Techno-Crime Institute

Driving and Inspiring The Evolution of Investigations

  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Contact
  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Contact
You are here: Home / The Techno-Crime Blog

Do You Know Which Technology Could Change Investigations Forever?

June 27, 2018 by Walt Manning Leave a Comment

Internet of Things

Consider these scenarios…

A kidnapper takes remote control of the self-driving car that just picked your CEO at her hotel. The car is now driving her to a remote location where the criminals will meet her.

Your new smart home controller (think Amazon Echo, Google Home, Apple HomePod) has been hacked, and is now always listening to anything said within range of the microphone.

A terrorist group takes wireless control of several connected cars on major freeways and cause major pileups that kill or injure over 500 people.

A hacker sends a wireless command to the cardio-verter defibrillator implanted in a politician’s chest, causing the device to send a jolt of 750 volts to the politician’s heart.

A drone with a mounted silenced weapon assassinates the president of a country.

Your daughter received a “talking” teddy bear for her birthday. You don’t realize that the voice now talking to her is the convicted sex offender who lives several houses away.

All of the above examples are possible today, or will be in the near future.

Introduction

Welcome to the Internet of Things (IoT), an exploding technology where almost anything is or will be connected to the Internet.

Lots of these items have cameras, microphones or sensors that track data about a user or any other person in range.

Many of the devices are “smart”, which means they have some type of built-in data processing capability.

Some can talk to other connected devices, and almost all of them will be communicating data to at least one cloud-based server (if not more).

Voice-aware personal and home assistants can already act on your voice commands to do everything from play music to make bank transfers, and are being given more capabilities daily.

Self-driving cars that will be able to talk to each other and also to a central traffic control server will arrive within a few years.

Many medical devices are already connected in healthcare provider offices and hospitals, and new medical implants will monitor your vital signs and any other body or brain function (while communicating this data wirelessly to a connected mobile device and/or to a cloud server).

We now have smart homes, offices and even smart cities, where technology is becoming even more intelligent and interconnected.

Lots of devices that you might not think about are now being made with network connectivity (these are all real products):

  • Clothing
  • Light bulbs
  • Smoke alarms
  • Thermostats
  • Fitness trackers
  • Kitchen appliances
  • Industrial sensors
  • Toys
  • Trash cans
  • Hairbrushes
  • Luggage
  • Forks
  • Whiskey decanters
  • Mirrors
  • Cardiac pacemakers and defibrillators

Now combine these billions of new devices with an exploding number of satellite, drone, and surveillance cameras, microphones, and biometric and facial recognition technology. Can you imagine the possible new types of data these IoT devices could produce for investigators…or criminals?

How big can it be?

Many people don’t realize how the number of connected devices will explode in the coming years.

The estimated number of devices connected to the Internet today is over 10 billion, which is already greater than the population of the earth.

The Gartner Group projects that by 2020 the number of connected devices could double to over 20 billion.

One company predicts that Internet of Things devices will generate over 600 zettabytes of data by 2020.

Now to put that in perspective, one zettabyte of data storage is the equivalent of:

  • 34 trillion 3-minute digital songs
  • 250 billion DVDs, or
  • 36,000 years of high-definition videos.

The Information Security Institute estimates that there will soon be over 100 devices that contain Wi-Fi chips in every home.

John Chambers, former CEO of Cisco Systems, predicted that the impact of the Internet of Things could be 5 – 10 times greater than the impact of the Internet itself.

How IoT will change your life

The Internet of Things technology will give us fantastic benefits that aren’t even possible today.

You won’t use a keyboard to interact with the network anymore. Devices will either be voice-activated, or capable of direct communication via a brain computer interface (BCI).

Yes, this means that the network will be able to know and react to your thoughts.

With so much data being collected about you, the network will know everything about your financial transactions, your health and medical history, and your food and drink preferences. It will also know everywhere you go and most of what you do throughout the day.

Medical IoT devices and new implants will provide continuous monitoring and personalized medical treatments that aren’t possible today. Imagine a medical implant that can monitor your blood chemistry and glucose levels, and can administer only the amount of medication needed at that precise moment.

Your medical insurance rates will adjust automatically throughout the day depending on your behavior. On days when you exercise, get plenty of sleep, and eat well, your premiums go down. If you overeat, drink too much, and experience high stress, the premiums increase.

