The Techno-Crime Blog - Techno-Crime Institute

Complications For Your Investigations: Cosmos Computing & Distributed Networks

November 26, 2018 by Walt Manning Leave a Comment

Introduction

In our previous post, we described a hypothetical network where your digital evidence will be anonymous and encrypted.

All of the data on this network is shredded into fragments, with each piece individually encrypted using a different code.

Several copies of all fragments are dispersed to be stored on different land-based devices or satellites.

I call this “Cosmos Computing,” and believe it could be the next version of the Internet.

If you read the entire post, near the end I told you that networks like this already exist or are under development.

If you missed the other post, feel free to read it at https://technocrime.com/will-evidence-located-cosmos-computing/.

Now let me give you some examples.

The SAFE Network

The first example is called The Safe Network (Safe Access For Everyone) and is being created by MaidSafe, a Scottish company. For more information, you can go to their website at https://www.maidsafe.net).

The SAFE Network is designed to work exactly like the hypothetical network described in our earlier post (but currently without satellites).

As you read about the SAFE Network and how it is being designed, think about how this technology will affect your search for digital evidence.

The following are quotes from “The SAFE Network Primer” to give you an idea about the philosophy behind the project (the entire document is available on their website):

“For all its glories, the Internet is broken. It has strayed from its original vision. It is now a machine for censorship, propaganda, and central control that feeds on our personal data. It could and should have been much better than this.

MaidSafe’s solution is to create a secure, autonomous, data-centric, peer-to-peer network as an alternative to the current server-centric model. Rather than residing on a central server or data center, individual files are split up into pieces, encrypted and spread out over the network. Individuals retain full control of the data they create. It is resistant to DDoS, malware, and hacking and it cannot be centrally co-opted and controlled by monopolistic corporate and government interests. As a platform, such a network could usher in whole new business models, just as the original Internet did at the turn of the century.”

“The Internet giants of today would no longer be able to harvest our data without our say so, nor could government spooks eavesdrop over their shoulders. There would be a rebalancing of power from the data haves to the data have-nots. Censorship would be impossible, and data could be not be erased.”

Volunteers can choose to dedicate part of their computer’s hardware and data storage for use by the SAFE Network. In return, these owners are compensated for the use of their machines in a digital currency called “Safecoin.”

Safecoin will be convertible to many other types of digital currencies, such as Bitcoin.

People could also use the network’s custom browser to securely navigate the Internet, store their data files, or create websites.

Users who want to store data on the SAFE Network will pay Safecoin to the network for the service, and these funds are used to pay the volunteers hosting the data and the company managing the network.

Data stored on the volunteer network nodes will be secured inside an encrypted “vault,” and even the machine’s owner will not have access to it.

If anyone could break into the vault, he would only see scattered encrypted fragments of data that would not be readable. Only the original user who generated the data can recall and reconstruct it.

The network makes sure that no complete file is ever stored in a single vault.

When a volunteer host machine is shut down, the network software first makes multiple copies of all data fragments stored in that vault and disperses them to other working nodes on the network.

This means that your evidence may be stored on a different physical device in another location from one day to the next.

The SAFE Network never sees a user’s password. The only place the password is used is when the person logs onto the network to retrieve data he previously stored there.

The decryption keys are never transmitted on the network.

When a SAFE Network user logs out and shuts down the software, all traces of her activity are wiped from the host device.

We already discussed some of the potential benefits, but should we review them again?

A user’s personal data would be secure, and the user would control every aspect of how that data was shared with another party.
The data breach problem might be solved since there would be no single point of attack to steal proprietary or personal information.
Hackers wouldn’t be able to access any useful data, as it would all be encrypted and stored on multiple devices.
Distributed Denial of Service (DDoS) attacks will no longer work. The network would re-route the traffic around any targeted servers.
The impact of malware would be limited due to the fragmentation and encryption of the data stored and transmitted on the network.
Ransomware attacks and crypto-jacking would be almost impossible.

The SAFE Network is still in test mode, but imagine how this technology will change your investigations when it goes live!

Freenet

Freenet is a self-contained distributed network that was designed to provide “censorship-resistant communication.” The Freenet Project’s primary goal is to protect freedom of speech without censorship.

“Distributed networks” or “peer-to-peer networks” merely mean that there are no centralized servers, and that every computer that joins the network becomes one of the nodes on the net.

As with the SAFE Network, users contribute some of their bandwidth and even a portion of their hard drive for data storage for other users of the network.

Freenet provides websites, forums, chat sites, and file storage.

All communication is encrypted and routed through multiple nodes.

