DOCSLIB.ORG

Bromium Into the Web of Profit

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Bromium Into the Web of Profit Into The Web of Profit An in-depth study of cybercrime, criminals and money. Researched and written by Dr. Mike McGuire April 2018 Project funded by Bromium, Inc. 2 Acknowledgements Many thanks to the various experts from U.S. and European criminal justice agencies, financial institutions and to academic informants who were consulted during the research conducted for this report. Particular thanks go to the U.K. National Fraud Intelligence Bureau as part of the City of London Police for providing invaluable data and to The National Crime Agency, The Metropolitan Police and the Home Office Cybercrime Research Unit for their helpful suggestions and support. 3 Table of Contents FOREWORD _________________________________________________ 7 GREGORY WEBB CEO, BROMIUM _________________________________ 7 FOREWORD ________________________________________________ 10 DR. MICHAEL MCGUIRE SENIOR LECTURER, UNIVERSITY OF SURREY _________ 10 INTRODUCTION ____________________________________________ 12 THE EMERGING CRIMINAL ECONOMY: CYBERSPACE AND THE WEB OF PROFIT __ 12 CYBERCRIME REVENUES REACH $1.5 TRILLION _______________________ 15 POST-CRIME AND PLATFORM CRIMINALITY __________________________ 17 MOVING REVENUES __________________________________________ 18 DISPOSAL OF CYBERCRIME FUNDS ________________________________ 20 METRICS: AT-A-GLANCE ______________________________________ 23 UNDERSTANDING THE WEB OF PROFIT THROUGH NUMBERS ______________ 23 CHAPTER 1: THE WEB OF PROFIT ______________________________ 29 THE CYBERCRIME ECONOMY AND THE EMERGENCE OF PLATFORM CRIMINALITY _ 29 WEAPONISING EXISTING PLATFORMS ______________________________ 32 CYBERCRIME-SPECIFIC PLATFORMS ________________________________ 35 CHAPTER 2: REVENUES FROM CYBERCRIME _____________________ 39 4 CYBERCRIME REVENUES VS. TRADITIONAL CRIME REVENUES ______________ 45 INDIVIDUAL REVENUES FROM CYBERCRIME __________________________ 48 CHAPTER 3: KEY REVENUE SOURCES FOR CYBERCRIMINALS ________ 54 REVENUES FROM ILLICIT ONLINE MARKETS __________________________ 55 IP AND TRADE SECRET THEFT ___________________________________ 58 REVENUES FROM DATA TRADING _________________________________ 64 REVENUES FROM CRIMEWARE & CAAS _____________________________ 67 REVENUES FROM RANSOMWARE _________________________________ 70 CASE STUDIES AND EXAMPLES ___________________________________ 73 CHAPTER 4: LAUNDERING DIRTY MONEY ________________________ 75 TRADITIONAL LAUNDERING _____________________________________ 76 CYBER-LAUNDERING _________________________________________ 82 USE OF PAYMENT SYSTEMS LIKE PAYPAL ____________________________ 83 CASE STUDIES AND EXAMPLES ___________________________________ 86 USE OF CRYPTOCURRENCIES FOR LAUNDERING ________________________ 89 CASE STUDIES AND EXAMPLES ___________________________________ 91 ONLINE GAMING AND LAUNDERING _______________________________ 97 CASE STUDIES AND EXAMPLES ___________________________________ 98 CHAPTER 5: DISPOSING OF CRIMINAL REVENUES ________________ 100 DISPOSING OF CYBERCRIME REVENUES ____________________________ 103 CASE STUDIES AND EXAMPLES __________________________________ 112 REINVESTMENT INTO CRIME ___________________________________ 114 CHAPTER 6: IMPLICATIONS AND RECOMMENDATIONS ___________ 120 RECOMMENDATIONS FOR LAW ENFORCEMENT_______________________ 123 RECOMMENDATIONS FOR CYBERSECURITY PROFESSIONALS ______________ 124 RECOMMENDATIONS FOR ACADEMIC AND OTHER RESEARCHERS ___________ 125 APPENDIX: METHODOLOGY _________________________________ 128 5 NOTE ON REVENUE CALCULATIONS ______________________________ 129 INDEX ___________________________________________________ 139 BIBLIOGRAPHY ____________________________________________ 150 BIOGRAPHY DR. MICHAEL