Holographic and virtual reality technologies will give you the capability of appearing to be anywhere you want to be in the real or virtual worlds, and developing “haptic” technologies will allow you to see, touch, hear and smell the environment where your representative avatar is.

All this technology will lead to increased productivity and convenience. The network will be able to anticipate your needs and desires. Facial and biometric recognition will provide you with personalized experiences and services that you can’t even imagine.

Robotics technology (of course they will also be wirelessly connected) will create entirely new possibilities in multiple industries. For example, in the service industry robots have already replaced human employees to check in guests at hotels, deliver room service, and help to care for elderly or disabled patients.

The possibilities seem endless to improve our lives and increase efficiency.

Unintended side effects?

But what unintended consequences could this technology cause?

First of all, can you imagine the impact it will have on your personal privacy?

If the exploding number of IoT devices are always watching and listening, will privacy still be possible?

What impact could this have on our world, if a person can no longer do anything, say anything, or think anything without that data being collected and analyzed?

Would this change your behavior?

Surveillance is the business model of the Internet.
You are the product.

And with the Internet of Things, this will be even more certain.

Many governments and companies already collect massive amounts of data about all of us. But with the IoT, the volume of collected data will skyrocket.

But there will be some logistical problems with accumulating this quantity of data.

  • How much will it cost to develop the data storage to hold it all?
  • Where will the data be stored (which may be impacted by existing or future privacy laws that differ from country to country)?
  • Will we need new international laws related to IoT technology?
  • How will investigators know which company has collected what data, and how to obtain it?
  • If every IoT device collects data in a different format, how will an investigator be able to combine all the data related to an investigation to provide useful information?
  • As with most mass surveillance or data collection, the size of the data makes it more difficult to extract useful information and interpret it.

Consider the analogy of finding a needle in a haystack. If the haystack you are searching suddenly doubles in size, how much longer will it take for you to find the needle?

What if it grows by one hundred times?

Remember, the success of almost all investigations relies on either time or money.

If the technology makes it harder for investigators to find relevant data, will IoT help you be successful, or will the sheer volume of data overwhelm you and keep you from finding the evidence you need?

What about security?

What about the security of Internet of Things devices?

Right now, security doesn’t seem to be a priority for companies manufacturing these devices.

There are few, if any, laws of regulations addressing the security of IoT devices.

Most devices have no security at all, and many don’t have the capability for the device’s firmware or software to be updated.

If a security flaw in one of these devices is discovered, your only option may be to destroy the device and get a new one that “might” have been updated to eliminate the flaw.

But what are your options when a different defect is found?

Most IoT devices communicate wirelessly, but very few of them currently use encryption to protect the data.

If any wireless signal is not secured, it can potentially be intercepted.

This could give anyone access to the data being transmitted by the IoT device.

Unsecured IoT devices communicating via Wi-Fi or Bluetooth signals on your home or office network could also give a criminal access to your network.

And access to the data stored on every device connected to the network.

For example, many smart televisions have microphones and cameras.

Some smart televisions even create their own Wi-Fi hotspot, and with no security.

A hacker who could intercept this Wi-Fi signal might be able to see or hear anything within range of the camera and microphone.

If the television is connected to your home of office Wi-Fi, the attacker could potentially gain access to your network.

In one study by Hewlett Packard, 70% of IoT devices analyzed were vulnerable, and each device contained an average of 25 security flaws.

A Symantec study of health/fitness tracking apps showed the average device sent the collected data to between 5 and 14 different Internet domains.

According to a recent survey of IT professionals on the ISACA IT Risk/Reward Barometer, three-quarters of the respondents believed that a security breach caused by an insecure IoT device is likely.

Almost every IoT device that has been tested by security researchers has been successfully hacked.

Connected cars, medical devices in hospitals, implantable cardioverter-defibrillators (and pacemakers) have been hacked.

Video conferencing systems, wireless copiers and printers, and other office devices have been remotely accessed.

Kitchen appliances, connected thermostats, and wireless home security systems have been hacked.

Could the IoT fundamentally change crime and investigations?

This may seem to be a strange question, but consider the following:

  • We already have a staggering number of surface, satellite, mobile device, and drone cameras that will only continue to grow.
  • Add a dramatic expansion of facial and biometric recognition with much better quality than we have today.
  • All the devices that operate via voice control will always be listening and will alter behavior, even behind closed doors.
  • IoT devices will mostly communicate via wireless protocols, many of which have already been hacked.
  • Self-driving and fully autonomous vehicles will provide much more information about individual movements than has ever existed.