Only websites and resources created and stored on Freenet can be accessed on the network. Regular Internet sites such as https://technocrime.com are not a part of this network.

The network now has a “darknet” mode that communicates only with people that are trusted by the user.

Storj

Storj Labs is developing a commercial version of this type of network for data storage only.

As with the other examples, computer owners can join the network to allow their machines to be used, and are paid based on the amount of storage and bandwidth used by the network.

Users can provide part of their data storage and be paid with Storj token, which works the same as other cryptocurrencies like Bitcoin.

Files are shredded and encrypted, and every data fragment is stored in a different location across the network on at least three redundant nodes.

Users maintain the encryption keys for their data, and every file is encrypted with a different key.

Storj is a for-profit company, and currently charges users the following rates:

$0.015 per gigabyte for data stored per month
$0.05 per gigabyte of data downloaded from the network

Conclusion

These are only three examples to give you an idea of how this technology is developing.

Now imagine that the suspects in your investigation use several of these networks for their communication, websites, or data storage.

Because of the explosion of new technologies being developed, we are going to need specialist investigators who know how they work, what evidence may exist, and the best methods to obtain it.

We also need to start thinking about new ways to identify these specialists, and how to find them when they’re needed.

You now know about three examples, but there are others…

Are you ready for Cosmos Computing?

Where Will Your Evidence Be Located with “Cosmos Computing”?

July 31, 2018 by Walt Manning Leave a Comment

Introduction

Imagine working a case where your digital evidence is all anonymous and encrypted.

Plus any data — files, documents, email, and all evidence of Internet use — is shredded into several pieces, with each piece individually encrypted using a different key.

To complicate matters even further, each piece of the encrypted and shredded data is then stored on different devices scattered all over the world.

What if we expand all of this to include data storage on satellites in space?

This scenario is what I call “Cosmos Computing,” and it could be the next version of the Internet.

What impact would this have on your investigations?

Let me explain one way this could happen…

Is It Even Possible?

Most of you are already familiar with cloud computing, where any type of data can be stored on a server in the Internet “cloud.”

Cloud computing has already created some big challenges for investigators. Before cloud technology existed, we could go to the IT department to obtain data from the network or collect data directly from user devices.

Now the data we need could be stored in several places, and we might not even know where the data is physically located or who controls access.

In this post, we won’t talk about the complexities related to cloud computing, such as managing security, malware, legal holds, and digital forensics data collection and preservation.

We’ll save those for another day.

What I want to describe for you is what I believe the Internet of the future might look like, and point out some issues that we need to be thinking about now.

“Cosmos”: The Next Step Beyond The Cloud…

There are several companies actively working on systems to provide broadband Internet signals from satellite networks or (believe it or not) balloons.

These include Google, OneWeb, and SpaceX.

The goal is to provide Internet access to everyone in the world, especially the people who currently have no way to connect.

One expert estimates that in the next six years, four billion new users will be connected to the Internet.

New earth-based 5G wireless networks will be 10-100 times faster than those we have today.
With all these new connections and the additional billions of Internet of Things devices that will be added, these new technologies will change the world in ways we can’t even imagine.

If we are going to have Internet signals from satellites in space, how much harder could it be to also have solar-powered satellites that store data?

Think about the possibilities of multiple networks of low, intermediate, and higher-altitude orbiting satellites, giving every individual on earth multiple sources of Internet connections…and new places to store their data.

Now Add Distributed and Decentralized Computing

With all this additional traffic, along with growing concerns related to privacy and security, I believe we might see a completely different and more sophisticated type of Internet.

Here’s one idea.

Imagine a network where every device is capable of connecting directly to every other device. Remember, we must now think in terms of devices…not just computers. Tablets, smart phones, and connected Internet of Things devices can also be part of these networks.
This network will need no centralized servers. Whoever owns any device they want to connect to our network can share part of that device’s processing power and data storage with other users of the network.
When someone offers to share some of a device’s resources, first they’ll download special software to connect the device to the network.
This software will create an encrypted “vault” on their device for use by others.
For their contribution, the device owners are paid with an untraceable digital currency, depending on the amount of resources shared.
For example, someone who shares 50 gigabytes of their data storage would be paid more than a person only sharing 25 gigabytes.
Any user who wants to store data on the network will first download different software to connect.
Users are charged a small fee, also paid with the same untraceable digital currency, but only for the amount of data storage or service they actually need.
Data stored or transmitted on this network will always be secure, because everything will be encrypted.
But we’ll go even further. Before it is sent, every file or other type of data will be broken into small pieces that are individually encrypted.
Then, each piece of data will be encrypted again, just to add even more security.
The network’s software will then make several copies of each piece of data for backup and redundancy.
When the data is sent for storage to the network, each of our encrypted data pieces (including the copies) are sent to be stored on different devices all over the world.
The network will be designed so that owners of those devices won’t have access to the data other users have stored with them.