MCGUIRE __________________________ 165 SENIOR LECTURER, UNIVERSITY OF SURREY _________________________ 165 RESEARCH SPONSOR BROMIUM, INC. _________________________ 167 APPLICATION ISOLATION AND CONTROL ___________________________ 168 UNTRUSTED TASKS ARE PROTECTED ______________________________ 169 THE BROMIUM CONTROLLER PROVIDES HIGH FIDELITY ALERTS ____________ 172 VIRUSTOTAL.COM EXPLAINS THE MALWARE ________________________ 173 VIRTUALIZATION TARGETS TYPICAL THREAT VECTORS __________________ 175 Table of Figures FIGURE 1: MONTHLY RANSOMWARE PAYMENTS 2014-2017 _____________ 71 FIGURE 2: BITCOIN WALLETS TIED TO RANSOMWARE ATTACKS ____________ 94 FIGURE 3: HTTP://BITCOIN-REALESTATE.COM _______________________ 108 FIGURE 4: HTTPS://WWW.BITDIALS.EU/ ___________________________ 108 FIGURE 5: HTTPS://WWW.BITDIALS.EU/ ___________________________ 109 FIGURE 6: HTTP://THEWCOMP.COM _____________________________ 109 FIGURE 7: BROMIUM LIVE VIEW OF WORD DOCUMENT ________________ 171 FIGURE 8: BROMIUM WARNS ABOUT MALWARE _____________________ 172 FIGURE 9: THE BROMIUM CONTROLLER PROVIDES KILL CHAIN INFORMATION __ 173 FIGURE 10: FILES IN RED MEAN THIS MALWARE IS STILL SEEN AS MALICIOUS__ 174 6 Foreword Gregory Webb CEO, Bromium We invested in this research because we think it’s important. The findings of Dr. McGuire’s research explain how cybercrime proceeds are being generated, laundered and reinvested into the criminal economy. By gaining a better understanding of the systems that support cybercrime, we think we can better understand how to disrupt them. Essentially, we want to make life harder for hackers. Cybercriminals are always one step ahead of the cybersecurity industry; an industry that is generally struggling to fix the problem. Data is a valuable commodity that can be traded and sold – cybercrime is therefore a lucrative business, with relatively low risks compared to other forms of crime. Cybercriminals are rarely convicted. And now that anyone can buy pre-packaged malware and hire hackers-on-demand, it’s easier than ever. In this report, Dr. McGuire has identified the emergence of “platform criminality” – where the cybercrime economy is now 7 taking the same form as new digital businesses, making it even easier to conduct cyberattacks. They have automated the process so we’re likely to see more, frequent attacks. “It is society that is suffering the consequences of our failure to stem the tide.” The walls between the criminal and legitimate worlds are blurring; we are not simply dealing with ‘hackers in hoodies’, we are tackling an economic ecosystem that enables, funds and supports criminal activity on a global scale – from drug trafficking to terrorism. It is society that is suffering the consequences of our failure to stem the tide. The report shows that cybercriminals are both innovators and early adopters of technology. It is unrealistic to think that law enforcement alone will be able to track and disrupt new systems. Because we are a community with a common goal, we need to collaborate and be willing to do things differently. We share a social and moral obligation to disrupt the core systems that underpin this criminal ecosystem. We need to make it more difficult for hackers to gather our most precious resource – data. The cybersecurity industry needs to come to terms with the limitations of detect-to-protect security and find better ways to isolate the problem. We need to approach cyber-defenses in a totally different way, by focusing on the most vulnerable – and easiest to attack – vectors in our organizations. The criminals know where we are vulnerable – most often where humans put fingers to keyboards. We know changing human behavior is both challenging and costly. 