Avoiding Arrest: Cyber Criminals Share Dark Web Secrets

Uploaded on 2021-03-29 in GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

On the Dark Web there are many secrets to be found, including insights into what criminals say and do if they are caught.  Recent research conducted by the Digital Shadows threat intelligence team explored the discussions between black hat hackers and the exchanges made in how to avoid jail, including advice about what do to when they are on law enforcement radars and they come to the prospect of arrest. 

In particular, Digital Shadows gathered information on the the idea, in which law enforcement "will not care" if the US or EU are targeted, but the moment any former Soviet Union nations are involved, they will "hunt you down." 

It appears that in Russia cyber criminals live a relatively peaceful life, but attempting to go abroad is more risky as they are much more likely to be arrested. One poster said that the "best country" to be in is Russia, but "under appreciation and low wages drove him to participate in unethical and criminal behavior." 

Operational security (OPSEC) practices are also widely discussed, with forum users exchanging ways to avoid arrest and stay anonymous. Numerous threads mention everything from virtual to physical security options, but one common topic of discussion, in particular, is widely debated.  

Hard drive encryption or deletion is sometimes cited as a way to stop law enforcement investigations in their tracks, however, not every forum user is so sure, with one saying, "if it were all as simple as that then major cases would never be solved." Early mistakes in criminal careers also appear to be causing some sleepless nights, with poor OPSEC when starting out being a difficult issue to remedy. 

"Many a threat actor's downfall stemmed from poor OPSEC practices when they first decided to don the black hat, such as using a spouse's email address, forgetting to mask their IP, or letting their real name and address slip," one Digital Shadows researcher commented.

In addition, discussions have taken place over collaboration. While many believe that other dark web forum users will "sell out" each other, others say that forging ties with others in the criminal industry can push threat actors up the pecking order.  

Digital Shadows noted that allegations are flying thick and fast that English-speaking criminal forums and marketplaces are becoming little more than police honeypots. Some forum users said that "sooner or later," law enforcement will obtain information on them, and others relayed concerns over potential police violence on arrest. 

Others appear, at least online, to have a rather bullish attitude to the prospect of prosecution at all. Laws worldwide are still catching up with the evolution of cyber crime, and for some, corrupting law enforcement and saving enough to pay bribes and avoid prosecution is a possibility. One forum user wrote, "a good lawyer knows the law, a better one knows the judge."  

According to threat researchers at  Cisco Talos "Cyber criminals, just like the organisations they target, must always have one eye on their security practices... There are so many things for them to worry about and ways they can slip up..It must be pretty tiring. Threat actors must keep looking over their shoulders, fixing past mistakes, and coming up with new ways to beat the technology used to track them."

Experts say that while there are ways to trace activity on the dark web, police officials always require special training and specific information about the activity.

Security researcher Karan Saini at India's Centre for Internet and Society said, “Attempting to track unconventional online behaviour would call for development of new methods, along with formal training for those involved, especially if malicious actors are using the Tor network to carry out illicit activities instead of the clear web”

Digital Shadows:     Talos:     ZDNet:     Economic Times:     Journal of Criminal Law:    Image: Unsplash

You Might Also Read: 

Inside The Deep & The Dark Web:

 

« New Cyber Security Measures To Protect US Energy
Facebook's Internal Content Rules Revealed »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

Maryville Online - Cybersecurity Program

Maryville Online - Cybersecurity Program

The Cybersecurity Program at Maryville Online is designed to help students reach opportunities in cybersecurity leadership and management through an entirely online curriculum.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

Quadron Cybersecurity Services

Quadron Cybersecurity Services

Quadron Cybersecurity Services is a specialist in digital security, data and system protection.

IPN (ICT Research Platform Nederlands)

IPN (ICT Research Platform Nederlands)

IPN promotes academic research and education in the ICT field by building and maintaining a national community, and by developing policy to advance the field. Areas of focus include Cyber Security.

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU-ARCC acts as ITU’s cybersecurity hub in the Arab Region localizing and coordinating cybersecurity initiatives.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

Fortified Health Security

Fortified Health Security

Fortified’s team of cybersecurity specialists is dedicated to helping healthcare providers, payers and business associates protect their patient data across the Fortified Healthcare Ecosystem.

Frontal

Frontal

Frontal is a specialized unit in Blockchain and Web3.0 cybersecurity. Securing Digital Assets, Cryptocurrency, DeFi, Blockchain and Web3.0 ecosystem.

XeneX

XeneX

XeneX Cloud Security Services address enterprise-class security challenges by enabling DevOps and Security teams to access a shared source of truth.

Security Mind

Security Mind

Security Mind is an innovative Cyber Security Awareness program that aims to increase the awareness of each member of the organization and develop the ability to recognize potential cyber threats.

Corporater

Corporater

Corporater provides organizations with integrated solutions for managing governance, performance, risk, and compliance built on a single platform.