To give you a physical analogy, let’s use an example of a one-page printed document that we want to save, but secure it so nobody else can ever see it.

First, you’ll encrypt the document with a code that only you know.
Then, you cut the page into 50 pieces.
You make five copies of each piece of data, for a total of 250.
Next, you seal each of the 250 pieces in 250 tamper-proof containers that require yet another code to open that only you know.
Each of the 250 sealed containers is sent to a different trusted person to store until you need it back.
Those 250 people can’t open the container. Even if they could they would see only one of the 50 coded pieces of the original document, and they wouldn’t be able to read any content.

Some Possible Results of This Network…

A user’s medical records, financial records, and personal data would be secure, and the user would control every aspect of how that data were shared with another party.
We might solve the data breach problem, since there would be no single point of attack to steal proprietary or personal information.
Hackers wouldn’t be able to access any useful data, as it would all be encrypted.
Distributed Denial of Service (DDoS) attacks will no longer work (if you want to learn more about DDOS attacks, here is a good place to start). The network would simply re-route the traffic around any targeted devices.
The impact of malware would be limited due to the fragmentation and encryption of the data stored and transmitted on the network.
Ransomware attacks and crypto-jacking would be almost impossible.

What Does This Mean For Investigators?

Since the network is completely decentralized, there is no central point of management that would have access to any of the data transmitted by or stored on the network.

No single device will store any of the encryption/decryption keys used on the network.

Court orders or subpoenas would not be effective, since no single entity or group could provide any useful data related to the activities of the network users.

The device where encrypted pieces of your evidence are stored today may be in a different location tomorrow and a different one the day after that.

In many ways, these types of networks could bring tremendous improvements to security and privacy compared to systems we all use today.

Do you still think the investigative scenario described in the introduction is impossible?

I think it’s much closer than you realize, and it raises many new questions:

Where will your digital evidence be when these types of networks are deployed?
How will legal jurisdiction be determined?
Will we need new international laws?
How will you collect and preserve digital data related to your investigation?
What new types of technical expertise will be needed to investigate techno-crimes in this environment?

Conclusions

I think we’ve reached a point where our dependence on technology is so great that we need to make a choice.

We can choose to design new networks and systems that focus on security and privacy on the one side, but make it harder for law enforcement and/or intelligence agencies.

Or we can choose networks and devices that may not be as secure and private, but still allow access to evidence.

I’m not sure that you can have both, but that is a very complicated debate that we can have another time.

Finally…I have a confession to make.

Companies are already working on the “fictional” network I described above. I’ll tell you who they are in my next post.

Are you ready for Cosmos Computing?

If you are interested in being part of our mailing list to find out more information about techno-crimes and investigations, it’s easy to sign at the bottom of this page.

Do You Know Which Technology Could Change Investigations Forever?

June 27, 2018 by Walt Manning Leave a Comment

Consider these scenarios…

A kidnapper takes remote control of the self-driving car that just picked your CEO at her hotel. The car is now driving her to a remote location where the criminals will meet her.

Your new smart home controller (think Amazon Echo, Google Home, Apple HomePod) has been hacked, and is now always listening to anything said within range of the microphone.

A terrorist group takes wireless control of several connected cars on major freeways and cause major pileups that kill or injure over 500 people.

A hacker sends a wireless command to the cardio-verter defibrillator implanted in a politician’s chest, causing the device to send a jolt of 750 volts to the politician’s heart.

A drone with a mounted silenced weapon assassinates the president of a country.

Your daughter received a “talking” teddy bear for her birthday. You don’t realize that the voice now talking to her is the convicted sex offender who lives several houses away.

All of the above examples are possible today, or will be in the near future.

Introduction

Welcome to the Internet of Things (IoT), an exploding technology where almost anything is or will be connected to the Internet.

Lots of these items have cameras, microphones or sensors that track data about a user or any other person in range.

Many of the devices are “smart”, which means they have some type of built-in data processing capability.

Some can talk to other connected devices, and almost all of them will be communicating data to at least one cloud-based server (if not more).

Voice-aware personal and home assistants can already act on your voice commands to do everything from play music to make bank transfers, and are being given more capabilities daily.

Self-driving cars that will be able to talk to each other and also to a central traffic control server will arrive within a few years.