8 Instead, by focusing on protection, rather than detection, we can disrupt cybercrime in significant ways. Research is vital to our understanding of cybercrime and may help us one day put an end to The Web of Profit. In the meantime, we will work with our peers to continue to protect the internet and the organizations that rely on it to communicate, collaborate and conduct business. Let’s work together now to disrupt The Web of Profit. 9 Foreword Dr. Michael McGuire Senior Lecturer, University of Surrey Awareness of cybercrime is at an all-time high, yet understanding of how cybercrime functions as an integrated set of criminal practices remains far less clear. While there is far greater comprehension of the scope and scale of the threat, developed understanding of how cybercrime functions and the factors which drive and support it remains limited. To date, attention has been primarily focused on the mechanisms of cybercrime – that is, how it happens. As a result, technical factors, such as malware types, security holes and the prevention of certain types of attack, are most frequently discussed. More recently the ‘human factor’ – that is, the way that human error and poor judgement may contribute to the success of cybercriminals in breaching systems – has begun to be treated more seriously as a causal factor. However, what remains far less developed is an understanding of cybercrime as a system; one where criminals, victims, policing and security professionals, companies, nation states, financial institutions, service and support mechanisms 10 interconnect with one another and with various infrastructures (such as data silos, payment systems or even the web itself) to produce a composite whole. This system is dynamic and evolving and one of its key driving factors is revenue generation and ultimately profit, since this constitutes one of the primary motivations for engaging in cybercrime – or, indeed, crime in general. Understanding revenue generation and its flows not only offers a different way in which our knowledge of cybercrime can be enhanced, but by better understanding revenue
Load more

Recommended publications
  • The Current Economics of Cyber Attacks
    The Current Economics of Cyber Attacks Ron Winward Security Evangelist October 17, 2016 What Are We Talking About Historical Context Does Hacking Pay? Cyber Aack Marketplace Economics of Defenses: Reality Check 2 Once Upon a Time… 3 Story of the Automobile Ideal economic condions help fuel and grow this industry Be&er Roads Assembly Line Ideal Economic Condi9ons Growth 4 Cyber Attacks Reaching a Tipping Point More Resources More Targets More Mature Availability of low More high value, A level of maturity cost resources increasingly vulnerable that drives efficiency targets leads to more and ensures valuable informaon anonymity The economics of hacking have turned a corner! 5 Modern Economics of Cyber Attacks and Hacking 6 Do You Romanticize Hackers? 7 Reality of Today’s Hackers May look more like this . than like this 8 Today’s Adversary: Not always the Lone Wolf Structured organizaon with roles, focus Premeditated plan for targe9ng, exfiltraon, mone9zaon of data/assets Mul9-layered trading networks for distribu9on, Source: HPE: the business of hacking obfuscaon Why? Because increasingly, CRIME PAYS! 9 Or Does It? The average aacker earns approximately ¼ of the salary of an average IT employee The cost and 9me to plan aacks has decreased Be&er access to be&er tools makes aacks easier Remember: Nobody is trying to be “average” 10 Sophisticated Understanding of Value Mone9zable criminal enterprise Credit Cards Medical Records Intellectual Property Creden9als Vulnerabili9es Exploits 11 The Economics of Web Attacks Hacker steals US healthcare
    [Show full text]
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • Virtual Currencies and Terrorist Financing : Assessing the Risks And
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc.
