How the US Military will fight ISIS on the Dark Web

Uploaded on 2015-03-02 in INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Developments

The Dark Web is not so much a place as it is a method of achieving a level of anonymity online. It refers to web sites that mask the IP addresses of the servers on which they reside, making it impossible to know who or what is behind the site or sites. They don’t show up on search engines like Google so, unless you know exactly how to reach them, they’re effectively invisible. 
Activists and dissidents in countries like China and Iran use the Dark Web to get around state surveillance; journalists use it to reach sources and whistleblowers rely on it to spread the word about institutional abuse or malpractices. New evidence suggests that the Islamic State, or ISIS, or at least ISIS supporting groups, are seeking the Dark Web’s anonymity for operations beyond simple propaganda. Thus yet another challenge for law enforcement and the military: to track users on the Dark Web in a way that’s effective against ISIS but that doesn’t violate privacy.
First, while the Dark Web is incredibly valuable as a tool for dissident action, it also has some real dark spots. Ido Wulkan, the senior analyst at S2T, a Singapore-based technology company that develops Dark Web harvesting technologies, recently revealed to Israeli newspaper Haaretz that his company has found a number of websites raising funds for ISIS through bitcoin donations.
Some Dark Web content is accessible only via special software like Tor, a package that encrypts a user’s IP address and routes Internet traffic through a series of volunteer servers around the world (so-called onion routing.) Like the Internet itself, Tor was a product of the military, originally designed by the Office of Naval Research to give sailors a secure means of communication.
Today, an explosion of Tor usage in a specific place or among a certain group is one indicator of increased secret communication activity. That could mean different things in different places. In June 2014, when the government of Iraq blocked Twitter and Facebook as part of its response to the growing ISIS situation, Tor usage in that country exploded, according to Tor metrics data. Usage has since calmed down in Iraq significantly.
Recently, the Chertoff Group put out a new paper detailing some of the methodologies that they advise law enforcement to use to monitor Tor users and sites. Since it was co-written by former DHS director and Jeb Bush national security team member Michael Chertoff, it’s safe to say it provides a good indication of current law enforcement thinking. The name of the paper is the Impact of the Dark Web on Internet Governance and Cyber Security, co-written with Toby Smith.
Mapping the hidden service directory presents a technical challenge that’s a bit more unique. Tor uses a domain database built on what’s called a distributed hash table. If Tor were a city, the distributed hash table, DHT, would be the architectural plans for the structures in it. Each node in a DHT can store information that, in turn, is retrievable if the user knows the exact address of that node. Mapping the DHT can reveal how those nodes relate to one another, providing a sense of shape for the broader network. 
Recently disclosed court documents show that the FBI has used some code from a software product called the Metasploit Decloaking Engine for Dark Web investigations. 
As the Dark Web evolves, people will begin to organize within it in order to make it more useful. That’s inevitable. As any organism grows it becomes complex; and as it becomes complex it seeks organization as a means to grow efficiently and minimize cost. It is in that organization that the hidden Web is revealing itself both to individuals who would seek to give funds to groups like ISIS and to spies who would seek out those people.
http://www.defenseone.com/technology/2015/02/how-military-will-fight-isis-dark-web/105948/?oref=defenseone_today_nl

 

« CAUSE: Predictive Software to Counter Cyber Attacks
Google Cloud offers security scanning for customer apps »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

La Fosse Associates

La Fosse Associates

The InfoSec Recruitment team at La Fosse Associates specialises in placing Information Security & Risk professionals on a permanent and contract basis.

Connectitude

Connectitude

Connectitude IIoT Platform ™ is a complete solution for industrial IIoT.

Rezilion

Rezilion

Rezilion is a stealth mode cyber-security start-up developing a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

FirstWave Cloud Technology

FirstWave Cloud Technology

FirstWave Cloud Technology is a global cyber security company which has been delivering Cybersecurity-as-a-service solutions to the market since 2004.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

NetGain Technologies

NetGain Technologies

NetGain Technologies helps small to medium-sized businesses gain access to expert IT talent. We provide strategies that use technology as a driving force behind business growth.

SoftwareONE

SoftwareONE

SoftwareONE is a leading global provider of end-to-end software and cloud technology solutions.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

Helix Tech Consulting

Helix Tech Consulting

Helix Tech have expertise in a wide range of technology areas, including IT strategy, infrastructure design, cybersecurity, disaster recovery, cloud, data centers, IT cost optimization, and more.