Many medical devices are already connected in healthcare provider offices and hospitals, and new medical implants will monitor your vital signs and any other body or brain function (while communicating this data wirelessly to a connected mobile device and/or to a cloud server).

We now have smart homes, offices and even smart cities, where technology is becoming even more intelligent and interconnected.

Lots of devices that you might not think about are now being made with network connectivity (these are all real products):

Clothing
Light bulbs
Smoke alarms
Thermostats
Fitness trackers
Kitchen appliances
Industrial sensors
Toys
Trash cans
Hairbrushes
Luggage
Forks
Whiskey decanters
Mirrors
Cardiac pacemakers and defibrillators

Now combine these billions of new devices with an exploding number of satellite, drone, and surveillance cameras, microphones, and biometric and facial recognition technology. Can you imagine the possible new types of data these IoT devices could produce for investigators…or criminals?

How big can it be?

Many people don’t realize how the number of connected devices will explode in the coming years.

The estimated number of devices connected to the Internet today is over 10 billion, which is already greater than the population of the earth.

The Gartner Group projects that by 2020 the number of connected devices could double to over 20 billion.

One company predicts that Internet of Things devices will generate over 600 zettabytes of data by 2020.

Now to put that in perspective, one zettabyte of data storage is the equivalent of:

34 trillion 3-minute digital songs
250 billion DVDs, or
36,000 years of high-definition videos.

The Information Security Institute estimates that there will soon be over 100 devices that contain Wi-Fi chips in every home.

John Chambers, former CEO of Cisco Systems, predicted that the impact of the Internet of Things could be 5 – 10 times greater than the impact of the Internet itself.

How IoT will change your life

The Internet of Things technology will give us fantastic benefits that aren’t even possible today.

You won’t use a keyboard to interact with the network anymore. Devices will either be voice-activated, or capable of direct communication via a brain computer interface (BCI).

Yes, this means that the network will be able to know and react to your thoughts.

With so much data being collected about you, the network will know everything about your financial transactions, your health and medical history, and your food and drink preferences. It will also know everywhere you go and most of what you do throughout the day.

Medical IoT devices and new implants will provide continuous monitoring and personalized medical treatments that aren’t possible today. Imagine a medical implant that can monitor your blood chemistry and glucose levels, and can administer only the amount of medication needed at that precise moment.

Your medical insurance rates will adjust automatically throughout the day depending on your behavior. On days when you exercise, get plenty of sleep, and eat well, your premiums go down. If you overeat, drink too much, and experience high stress, the premiums increase.

Holographic and virtual reality technologies will give you the capability of appearing to be anywhere you want to be in the real or virtual worlds, and developing “haptic” technologies will allow you to see, touch, hear and smell the environment where your representative avatar is.

All this technology will lead to increased productivity and convenience. The network will be able to anticipate your needs and desires. Facial and biometric recognition will provide you with personalized experiences and services that you can’t even imagine.

Robotics technology (of course they will also be wirelessly connected) will create entirely new possibilities in multiple industries. For example, in the service industry robots have already replaced human employees to check in guests at hotels, deliver room service, and help to care for elderly or disabled patients.

The possibilities seem endless to improve our lives and increase efficiency.

Unintended side effects?

But what unintended consequences could this technology cause?

First of all, can you imagine the impact it will have on your personal privacy?

If the exploding number of IoT devices are always watching and listening, will privacy still be possible?

What impact could this have on our world, if a person can no longer do anything, say anything, or think anything without that data being collected and analyzed?

Would this change your behavior?

Surveillance is the business model of the Internet.
You are the product.

And with the Internet of Things, this will be even more certain.

Many governments and companies already collect massive amounts of data about all of us. But with the IoT, the volume of collected data will skyrocket.

But there will be some logistical problems with accumulating this quantity of data.

How much will it cost to develop the data storage to hold it all?
Where will the data be stored (which may be impacted by existing or future privacy laws that differ from country to country)?
Will we need new international laws related to IoT technology?
How will investigators know which company has collected what data, and how to obtain it?
If every IoT device collects data in a different format, how will an investigator be able to combine all the data related to an investigation to provide useful information?
As with most mass surveillance or data collection, the size of the data makes it more difficult to extract useful information and interpret it.

Consider the analogy of finding a needle in a haystack. If the haystack you are searching suddenly doubles in size, how much longer will it take for you to find the needle?

What if it grows by one hundred times?

Remember, the success of almost all investigations relies on either time or money.

If the technology makes it harder for investigators to find relevant data, will IoT help you be successful, or will the sheer volume of data overwhelm you and keep you from finding the evidence you need?

What about security?

What about the security of Internet of Things devices?