    [Show full text]
  • 2015 Threat Report Provides a Comprehensive Overview of the Cyber Threat Landscape Facing Both Companies and Individuals
    THREAT REPORT 2015 AT A GLANCE 2015 HIGHLIGHTS A few of the major events in 2015 concerning security issues. 08 07/15: Hacking Team 07/15: Bugs prompt 02/15: Europol joint breached, data Ford, Range Rover, 08/15: Google patches op takes down Ramnit released online Prius, Chrysler recalls Android Stagefright botnet flaw 09/15: XcodeGhost 07/15: Android 07/15: FBI Darkode tainted apps prompts Stagefright flaw 08/15: Amazon, ENFORCEMENT bazaar shutdown ATTACKS AppStore cleanup VULNERABILITY reported SECURITYPRODUCT Chrome drop Flash ads TOP MALWARE BREACHING THE MEET THE DUKES FAMILIES WALLED GARDEN The Dukes are a well- 12 18 resourced, highly 20 Njw0rm was the most In late 2015, the Apple App prominent new malware family in 2015. Store saw a string of incidents where dedicated and organized developers had used compromised tools cyberespionage group believed to be to unwittingly create apps with malicious working for the Russian Federation since behavior. The apps were able to bypass at least 2008 to collect intelligence in Njw0rm Apple’s review procedures to gain entry support of foreign and security policy decision-making. Angler into the store, and from there into an ordinary user’s iOS device. Gamarue THE CHAIN OF THE CHAIN OF Dorkbot COMPROMISE COMPROMISE: 23 The Stages 28 The Chain of Compromise Nuclear is a user-centric model that illustrates Kilim how cyber attacks combine different Ippedo techniques and resources to compromise Dridex devices and networks. It is defined by 4 main phases: Inception, Intrusion, WormLink Infection, and Invasion. INCEPTION Redirectors wreak havoc on US, Europe (p.28) INTRUSION AnglerEK dominates Flash (p.29) INFECTION The rise of rypto-ransomware (p.31) THREATS BY REGION Europe was particularly affected by the Angler exploit kit.
    [Show full text]
  • Moonlight Maze,’ Perhaps the Oldest Publicly Acknowledged State Actor, Has Evaded Open Forensic Analysis
    PENQUIN’S MOONLIT MAZE The Dawn of Nation-State Digital Espionage Juan Andres Guerrero-Saade, Costin Raiu (GReAT) Daniel Moore, Thomas Rid (King’s College London) The origins of digital espionage remain hidden in the dark. In most cases, codenames and fragments of stories are all that remains of the ‘prehistoric’ actors that pioneered the now- ubiquitous practice of computer network exploitation. The origins of early operations, tools, and tradecraft are largely unknown: official documents will remain classified for years and decades to come; memories of investigators are eroding as time passes; and often precious forensic evidence is discarded, destroyed, or simply lost as storage devices age. Even ‘Moonlight Maze,’ perhaps the oldest publicly acknowledged state actor, has evaded open forensic analysis. Intrusions began as early as 1996. The early targets: a vast number of US military and government networks, including Wright Patterson and Kelly Air Force Bases, the Army Research Lab, the Naval Sea Systems Command in Indian Head, Maryland, NASA, and the Department of Energy labs. By mid-1998 the FBI and Department of Defense investigators had forensic evidence pointing to Russian ISPs. After a Congressional hearing in late February 1999, news of the FBI’s vast investigation leaked to the public.1 However, little detail ever surfaced regarding the actual means and procedures of this threat actor. Eventually the code name was replaced (with the attackers’ improved intrusion set dubbed Storm Cloud’, and later ‘Makers Mark’) and the original ‘MM’ faded into obscurity without proper technical forensic artefacts to tie these cyberespionage pioneers to the modern menagerie of APT actors we are now all too familiar with.
    [Show full text]
  • Cyber News for Counterintelligence / Information Technology / Security Professionals 13 November 2014
    Cyber News for Counterintelligence / Information Technology / Security Professionals 13 November 2014 Purpose Stuxnet worm entered Iran's nuclear facilities through hacked suppliers Educate recipients of cyber events to aid in protecting Engadget, 13 Nov 2014: You may have heard the common story of how Stuxnet electronically stored DoD, spread: the United States and Israel reportedly developed the worm in the mid- corporate proprietary, and/or Personally Identifiable 2000s to mess with Iran's nuclear program by damaging equipment, and first Information from theft, unleashed it on Iran's Natanz nuclear facility through infected USB drives. It got compromise, espionage out of control, however, and escaped into the wild (that is, the internet) sometime Source later. Relatively straightforward, right? Well, you'll have to toss that version of This publication incorporates open source news articles events aside -- a new book, Countdown to Zero Day, explains that this digital educate readers on security assault played out very differently. Researchers now know that the sabotage- matters in compliance with oriented code first attacked five component vendors that are key to Iran's nuclear USC Title 17, section 107, program, including one that makes the centrifuges Stuxnet was targeting. These Para a. All articles are truncated to avoid the companies were unwitting Trojan horses, security firm Kaspersky Lab says. Once appearance of copyright the malware hit their systems, it was just a matter of time before someone brought infringement compromised data into the Natanz plant (where there's no direct internet access) Publisher and sparked chaos. As you might suspect, there's also evidence that these first * SA Jeanette Greene Albuquerque FBI breaches didn't originate from USB drives.