Since new IoT vehicles will have cameras and biometric recognition, and will be tracked with GPS, will auto theft and hijacking go away? Or will we have new types of high-tech thefts when the technology is hacked?

Does IoT technology have the potential to reduce person-on-person violent crime?

Could medical implants that constantly monitor blood components help to reduce illegal drug use?

We may have new risks when facial recognition or other biometric data is stolen.

  • If a criminal steals an identity or financial records, the victim can probably recover by creating new accounts, obtain new identification, and eventually resolve any fraud that was committed.
  • But if a crook steals biometric data, that can’t be recovered or replaced.

We may even see new types of crime created by these technologies that never existed before.

The Internet of Things may also change how we investigate crime.

We will need new types of investigative and forensic specialists who will have the knowledge and expertise to deal with this technology.

We might need to re-think how we organize law enforcement agencies and private investigations firms.

The old models where an agency or company has all the expertise needed “in house” may no longer be possible.

Teams of investigative specialists may be needed for each criminal case or civil engagement.

Sophisticated artificial intelligence capable of reviewing the massive amount of video and other data that will be collected from millions of sources might be required.

Conclusions

Are you sure that the Internet of Things will create more benefits than risks?

Even if the technology benefits outweigh the risks, are you ready to deal with the security and investigative challenges that will come with it?

We can help you understand some of the risks from your smart homes and mobile devices, and hopefully help you improve your security.

In our Free Content Library you can find our “Smart Home and Mobile Device Security Checklist.”

This checklist doesn’t address all of the issues we’ll face with the Internet of Things, but at least it might give you a good place to start.

Filed Under: Uncategorized

This Is Possibly Your Biggest Techno-Crime Risk: What You Need To Know

April 13, 2018 by Walt Manning Leave a Comment

Internet Security

Introduction

A journalist named Steven was on a flight from Dallas to Raleigh. During the flight he connected to the in-flight Wi-Fi while working on a very sensitive and controversial article. He checked and wrote several email messages during the flight.

As the plane landed and everyone stood up to deplane, a man in the row just behind Steven tapped him on the shoulder and asked to talk to him after they left the plane. Steven thought it was a little strange, but agreed.
In the gate area, the stranger told Steven that he had hacked his device during the flight, and could read everything that Steven had sent and received, including information about Steven’s confidential informants. In fact, the stranger admitted that he had hacked most of the devices connected to the in-flight Wi-Fi.

Given the sensitive nature of the article, the stranger just wanted to warn Steven that he needed to be more careful.

The Risks From Unsecure Wi-Fi

I’m sure that almost all of you use Wi-Fi, either in your home, office or in public places that provide a free connection.

Wi-Fi that is not properly secured could put your identity, your data, and your finances at risk.

Think about the types of data you are transmitting when you connect to the Internet

  • Access to your email
  • Login credentials for any network or website
  • Data related to online banking or investments
  • Credit card numbers
  • Text messages

Data stored on your devices that you might prefer to keep private might also be at risk.

Wi-Fi has become so widespread that we tend to take it for granted without questioning whether it is secure. Here are the facts:

  • Hundreds of thousands of home and office Internet routers have been hacked, as the default passwords and SSID names (Service Set Identifier) were never changed on the devices. (An SSID is the Wi-Fi network name.)
  • Even more routers have been successfully attacked because the password was easily guessed.
  • People connect to public Wi-Fi in airports, hotels, train stations, sporting events and conferences because it’s convenient and free, and doesn’t require them to use data minutes from their cellular provider.
  • In some situations, Wi-Fi providers who require a password do not really have secured systems.
  • Even your home or office Wi-Fi router may have already been compromised.
  • With the recent U.S. government change in policy toward “net neutrality,” your Internet Service Provider (ISP) can now legally watch your Internet activity and use this data for advertising, or even sell your data to other companies.

Do You Know How to Use Wi-Fi Securely?

Probably the most important step you can take to improve the security of your Wi-Fi connections is to use a Virtual Private Network, or VPN.

Without a VPN, your Wi-Fi traffic could possibly be intercepted, and if your device has file-sharing activated, an attacker might even be able to access the data stored on the device.

Hackers could also use techniques that allow them to plant malware on your device.

Your Internet Service Provider (ISP) can see all of your Internet activity if you are not using a VPN.