Right now, security doesn’t seem to be a priority for companies manufacturing these devices.

There are few, if any, laws of regulations addressing the security of IoT devices.

Most devices have no security at all, and many don’t have the capability for the device’s firmware or software to be updated.

If a security flaw in one of these devices is discovered, your only option may be to destroy the device and get a new one that “might” have been updated to eliminate the flaw.

But what are your options when a different defect is found?

Most IoT devices communicate wirelessly, but very few of them currently use encryption to protect the data.

If any wireless signal is not secured, it can potentially be intercepted.

This could give anyone access to the data being transmitted by the IoT device.

Unsecured IoT devices communicating via Wi-Fi or Bluetooth signals on your home or office network could also give a criminal access to your network.

And access to the data stored on every device connected to the network.

For example, many smart televisions have microphones and cameras.

Some smart televisions even create their own Wi-Fi hotspot, and with no security.

A hacker who could intercept this Wi-Fi signal might be able to see or hear anything within range of the camera and microphone.

If the television is connected to your home of office Wi-Fi, the attacker could potentially gain access to your network.

In one study by Hewlett Packard, 70% of IoT devices analyzed were vulnerable, and each device contained an average of 25 security flaws.

A Symantec study of health/fitness tracking apps showed the average device sent the collected data to between 5 and 14 different Internet domains.

According to a recent survey of IT professionals on the ISACA IT Risk/Reward Barometer, three-quarters of the respondents believed that a security breach caused by an insecure IoT device is likely.

Almost every IoT device that has been tested by security researchers has been successfully hacked.

Connected cars, medical devices in hospitals, implantable cardioverter-defibrillators (and pacemakers) have been hacked.

Video conferencing systems, wireless copiers and printers, and other office devices have been remotely accessed.

Kitchen appliances, connected thermostats, and wireless home security systems have been hacked.

Could the IoT fundamentally change crime and investigations?

This may seem to be a strange question, but consider the following:

We already have a staggering number of surface, satellite, mobile device, and drone cameras that will only continue to grow.
Add a dramatic expansion of facial and biometric recognition with much better quality than we have today.
All the devices that operate via voice control will always be listening and will alter behavior, even behind closed doors.
IoT devices will mostly communicate via wireless protocols, many of which have already been hacked.
Self-driving and fully autonomous vehicles will provide much more information about individual movements than has ever existed.

Since new IoT vehicles will have cameras and biometric recognition, and will be tracked with GPS, will auto theft and hijacking go away? Or will we have new types of high-tech thefts when the technology is hacked?

Does IoT technology have the potential to reduce person-on-person violent crime?

Could medical implants that constantly monitor blood components help to reduce illegal drug use?

We may have new risks when facial recognition or other biometric data is stolen.

If a criminal steals an identity or financial records, the victim can probably recover by creating new accounts, obtain new identification, and eventually resolve any fraud that was committed.
But if a crook steals biometric data, that can’t be recovered or replaced.

We may even see new types of crime created by these technologies that never existed before.

The Internet of Things may also change how we investigate crime.

We will need new types of investigative and forensic specialists who will have the knowledge and expertise to deal with this technology.

We might need to re-think how we organize law enforcement agencies and private investigations firms.

The old models where an agency or company has all the expertise needed “in house” may no longer be possible.

Teams of investigative specialists may be needed for each criminal case or civil engagement.

Sophisticated artificial intelligence capable of reviewing the massive amount of video and other data that will be collected from millions of sources might be required.

Conclusions

Are you sure that the Internet of Things will create more benefits than risks?

Even if the technology benefits outweigh the risks, are you ready to deal with the security and investigative challenges that will come with it?

We can help you understand some of the risks from your smart homes and mobile devices, and hopefully help you improve your security.

In our Free Member Content Library you can find our “Smart Home and Mobile Device Security Checklist.”

This checklist doesn’t address all of the issues we’ll face with the Internet of Things, but at least it might give you a good place to start.

This Is Possibly Your Biggest Techno-Crime Risk: What You Need To Know

April 13, 2018 by Walt Manning Leave a Comment

Introduction

A journalist named Steven was on a flight from Dallas to Raleigh. During the flight he connected to the in-flight Wi-Fi while working on a very sensitive and controversial article. He checked and wrote several email messages during the flight.

As the plane landed and everyone stood up to deplane, a man in the row just behind Steven tapped him on the shoulder and asked to talk to him after they left the plane. Steven thought it was a little strange, but agreed.
In the gate area, the stranger told Steven that he had hacked his device during the flight, and could read everything that Steven had sent and received, including information about Steven’s confidential informants. In fact, the stranger admitted that he had hacked most of the devices connected to the in-flight Wi-Fi.

