonymity. Using P2P applications like BitTorrent exposes clientsʼ information to the other people. OneSwarm is designed to overcome this privacy problem. OneSwarm is a new P2P data sharing system that provides users with explicit, configurable control over their data. In this report, we will discuss briefly Darknets and privacy terms, and mainly how OneSwarm solves privacy problem while providing good performance. Introduction For a better understanding of this report, we begin with the explanation of some terms such as Darknets and privacy and brief background information underlies the idea of OneSwarm. Darknet—a collection of networks and technologies used to share digital content. The darknet is not a separate physical network but an application and protocol layer riding on existing networks. Examples of Darknets are peer-to-peer file sharing, CD and DVD copying and key or password sharing on email and newsgroups. When used to describe a file sharing network, the term is often used as a synonym for "friend-to-friend", both describing networks where direct connections are only established between trusted friends.
    [Show full text]
  • Is the Mafia Taking Over Cybercrime?*
    Is the Mafia Taking Over Cybercrime?* Jonathan Lusthaus Director of the Human Cybercriminal Project Department of Sociology University of Oxford * This paper is adapted from Jonathan Lusthaus, Industry of Anonymity: Inside the Business of Cybercrime (Cambridge, Mass. & London: Harvard University Press, 2018). 1. Introduction Claims abound that the Mafia is not only getting involved in cybercrime, but taking a leading role in the enterprise. One can find such arguments regularly in media articles and on blogs, with a number of broad quotes on this subject, including that: the “Mafia, which has been using the internet as a communication vehicle for some time, is using it increasingly as a resource for carrying out mass identity theft and financial fraud”.1 Others prescribe a central role to the Russian mafia in particular: “The Russian Mafia are the most prolific cybercriminals in the world”.2 Discussions and interviews with members of the information security industry suggest such views are commonly held. But strong empirical evidence is rarely provided on these points. Unfortunately, the issue is not dealt with in a much better fashion by the academic literature with a distinct lack of data.3 In some sense, the view that mafias and organised crime groups (OCGs) play an important role in cybercrime has become a relatively mainstream position. But what evidence actually exists to support such claims? Drawing on a broader 7-year study into the organisation of cybercrime, this paper evaluates whether the Mafia is in fact taking over cybercrime, or whether the structure of the cybercriminal underground is something new. It brings serious empirical rigor to a question where such evidence is often lacking.
    [Show full text]