How the US Military will fight ISIS on the Dark Web

Uploaded on 2015-03-02 in INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Developments

The Dark Web is not so much a place as it is a method of achieving a level of anonymity online. It refers to web sites that mask the IP addresses of the servers on which they reside, making it impossible to know who or what is behind the site or sites. They don’t show up on search engines like Google so, unless you know exactly how to reach them, they’re effectively invisible. 
Activists and dissidents in countries like China and Iran use the Dark Web to get around state surveillance; journalists use it to reach sources and whistleblowers rely on it to spread the word about institutional abuse or malpractices. New evidence suggests that the Islamic State, or ISIS, or at least ISIS supporting groups, are seeking the Dark Web’s anonymity for operations beyond simple propaganda. Thus yet another challenge for law enforcement and the military: to track users on the Dark Web in a way that’s effective against ISIS but that doesn’t violate privacy.
First, while the Dark Web is incredibly valuable as a tool for dissident action, it also has some real dark spots. Ido Wulkan, the senior analyst at S2T, a Singapore-based technology company that develops Dark Web harvesting technologies, recently revealed to Israeli newspaper Haaretz that his company has found a number of websites raising funds for ISIS through bitcoin donations.
Some Dark Web content is accessible only via special software like Tor, a package that encrypts a user’s IP address and routes Internet traffic through a series of volunteer servers around the world (so-called onion routing.) Like the Internet itself, Tor was a product of the military, originally designed by the Office of Naval Research to give sailors a secure means of communication.
Today, an explosion of Tor usage in a specific place or among a certain group is one indicator of increased secret communication activity. That could mean different things in different places. In June 2014, when the government of Iraq blocked Twitter and Facebook as part of its response to the growing ISIS situation, Tor usage in that country exploded, according to Tor metrics data. Usage has since calmed down in Iraq significantly.
Recently, the Chertoff Group put out a new paper detailing some of the methodologies that they advise law enforcement to use to monitor Tor users and sites. Since it was co-written by former DHS director and Jeb Bush national security team member Michael Chertoff, it’s safe to say it provides a good indication of current law enforcement thinking. The name of the paper is the Impact of the Dark Web on Internet Governance and Cyber Security, co-written with Toby Smith.
Mapping the hidden service directory presents a technical challenge that’s a bit more unique. Tor uses a domain database built on what’s called a distributed hash table. If Tor were a city, the distributed hash table, DHT, would be the architectural plans for the structures in it. Each node in a DHT can store information that, in turn, is retrievable if the user knows the exact address of that node. Mapping the DHT can reveal how those nodes relate to one another, providing a sense of shape for the broader network. 
Recently disclosed court documents show that the FBI has used some code from a software product called the Metasploit Decloaking Engine for Dark Web investigations. 
As the Dark Web evolves, people will begin to organize within it in order to make it more useful. That’s inevitable. As any organism grows it becomes complex; and as it becomes complex it seeks organization as a means to grow efficiently and minimize cost. It is in that organization that the hidden Web is revealing itself both to individuals who would seek to give funds to groups like ISIS and to spies who would seek out those people.
http://www.defenseone.com/technology/2015/02/how-military-will-fight-isis-dark-web/105948/?oref=defenseone_today_nl

 

« CAUSE: Predictive Software to Counter Cyber Attacks
Google Cloud offers security scanning for customer apps »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TrustedSec

TrustedSec

TrustedSec is an information security consulting services, providing tailored solutions and services for small, mid, and large businesses.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

Vigilant Software

Vigilant Software

Vigilant Software develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR.

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

CloudSEK

CloudSEK

CloudSEK has set its sights on building the world’s fastest and most reliable AI technology, that identifies and resolves digital threats.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

Dawgen Global

Dawgen Global

Dawgen Global is an integrated multidisciplinary professional service firm in the Caribbean Region providing a range of services including Risk Management and Information Systems Assurance.

Nemstar

Nemstar

Nemstar is a specialist in Information Security & Cyber Training with over 25 years' industry experience.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Evervault

Evervault

Evervault provides engineers easy solutions to complex data security and compliance problems.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.