Given the sensitive nature of the article, the stranger just wanted to warn Steven that he needed to be more careful.

The Risks From Unsecure Wi-Fi

I’m sure that almost all of you use Wi-Fi, either in your home, office or in public places that provide a free connection.

Wi-Fi that is not properly secured could put your identity, your data, and your finances at risk.

Think about the types of data you are transmitting when you connect to the Internet

Access to your email
Login credentials for any network or website
Data related to online banking or investments
Credit card numbers
Text messages

Data stored on your devices that you might prefer to keep private might also be at risk.

Wi-Fi has become so widespread that we tend to take it for granted without questioning whether it is secure. Here are the facts:

Hundreds of thousands of home and office Internet routers have been hacked, as the default passwords and SSID names (Service Set Identifier) were never changed on the devices. (An SSID is the Wi-Fi network name.)
Even more routers have been successfully attacked because the password was easily guessed.
People connect to public Wi-Fi in airports, hotels, train stations, sporting events and conferences because it’s convenient and free, and doesn’t require them to use data minutes from their cellular provider.
In some situations, Wi-Fi providers who require a password do not really have secured systems.
Even your home or office Wi-Fi router may have already been compromised.
With the recent U.S. government change in policy toward “net neutrality,” your Internet Service Provider (ISP) can now legally watch your Internet activity and use this data for advertising, or even sell your data to other companies.

Do You Know How to Use Wi-Fi Securely?

Probably the most important step you can take to improve the security of your Wi-Fi connections is to use a Virtual Private Network, or VPN.

Without a VPN, your Wi-Fi traffic could possibly be intercepted, and if your device has file-sharing activated, an attacker might even be able to access the data stored on the device.

Hackers could also use techniques that allow them to plant malware on your device.

Your Internet Service Provider (ISP) can see all of your Internet activity if you are not using a VPN.

In simple terms, a VPN creates a secure, encrypted tunnel between your device and one of the remote servers of the VPN provider.

A VPN not only encrypts the data transmitted between your device and the server, but it also hides your Internet Protocol (IP) address. This masks your location and can make it appear that you are located somewhere else.

Once your traffic exits the VPN server, if you are accessing a website protected with HTTPS then your communication is still secure. HTTPS stands for “HyperText Transfer Protocol Secure,” which encrypts the traffic between your device and a website.

However, if the website does not have HTTPS, keep in mind that an outside party monitoring traffic from the VPN server could conceivably intercept your traffic, but it would be more difficult to trace it back to you depending on the nature and content of the transmission.

One potential downside to using a VPN is that the VPN service provider may be able to see all of your Internet traffic, so you will need to trust it to keep your data confidential. Some providers do not maintain any logs of user activity, but many do, so make sure you research providers before you decide which service to use.

A VPN won’t protect you if you click on an infected attached file or link, so you should still consider anti-malware protection for all of your devices.

How to Choose a VPN?

Choosing the best VPN depends on your situation and individual or organizational needs.

Some VPNs are free, but most offer paid versions with other services, such as faster bandwidth, a larger variety of services, multi-device plans, and more.

Remember that a VPN does NOT make you completely anonymous, and will NOT protect you from malware.

Most VPN services are software-based, but there are some that also offer VPN capability built into an Internet router.

Other services will help you to reprogram your existing router to use their service, but this almost always requires a paid subscription.

Some questions that you might want to ask:

How confidential will my Internet activity be?
What kind of data, if any, does the VPN provider collect about my browsing?
How long does it keep this data?
Are there any restrictions on bandwidth?
Where are the VPN servers?
How do you pay for the VPN service?
There are lots of reviews and recommendations about the best VPN services, and you should read several to find the best choice for you.

I am providing some links to help you get started:

That One Privacy Site – https://thatoneprivacysite.net/simple-vpn-comparison-chart/
https://www.top10vpn.com/best-vpn-for-usa
https://www.techradar.com/vpn/best-vpn

And these are links to several VPN services for more detailed information:

Freedome VPN – https://www.f-secure.com
IPVanish VPN – https://www.ipvanish.com
Nord VPN – https://nordvpn.com/
ProtonVPN – https://protonvpn.com/
Mullvad – https://www.mullvad.net/en/
StrongVPN – https://strongvpn.com/
Tunnelbear VPN – https://www.tunnelbear.com/
Vyper VPN – https://www.goldenfrog.com/vyprvpn

Additional Options to Explore

Turn Wi-Fi off on all your devices when it isn’t needed.
Think about using a browser that focuses on privacy instead of tracking your activities.
Use the “HTTPS Everywhere” browser extension at https://www.eff.org/https-everywhere.
Research other browser extensions or add-ons designed to protect your privacy
If you store your data anywhere in the “cloud,” seriously consider either using a service that encrypts your data or encrypting the data yourself before it is uploaded to your cloud account.
Consider the use of a search engine that does not track your search activities, such as StartPage.com or DuckDuckGo.com.