    [Show full text]
  • Into the Reverie: Exploration of the Dream Market
    Into the Reverie: Exploration of the Dream Market Theo Carr1, Jun Zhuang2, Dwight Sablan3, Emma LaRue4, Yubao Wu5, Mohammad Al Hasan2, and George Mohler2 1Department of Mathematics, Northeastern University, Boston, MA 2Department of Computer & Information Science, Indiana University - Purdue University, Indianapolis, IN 3Department of Mathematics and Computer Science, University of Guam, Guam 4Department of Mathematics and Statistics, University of Arkansas at Little Rock, AK 5Department of Computer Science, Georgia State University, Atlanta, GA [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract—Since the emergence of the Silk Road market in Onymous" in 2014, a worldwide action taken by law enforce- the early 2010s, dark web ‘cryptomarkets’ have proliferated and ment and judicial agencies aimed to put a kibosh on these offered people an online platform to buy and sell illicit drugs, illicit behaviors [5]. Law enforcement interventions such as relying on cryptocurrencies such as Bitcoin for anonymous trans- actions. However, recent studies have highlighted the potential for Onymous, along with exit scams and hacks, have successfully de-anonymization of bitcoin transactions, bringing into question shut down numerous cryptomarkets, including AlphaBay, Silk the level of anonymity afforded by cryptomarkets. We examine a Road, Dream, and more recently, Wall Street [6]. Despite these set of over 100,000 product reviews from several cryptomarkets interruptions, new markets have continued to proliferate. The collected in 2018 and 2019 and conduct a comprehensive analysis authors of [7] note that there appears to be a consistent daily of the markets, including an examination of the distribution of drug sales and revenue among vendors, and a comparison demand of about $500,000 for illicit products on the dark web, of incidences of opioid sales to overdose deaths in a US city.
    [Show full text]
  • The Truth About Voter Fraud 7 Clerical Or Typographical Errors 7 Bad “Matching” 8 Jumping to Conclusions 9 Voter Mistakes 11 VI
    Brennan Center for Justice at New York University School of Law ABOUT THE BRENNAN CENTER FOR JUSTICE The Brennan Center for Justice at New York University School of Law is a non-partisan public policy and law institute that focuses on fundamental issues of democracy and justice. Our work ranges from voting rights to redistricting reform, from access to the courts to presidential power in the fight against terrorism. A sin- gular institution—part think tank, part public interest law firm, part advocacy group—the Brennan Center combines scholarship, legislative and legal advocacy, and communications to win meaningful, measurable change in the public sector. ABOUT THE BRENNAN CENTER’S VOTING RIGHTS AND ELECTIONS PROJECT The Voting Rights and Elections Project works to expand the franchise, to make it as simple as possible for every eligible American to vote, and to ensure that every vote cast is accurately recorded and counted. The Center’s staff provides top-flight legal and policy assistance on a broad range of election administration issues, including voter registration systems, voting technology, voter identification, statewide voter registration list maintenance, and provisional ballots. © 2007. This paper is covered by the Creative Commons “Attribution-No Derivs-NonCommercial” license (see http://creativecommons.org). It may be reproduced in its entirety as long as the Brennan Center for Justice at NYU School of Law is credited, a link to the Center’s web page is provided, and no charge is imposed. The paper may not be reproduced in part or in altered form, or if a fee is charged, without the Center’s permission.