In simple terms, a VPN creates a secure, encrypted tunnel between your device and one of the remote servers of the VPN provider.

A VPN not only encrypts the data transmitted between your device and the server, but it also hides your Internet Protocol (IP) address. This masks your location and can make it appear that you are located somewhere else.

Once your traffic exits the VPN server, if you are accessing a website protected with HTTPS then your communication is still secure. HTTPS stands for “HyperText Transfer Protocol Secure,” which encrypts the traffic between your device and a website.

However, if the website does not have HTTPS, keep in mind that an outside party monitoring traffic from the VPN server could conceivably intercept your traffic, but it would be more difficult to trace it back to you depending on the nature and content of the transmission.

One potential downside to using a VPN is that the VPN service provider may be able to see all of your Internet traffic, so you will need to trust it to keep your data confidential. Some providers do not maintain any logs of user activity, but many do, so make sure you research providers before you decide which service to use.

A VPN won’t protect you if you click on an infected attached file or link, so you should still consider anti-malware protection for all of your devices.

How to Choose a VPN?

Choosing the best VPN depends on your situation and individual or organizational needs.

Some VPNs are free, but most offer paid versions with other services, such as faster bandwidth, a larger variety of services, multi-device plans, and more.

Remember that a VPN does NOT make you completely anonymous, and will NOT protect you from malware.

Most VPN services are software-based, but there are some that also offer VPN capability built into an Internet router.

Other services will help you to reprogram your existing router to use their service, but this almost always requires a paid subscription.

Some questions that you might want to ask:

  • How confidential will my Internet activity be?
  • What kind of data, if any, does the VPN provider collect about my browsing?
  • How long does it keep this data?
  • Are there any restrictions on bandwidth?
  • Where are the VPN servers?
  • How do you pay for the VPN service?
  • There are lots of reviews and recommendations about the best VPN services, and you should read several to find the best choice for you.

I am providing some links to help you get started:

  • That One Privacy Site – https://thatoneprivacysite.net/simple-vpn-comparison-chart/
  • https://www.top10vpn.com/best-vpn-for-usa
  • https://www.techradar.com/vpn/best-vpn

And these are links to several VPN services for more detailed information:

  • Freedome VPN – https://www.f-secure.com
  • IPVanish VPN – https://www.ipvanish.com
  • Nord VPN – https://nordvpn.com/
  • ProtonVPN – https://protonvpn.com/
  • Mullvad – https://www.mullvad.net/en/
  • StrongVPN – https://strongvpn.com/
  • Tunnelbear VPN – https://www.tunnelbear.com/
  • Vyper VPN – https://www.goldenfrog.com/vyprvpn

Additional Options to Explore

  • Turn Wi-Fi off on all your devices when it isn’t needed.
  • Think about using a browser that focuses on privacy instead of tracking your activities.
  • Use the “HTTPS Everywhere” browser extension at https://www.eff.org/https-everywhere.
  • Research other browser extensions or add-ons designed to protect your privacy
  • If you store your data anywhere in the “cloud,” seriously consider either using a service that encrypts your data or encrypting the data yourself before it is uploaded to your cloud account.
  • Consider the use of a search engine that does not track your search activities, such as StartPage.com or DuckDuckGo.com.

The risks from techno-crime grow every day, but there are relatively simple and easy things you can all do to minimize the dangers you are exposed to.

I recommend that you never, ever connect to an unsecured Wi-Fi signal without using a VPN.

On every device.

All the time.

Remember…just because you think a Wi-Fi signal is secure, there is no guarantee.

Stay safe and please take this one step to protect yourself from one of your biggest techno-crime risks.

Filed Under: Uncategorized

What Crooks Are Doing On Darknets

March 18, 2018 by Walt Manning Leave a Comment

Criminals And The Darknets

Introduction

If you read the first two posts in this series, you have an idea about what the darknets are and how the Tor network functions. (Here are the links to the previous posts, if needed: “Darknets: What You Need To Know” and “Darknets: The Mysterious Technology Explained, Part I.”)

Many people want to know the answers to these questions:

How does a buyer pay for darknet services or merchandise?

Darknet vendors usually accept only digital currencies and, in the past, Bitcoin has been the primary method of payment.

However, now there are alternative currencies, like Dash, ZCash and Monero that are even more anonymous and could be impossible to trace.

The use of these “alt coins” is growing dramatically, creating more challenges for darknet investigations.