The risks from techno-crime grow every day, but there are relatively simple and easy things you can all do to minimize the dangers you are exposed to.

I recommend that you never, ever connect to an unsecured Wi-Fi signal without using a VPN.

On every device.

All the time.

Remember…just because you think a Wi-Fi signal is secure, there is no guarantee.

Stay safe and please take this one step to protect yourself from one of your biggest techno-crime risks.

What Crooks Are Doing On Darknets

March 18, 2018 by Walt Manning Leave a Comment

Introduction

If you read the first two posts in this series, you have an idea about what the darknets are and how the Tor network functions. (Here are the links to the previous posts, if needed: “Darknets: What You Need To Know” and “Darknets: The Mysterious Technology Explained, Part I.”)

Many people want to know the answers to these questions:

How does a buyer pay for darknet services or merchandise?

Darknet vendors usually accept only digital currencies and, in the past, Bitcoin has been the primary method of payment.

However, now there are alternative currencies, like Dash, ZCash and Monero that are even more anonymous and could be impossible to trace.

The use of these “alt coins” is growing dramatically, creating more challenges for darknet investigations.

How can a buyer trust a darknet vendor?

Most darknet sites allow both buyers and sellers to rate each other. This can build “social validation” for vendors who receive high ratings from previous buyers.

A high vendor rating might even allow a vendor to charge higher prices than a competitor.

For the other side of the transaction, high ratings for frequent buyers might result in special offers or discounts for future purchases.

Even with social validation, how many buyers would be willing to send payment to a vendor with no guarantee that he would receive his merchandise?

Many darknet markets solve this by serving as an escrow agent. The market operators will hold the payment until the buyer notifies them that he has received the merchandise. Payment is then forwarded to the vendor.

However, both parties in the transaction must also trust the darknet market operators. There have been cases where the operators suddenly closed the market and disappeared with the funds being held in escrow, never to be heard from again.

This happened with a previous popular darknet named Evolution, where the operators disappeared with over $12 million USD in Bitcoin, and have never been found.

PLEASE NOTE: At the request of our web hosting provider, all personal information in the images displayed in this post has been removed, including the darknet names of the vendors or any of their contact information. We are not promoting their products nor are we encouraging the use of darknets for illegal activities. We strongly believe that increasing awareness will help educate investigators and law enforcement professionals who were not already familiar with this area.

Criminal Activity on the Darknets

Drugs

The sale of drugs probably generated the most publicity about criminal activities on Tor.

The Silk Road was the first major darknet marketplace to gain the attention of the international press. Silk Road was in operation from 2010 through October 2013. At the time it was shut down, the site had over 950,000 registered users and over 100,000 registered buyers.

According to a federal indictment, during the time period from February 2011 through July 2013, the site processed over $1.2 billion (USD) in transactions, and the operators of the site earned almost $80 million (USD) in fees.

Silk Road was the first major darknet market to have features such as buyer and seller ratings, a consolidated shopping cart, and a very user-friendly interface. The operators of the marketplace also acted as escrow agents for the transactions.

For a more detailed story about Silk Road, you might be interested in reading “The Rise and Fall of Silk Road” by Joshua Davis and Steven Leecart published in Wired magazine.

Since Silk Road was shut down in late 2013, numerous other darknet marketplaces have been created to provide similar products and services.

There are too many darknet marketplaces and individual vendor sites for us to cover here, but here are some examples of the type of merchandise available.

Almost every type of narcotic and banned substance is available from a darknet market. Products include, but are certainly not limited to:

Click here for a larger version of the image.

There is a source for almost any drug that you can name from either numerous darknet markets or individual vendor sites.

Here are a couple of interesting items about darknet drug sales.

During the Silk Road investigation, law enforcement conducted over 100 covert purchases of drugs from various vendors. After delivery of the order, many of the drugs were sent to a laboratory for analysis. Surprisingly, the analysis indicated very high quality, even compared to street drugs.

Judith Aldridge, a law professor at the University of Manchester, and David Decary-Hetu, a criminologist at the University of Lausanne, published an interesting academic paper, titled: “Not an ‘eBay for Drugs’: The Cryptomarket ‘Silk Road’ As a Paradigm Shifting Criminal Innovation.”