    [Show full text]
  • Twitter and Millennial Participation in Voting During Nigeria's 2015 Presidential Elections
    Walden University ScholarWorks Walden Dissertations and Doctoral Studies Walden Dissertations and Doctoral Studies Collection 2021 Twitter and Millennial Participation in Voting During Nigeria's 2015 Presidential Elections Deborah Zoaka Follow this and additional works at: https://scholarworks.waldenu.edu/dissertations Part of the Public Administration Commons, and the Public Policy Commons Walden University College of Social and Behavioral Sciences This is to certify that the doctoral dissertation by Deborah Zoaka has been found to be complete and satisfactory in all respects, and that any and all revisions required by the review committee have been made. Review Committee Dr. Lisa Saye, Committee Chairperson, Public Policy and Administration Faculty Dr. Raj Singh, Committee Member, Public Policy and Administration Faculty Dr. Christopher Jones, University Reviewer, Public Policy and Administration Faculty Chief Academic Officer and Provost Sue Subocz, Ph.D. Walden University 2021 Abstract Twitter and Millennial Participation in Voting during Nigeria’s 2015 Presidential Elections by Deborah Zoaka MPA Walden University, 2013 B.Sc. Maiduguri University, 1989 Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Public Policy and Administration Walden University May, 2021 Abstract This qualitative phenomenological research explored the significance of Twitter in Nigeria’s media ecology within the context of its capabilities to influence the millennial generation to participate in voting during the 2015 presidential election. Millennial participation in voting has been abysmally low since 1999, when democratic governance was restored in Nigeria after 26 years of military rule, constituting a grave threat to democratic consolidation and electoral legitimacy. The study was sited within the theoretical framework of Democratic participant theory and the uses and gratifications theory.
    [Show full text]
  • You Are Not Welcome Among Us: Pirates and the State
    International Journal of Communication 9(2015), 890–908 1932–8036/20150005 You Are Not Welcome Among Us: Pirates and the State JESSICA L. BEYER University of Washington, USA FENWICK MCKELVEY1 Concordia University, Canada In a historical review focused on digital piracy, we explore the relationship between hacker politics and the state. We distinguish between two core aspects of piracy—the challenge to property rights and the challenge to state power—and argue that digital piracy should be considered more broadly as a challenge to the authority of the state. We trace generations of peer-to-peer networking, showing that digital piracy is a key component in the development of a political platform that advocates for a set of ideals grounded in collaborative culture, nonhierarchical organization, and a reliance on the network. We assert that this politics expresses itself in a philosophy that was formed together with the development of the state-evading forms of communication that perpetuate unmanageable networks. Keywords: pirates, information politics, intellectual property, state networks Introduction Digital piracy is most frequently framed as a challenge to property rights or as theft. This framing is not incorrect, but it overemphasizes intellectual property regimes and, in doing so, underemphasizes the broader political challenge posed by digital pirates. In fact, digital pirates and broader “hacker culture” are part of a political challenge to the state, as well as a challenge to property rights regimes. This challenge is articulated in terms of contributory culture, in contrast to the commodification and enclosures of capitalist culture; as nonhierarchical, in contrast to the strict hierarchies of the modern state; and as faith in the potential of a seemingly uncontrollable communication technology that makes all of this possible, in contrast to a fear of the potential chaos that unsurveilled spaces can bring.