How can a buyer trust a darknet vendor?

Most darknet sites allow both buyers and sellers to rate each other. This can build “social validation” for vendors who receive high ratings from previous buyers.

A high vendor rating might even allow a vendor to charge higher prices than a competitor.

For the other side of the transaction, high ratings for frequent buyers might result in special offers or discounts for future purchases.

Even with social validation, how many buyers would be willing to send payment to a vendor with no guarantee that he would receive his merchandise?

Many darknet markets solve this by serving as an escrow agent. The market operators will hold the payment until the buyer notifies them that he has received the merchandise. Payment is then forwarded to the vendor.

However, both parties in the transaction must also trust the darknet market operators. There have been cases where the operators suddenly closed the market and disappeared with the funds being held in escrow, never to be heard from again.

This happened with a previous popular darknet named Evolution, where the operators disappeared with over $12 million USD in Bitcoin, and have never been found.

 

PLEASE NOTE: At the request of our web hosting provider, all personal information in the images displayed in this post has been removed, including the darknet names of the vendors or any of their contact information. We are not promoting their products nor are we encouraging the use of darknets for illegal activities. We strongly believe that increasing awareness will help educate investigators and law enforcement professionals who were not already familiar with this area.

 

Criminal Activity on the Darknets

Drugs

The sale of drugs probably generated the most publicity about criminal activities on Tor.

The Silk Road was the first major darknet marketplace to gain the attention of the international press. Silk Road was in operation from 2010 through October 2013. At the time it was shut down, the site had over 950,000 registered users and over 100,000 registered buyers.

According to a federal indictment, during the time period from February 2011 through July 2013, the site processed over $1.2 billion (USD) in transactions, and the operators of the site earned almost $80 million (USD) in fees.

Silk Road was the first major darknet market to have features such as buyer and seller ratings, a consolidated shopping cart, and a very user-friendly interface. The operators of the marketplace also acted as escrow agents for the transactions.

For a more detailed story about Silk Road, you might be interested in reading “The Rise and Fall of Silk Road” by Joshua Davis and Steven Leecart published in Wired magazine.

Since Silk Road was shut down in late 2013, numerous other darknet marketplaces have been created to provide similar products and services.

There are too many darknet marketplaces and individual vendor sites for us to cover here, but here are some examples of the type of merchandise available.

Almost every type of narcotic and banned substance is available from a darknet market. Products include, but are certainly not limited to:

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

There is a source for almost any drug that you can name from either numerous darknet markets or individual vendor sites.

Here are a couple of interesting items about darknet drug sales.

During the Silk Road investigation, law enforcement conducted over 100 covert purchases of drugs from various vendors. After delivery of the order, many of the drugs were sent to a laboratory for analysis. Surprisingly, the analysis indicated very high quality, even compared to street drugs.

Judith Aldridge, a law professor at the University of Manchester, and David Decary-Hetu, a criminologist at the University of Lausanne, published an interesting academic paper, titled: “Not an ‘eBay for Drugs’: The Cryptomarket ‘Silk Road’ As a Paradigm Shifting Criminal Innovation.”

Their hypothesis was that the darknet drug trade might actually reduce real-world drug-related violence.

If you think about it, in these transactions the identity and location of both buyer and seller are unknown. Where is the potential for violence? How could another vendor or group use violence to eliminate a darknet competitor when one doesn’t know who or where the other is?

It is an interesting topic to consider.

Weapons

I have seen many vendors who offer a wide range of weapons, from handguns to military-grade arms and explosives.

Opinions on some darknet forums claim that there are no legitimate weapons vendors on the darknet, and all of them are scams.

However, there have been arrests of darknet vendors dealing in weapons of all types.

One past vendor claimed to be a legitimate gun dealer located in the mid-western United States. He sold all types of weapons, even offering to de-serialize the weapon and disassemble it so that the individual parts could be shipped separately.

How much of this type of activity is real? I don’t know, but I have seen these items for sale on various sites:

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

(There is no larger version of this image.)

 

  Click here for a larger version of the image.

 

(There is no larger version of this image.)

 

  Click here for a larger version of the image.

 

  Click here for a larger version of the image.

 

  Click here for a larger version of the image.

 

  Click here for a larger version of the image.

 

Personal and Financial Information

Everyone knows that data breaches of personal and financial information continue to grow. Much of this stolen data is sold on darknets.