Their hypothesis was that the darknet drug trade might actually reduce real-world drug-related violence.

If you think about it, in these transactions the identity and location of both buyer and seller are unknown. Where is the potential for violence? How could another vendor or group use violence to eliminate a darknet competitor when one doesn’t know who or where the other is?

It is an interesting topic to consider.

Weapons

I have seen many vendors who offer a wide range of weapons, from handguns to military-grade arms and explosives.

Opinions on some darknet forums claim that there are no legitimate weapons vendors on the darknet, and all of them are scams.

However, there have been arrests of darknet vendors dealing in weapons of all types.

One past vendor claimed to be a legitimate gun dealer located in the mid-western United States. He sold all types of weapons, even offering to de-serialize the weapon and disassemble it so that the individual parts could be shipped separately.

How much of this type of activity is real? I don’t know, but I have seen these items for sale on various sites:

Click here for a larger version of the image.

(There is no larger version of this image.)

Click here for a larger version of the image.

(There is no larger version of this image.)

Click here for a larger version of the image.

Personal and Financial Information

Everyone knows that data breaches of personal and financial information continue to grow. Much of this stolen data is sold on darknets.

Some examples of information for sale:

Click here for a larger version of the image.

Forged Identification & Currency

Any type of forged identification and supporting documentation can be found for sale on darknets.

Click here for a larger version of the image.

Vendors selling forged currencies abound. U.S. dollars and euros appear to be the most popular, but occasionally the currency of another country might also be seen.

Click here for a larger version of the image.

Hacker And Hacking Tools

Hackers sell their services on the darknets, and will take on any assignment for a price.

Hacking tools are also available for sale that make it easy to attack a target. In the past, a hacker might need a high level of technical skill to break into a network. But the tools today are packaged into automated toolkits requiring much less knowledge and experience.

Keep in mind that the hackers who do have sophisticated expertise are the ones who penetrate your security and leave no trace.

New botnets used to conduct Distributed Denial of Service (DDOS) attacks are available to rent, with the price depending on the number of “bots” desired for the attack, and the length of time the attack lasts.

The basic concept of a DDOS attack is to launch so much Internet traffic against a target that the system is overwhelmed and can’t function. At the very least, the system is dramatically slowed or not available for legitimate users.

There is a fear that massive DDOS attacks could take down the Internet for entire countries. Limited examples have already been seen.

Millions of connected devices with little, if any, security have been added to these botnets. Devices such as Personal Digital Recorders, smart televisions (and other home appliances), CCTV surveillance cameras, Internet routers, and even baby monitors are now parts of these criminal botnets.

More and more devices are being connected to the Internet, providing possible entry points to home and business networks, as well as the potential for even larger botnets.

I will talk about the risks from the “Internet of Things” in future posts.

A few of the hacker tools seen for sale on the darknet markets include:

Click here for a larger version of the image.

Click here for a larger version of the image

Click here for a larger version of the image.

Why Is This Important?

There are lots of people who aren’t aware of the type of criminal activities occurring on the darknets.

I would suggest two points for you to think about.

First, I believe that some of the darknet vendors are criminals operating independently for their own purposes.

But I also believe that a portion of the criminal activity on the darknets involves organized transnational criminal groups, and that the different types of activities are related to support the organization’s goals.

Does this seem to be overly paranoid?

There are other criminal justice researchers who agree with this view.

Think about the potential revenue.

Think about the anonymity provided by using this technology.

Think about how these criminals are making it harder for investigators to find them.

The crime we are seeing on these darknets is only the beginning…

Final Thoughts:

I hope that these posts have increased your awareness and understanding about the darknets.

Investigators need to be aware of every tool being used by techno-criminals in the world today.

Darknets are migrating and the technology is always changing.

We must change and evolve with it, so that we will continue to be effective.

Join us.

Introduction

The SAFE Network

Freenet

Storj

Conclusion

Introduction

Is It Even Possible?

“Cosmos”: The Next Step Beyond The Cloud…

Now Add Distributed and Decentralized Computing

Some Possible Results of This Network…

What Does This Mean For Investigators?

Conclusions

Consider these scenarios…

Introduction

How big can it be?

How IoT will change your life

Unintended side effects?

What about security?

Could the IoT fundamentally change crime and investigations?

Conclusions

Introduction

The Risks From Unsecure Wi-Fi

Do You Know How to Use Wi-Fi Securely?

How to Choose a VPN?

Introduction

Criminal Activity on the Darknets

Why Is This Important?

Final Thoughts:

Evolve With Us To Fight Techno-Crimes!