    [Show full text]
  • View Final Report (PDF)
    TABLE OF CONTENTS TABLE OF CONTENTS I EXECUTIVE SUMMARY III INTRODUCTION 1 GENESIS OF THE PROJECT 1 RESEARCH QUESTIONS 1 INDUSTRY SITUATION 2 METHODOLOGY 3 GENERAL COMMENTS ON INTERVIEWS 5 APT1 (CHINA) 6 SUMMARY 7 THE GROUP 7 TIMELINE 7 TYPOLOGY OF ATTACKS 9 DISCLOSURE EVENTS 9 APT10 (CHINA) 13 INTRODUCTION 14 THE GROUP 14 TIMELINE 15 TYPOLOGY OF ATTACKS 16 DISCLOSURE EVENTS 18 COBALT (CRIMINAL GROUP) 22 INTRODUCTION 23 THE GROUP 23 TIMELINE 25 TYPOLOGY OF ATTACKS 27 DISCLOSURE EVENTS 30 APT33 (IRAN) 33 INTRODUCTION 34 THE GROUP 34 TIMELINE 35 TYPOLOGY OF ATTACKS 37 DISCLOSURE EVENTS 38 APT34 (IRAN) 41 INTRODUCTION 42 THE GROUP 42 SIPA Capstone 2020 i The Impact of Information Disclosures on APT Operations TIMELINE 43 TYPOLOGY OF ATTACKS 44 DISCLOSURE EVENTS 48 APT38 (NORTH KOREA) 52 INTRODUCTION 53 THE GROUP 53 TIMELINE 55 TYPOLOGY OF ATTACKS 59 DISCLOSURE EVENTS 61 APT28 (RUSSIA) 65 INTRODUCTION 66 THE GROUP 66 TIMELINE 66 TYPOLOGY OF ATTACKS 69 DISCLOSURE EVENTS 71 APT29 (RUSSIA) 74 INTRODUCTION 75 THE GROUP 75 TIMELINE 76 TYPOLOGY OF ATTACKS 79 DISCLOSURE EVENTS 81 COMPARISON AND ANALYSIS 84 DIFFERENCES BETWEEN ACTOR RESPONSE 84 CONTRIBUTING FACTORS TO SIMILARITIES AND DIFFERENCES 86 MEASURING THE SUCCESS OF DISCLOSURES 90 IMPLICATIONS OF OUR RESEARCH 92 FOR PERSISTENT ENGAGEMENT AND FORWARD DEFENSE 92 FOR PRIVATE CYBERSECURITY VENDORS 96 FOR THE FINANCIAL SECTOR 96 ROOM FOR FURTHER RESEARCH 97 ACKNOWLEDGEMENTS 98 ABOUT THE TEAM 99 SIPA Capstone 2020 ii The Impact of Information Disclosures on APT Operations EXECUTIVE SUMMARY This project was completed to fulfill the including the scope of the disclosure and capstone requirement for Columbia Uni- the disclosing actor.
    [Show full text]
  • Torrent Download Audio Tv Torrent Downloads Proxy – Best Torrent Downloads Unblocked Alternative | Mirror Sites
    torrent download audio tv Torrent Downloads Proxy – Best Torrent Downloads Unblocked Alternative | Mirror Sites. We all know that the torrent sites banned over the last few days and users are facing problems like browser bans, ISP bans across the country. At present, the site is banned in the UK, India and so many countries because of court orders. Luckily, Torrent downloads professional staff and different torrent lovers are offering Torrent downloads proxy and mirror sites for us with newest proxies. These websites will have the same records, appearance, and functions just like the original one. Torrent Downloads: Torrent Downloads is one of the popular torrent sites which come in the list of top 10. This site is providing you the latest TV shows, Movies, Music, Games, Software, Anime, Books and so on for many years. The content of this site is very unique where you will get the latest movies, software within a few minutes. That’s why many of the users are still visit this site on a daily basis to download for free of cost. Torrent Downloads Proxy and Mirrors list: These Torrent Downloads Proxy/Mirror sites are used in such countries where it is not banned yet. So, If you couldn’t get right of entry to Torrent Downloads, with the assist of Torrent Downloads proxy/mirror websites , you’ll usually be able to get right of entry to your favorite torrent website, Torrent Downloads. Your Internet Service Provider and Government can track your browsing Activity! So, hide your IP Address with a VPN! Torrent Downloads Proxy/Mirror Sites: https://freeproxy.io/ https://sitenable.top/ https://sitenable.ch/ https://filesdownloader.com/ https://sitenable.pw/ https://sitenable.co/ https://torrentdownloads.unblockall.org/ https://torrentdownloads.unblocker.cc/ https://torrentdownloads.unblocker.win/ https://torrentdownloads.immunicity.cab/ How to Download Torrent Downloads Movies securely? Using torrents is illegal in some countries.
    [Show full text]