Some examples of information for sale:

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Forged Identification & Currency

Any type of forged identification and supporting documentation can be found for sale on darknets.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Vendors selling forged currencies abound. U.S. dollars and euros appear to be the most popular, but occasionally the currency of another country might also be seen.

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Hacker And Hacking Tools

Hackers sell their services on the darknets, and will take on any assignment for a price.

Hacking tools are also available for sale that make it easy to attack a target. In the past, a hacker might need a high level of technical skill to break into a network. But the tools today are packaged into automated toolkits requiring much less knowledge and experience.

Keep in mind that the hackers who do have sophisticated expertise are the ones who penetrate your security and leave no trace.

New botnets used to conduct Distributed Denial of Service (DDOS) attacks are available to rent, with the price depending on the number of “bots” desired for the attack, and the length of time the attack lasts.

The basic concept of a DDOS attack is to launch so much Internet traffic against a target that the system is overwhelmed and can’t function. At the very least, the system is dramatically slowed or not available for legitimate users.

There is a fear that massive DDOS attacks could take down the Internet for entire countries. Limited examples have already been seen.

Millions of connected devices with little, if any, security have been added to these botnets. Devices such as Personal Digital Recorders, smart televisions (and other home appliances), CCTV surveillance cameras, Internet routers, and even baby monitors are now parts of these criminal botnets.

More and more devices are being connected to the Internet, providing possible entry points to home and business networks, as well as the potential for even larger botnets.

I will talk about the risks from the “Internet of Things” in future posts.

A few of the hacker tools seen for sale on the darknet markets include:

 

Click here for a larger version of the image.

 

Click here for a larger version of the image

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Click here for a larger version of the image.

 

Why Is This Important?

There are lots of people who aren’t aware of the type of criminal activities occurring on the darknets.

I would suggest two points for you to think about.

First, I believe that some of the darknet vendors are criminals operating independently for their own purposes.

But I also believe that a portion of the criminal activity on the darknets involves organized transnational criminal groups, and that the different types of activities are related to support the organization’s goals.

Does this seem to be overly paranoid?

There are other criminal justice researchers who agree with this view.

Think about the potential revenue.

Think about the anonymity provided by using this technology.

Think about how these criminals are making it harder for investigators to find them.

The crime we are seeing on these darknets is only the beginning…

Final Thoughts:

I hope that these posts have increased your awareness and understanding about the darknets.

Investigators need to be aware of every tool being used by techno-criminals in the world today.

Darknets are migrating and the technology is always changing.

We must change and evolve with it, so that we will continue to be effective.

Join us.

Filed Under: Uncategorized

Darknets: The Mysterious Technology Explained, Part I

February 6, 2018 by Walt Manning Leave a Comment

Darknet

Introduction:

I hope you enjoyed the first post in this series, “Darknets: What You Need To Know.” If you didn’t have a chance to read it, it provides some basic background that might help before you read this post.

Darknets work by either hiding your location, protecting your identity, or both. Even more security can be added by using encryption.

There are various ways darknets operate to accomplish these goals. Some darknets route transmissions through several computers, making it hard to trace a transmission from beginning to end.

Other darknets are being developed with peer-to-peer technology, where every device connected to the network uses special software to become a “node” on that network that can be used to either transmit or store data.

Some of these networks break every transmission into pieces that are individually encrypted before they are sent. Other darknets use this same method to store data.

The key concepts to understand about darknets include routing information through several computers, using encryption, and sending individually encrypted pieces of data by a different route each time.

How Darknets Help People to Hide

To begin, the first darknet we’ll address is The Onion Router Project, also known as Tor. Tor is perhaps the most well-known and popular platform, and you may have heard a little about it without really understanding why it was created and how it functions.

In the mid-1990s, several branches of the U.S. government recognized the need for a secured network for intelligence agents, law enforcement, or dissidents in oppressed countries with restricted access to the Internet.

In 2003, the United States Naval Research Laboratory created The Onion Router Project. Their solution was to transmit data through several computers, or “nodes,” using encryption to mask a user’s physical location as well as his identity.

Even today, the U.S. government continues to provide significant funding for the Tor network.

Most Internet users can be identified by the Internet Protocol address of the device they use when connected to the network. Normally, this IP address can show the geographic location of the user, and could be used to learn his identity. Because of the way Tor works, this IP address is hidden.

The Tor network is composed of over 7,000 nodes whose owners have volunteered to be part of Tor.

The easiest way to use Tor is to download the Tor browser, which is a modified version of the Mozilla Firefox browser that is configured to automatically connect to the Tor network and change important settings to protect the privacy of the user.

All traffic transmitted on Tor is encrypted, with the exception of the data transmitted from an “exit” node when the data leaves the encrypted protection of the network.

Here is a simplistic version of how Tor works.

 

 

Alice needs to communicate with Bob and wants to use Tor to protect her location and identity. Alice downloads and installs the Tor browser, and opens it on her computer. The Tor browser then contacts a volunteer node operated by “Dave” to obtain a list of all Tor servers that are currently running.

“Dave” returns the list to Alice’s browser, which then creates a random pathway of 3 Tor nodes to transmit her communication with Bob. Alice’s data is encrypted with a different layer of encryption for each node. Note that in the graphic below, the links shown in green are encrypted.

 

 

When Alice’s message is received by Tor node #1, the first layer of encryption is stripped away. The discarded data contains any information related to Alice or her IP address, while revealing the address for Tor node #2. The message is then sent to the next address in the path.

The message is received by Tor node #2, which strips off the next layer of encryption. This second layer contains information about Tor node #1, but nothing about Alice because the first node removed that data.

The only information known by node #2 is that someone is using the Tor network to communicate with someone else. No data related to either party is known at this point in the transmission.

After this layer is removed, the address for Tor node #3 is revealed, and the message is passed along.

At Tor node #3, which in this example is also the exit node, the final layer of encryption is removed revealing the address for Bob. This node only knows that the message came from Tor node #2 with Bob as the final destination.

Consider the analogy of sending a note through the regular mail. You insert the note in an envelope and address it to a friend named Jim.

You seal the envelope and then put that envelope into a second one, addressed to another friend, Barbara, requesting that she forward it on to Jim.

You then enclose these two envelopes into yet another one and address it to a third friend, Jerry. You ask Jerry to forward the enclosed envelopes to Barbara.

Finally, you enclose the group of three envelopes into another one, addressed to a friend, Jane. You ask Jane to forward the envelopes to Jerry.

Let’s assume that the content of the original note to Jim is encrypted with a code known only to you and Jim.

This is how the Tor network works, but using technology instead of envelopes.

Back to our original scenario. If Alice later wants to communicate with Jane, a different random path of Tor nodes is created for that message, as in the final graphic below.

 

Some people believe that Tor is completely anonymous, but that’s not necessarily true. A user’s Internet Service Provider (ISP) or the IT department of an organization can see when a person on their network is using Tor. They probably won’t be able to tell what the user is doing on Tor, but some organizations block users from accessing any IP address known to be associated with the Tor network.

The other way that a person using Tor might be identified is if the exit node on the Tor network is being monitored. Remember that data leaving the Tor network may not be encrypted.

Why Should Investigators Care?

Criminals and terrorists will use the technology if it benefits them…and the use of darknets helps them to hide their identity, their location, and their activities.

Are darknets like Tor inherently evil?

No, they’re not.

But there is criminal and terrorist activity happening on these darknets, and investigators and more people from the general public need to be aware of what they are and how they work.

If you don’t know enough, then you give them an advantage.

To me, that’s unacceptable.

Final Thoughts:

Many of you have never visited Tor, and may believe that it’s too dangerous to even explore to see what’s out there.

I value your time, so I’ll continue the discussion of Tor in my next post. I’ll show you some examples of merchandise and services available on Tor, and will talk about why they are important.

In future posts, I’ll show you examples of other types of darknets and explain how they are different from Tor.

Once again, let’s keep things in the proper perspective. There is crime in the real world, and there is crime in the darknet virtual world as well.

The real world is not completely evil, and neither are darknets.

Just as we do in the real world, our purpose as investigators should be to track down and eliminate crime, while recognizing and preserving the rights of those who use the technology for their personal privacy and security.

Here is a link to the final post in my series about darknets: “What Crooks Are Doing On Darknets.”

Filed Under: Uncategorized

Darknets: What You Need to Know

January 22, 2018 by Walt Manning 2 Comments

Darknet

Introduction:

There are sites on the Internet where any type of drug or weapon can be purchased and the transactions are conducted with digital currencies which are almost impossible to trace.

Credit card and bank account data, counterfeit currencies, medical records, and every type of forged document are for sale. Assassins, hackers, and other services are also available for hire.

Human trafficking and child pornography can be found there, along with tutorials for committing any type of crime.

I call these hidden networks darknets.

Most people don’t even know they exist.

When I give talks and show demonstrations of these sites, most people are shocked, and can’t believe that governments and law enforcement agencies allow them to exist.

Are they real or fake?

If you’re an investigator, how much do you know about these darknets?

I think you should know enough about these networks to understand why people use them and what the current and future implications might be for investigators.

Why People Use Darknets

If people want to make it harder for law enforcement or government intelligence agencies to find them, there are lots of technology tools and techniques to help those people to hide.

We’ll be talking about some of them in future posts.

You may have seen publications, or heard officials from governments or law enforcement agencies say that every person who uses these darknets is a crook or terrorist.

There have been some court rulings in the United States saying that anyone who uses these networks or other “anonymizing” technologies like Virtual Private Networks (VPNs) should automatically be suspect.

But there can be legitimate uses for darknets, and anyone who says that every use is for either criminal or terrorist purposes is wrong.

As investigators, we need to keep these darknets in a proper perspective, yet understand why they exist and how they work.

Today an increasing number of law-abiding people are using these networks to find a way to communicate securely and to better protect their privacy.

I think many of you would agree that governments and private companies have become unreasonable in the amount of data that they are collecting about all of us.

Add to these fears the growing number of data breaches where organizations collecting personal data fail to secure it. Government agencies, like the Internal Revenue Service and the Office of Personnel Management, have been hacked and the confidential data they should have protected was stolen.

The security of major companies, financial institutions, credit reporting agencies, and healthcare providers has been breached far too many times.

Identity theft and now medical identity theft continue to grow and claim more victims every year.

One of the most widely used darknets, the Onion Router network (TOR), was originally designed to protect the identity and location of people who lived in oppressed countries. There was (and still is) a need for people to be able to communicate with the outside world and receive uncensored information without putting themselves at risk.

There’s also a need for undercover intelligence agents and law enforcement to have this capability. Many people believe that the U.S. government itself uses the TOR network to provide secure access to confidential information. Given the many data breaches of traditional government networks, this might be true. It might also explain why the government continues to partially fund TOR and allow it to exist.

Our growing use of technology raises serious questions about personal privacy and security risks compared to the need for accurate intelligence for national security and law enforcement.

Does the use of these darknets by criminals and terrorist outweigh the need for privacy and security?

The fear of terrorism has been used by governments to justify programs that continue to enable widespread surveillance, with little transparency.

We don’t have good solutions to these problems.

This is our new reality, and it has driven more people to use the darknets, encrypted email services, and confidential messaging apps. They hope to recover some of their personal privacy, and to reduce the mind-boggling volume of data that tracks their activities.

Is there criminal activity happening on these darknets?

Absolutely.

But every person who uses this technology is not a criminal or terrorist.

What Will It Mean for You?

There are people working on newer types of networks that are even more anonymous, along with new untraceable types of digital currencies.

If the crooks can use these technologies to make an investigation take more time or increase costs, they can shift the odds in their favor.

The use of darknets and other technologies will make our job even more difficult. Do you know how someone can use the darknets to hide? How do darknets work?

Final Thoughts:

I believe that the Internet is evolving, and we may see even more networks that are more sophisticated than the Internet of today. They will be more secure, anonymous, and untraceable.

Currently, we don’t have enough cyber security professionals or cybercrime investigators to fill the demand. We’ll need to change this dramatically to face the challenges of the coming years.

Can our existing models of government, law enforcement, and security succeed in this environment? We don’t seem to be doing a great job right now, and the threats of techno-crimes are only going to grow.

Investigators need to understand how the current darknets work, and how they will change in the future.

Click on the link to read the next post in this series, “Darknets: The Mysterious Technology Explained, Part I,” which will give you more information about the basics of several current darknets, and the trends I predict for the future.

Filed Under: Uncategorized

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next Page »

Evolve With Us to Fight Techno-Crimes!

Join our mailing list and you will receive:

  • Immediate access to our mini-course!
  • Updates about new types of techno-crimes
  • Information about security tools and techniques to protect your data
  • Ways to increase your personal privacy
  • Information about our live and virtual keynote speeches and training opportunities

 

Click here to subscribe!

  • Home
  • About
  • Speaking
  • For Investigators
  • Blog
  • Free Content Library
  • Contact

2020 Techno-Crime Institute

Privacy Policy