cybercrime, cyber intelligence, web 2.0

Treadstone 71 LLC©

Jeff Bardinjbardin@treadstone71.com

www.treadstone71.comAdjunct Professor, Cyber Intelligence, Cyber

Counterintelligence, Cyber Terrorism and CybercrimeUtica College

Cybercrime, Cyber Intelligence, Web 2.0

Treadstone 71 LLC©

Agenda

Rapid Look at cyber intel exercise - web 2.0 and beyond

Looking for Cyber Jihadists Like Cybercriminals Look for Your

Looking at HCC

Cyber Intel – CC Market

Closing

Treadstone 71 LLC©

Cybercrime – Intelligence Gathering

Sophisticated attacks

designed to use and

exploit as many

possible avenues of

attack / threat

vectors as required to

succeed

•Uses people, process and technology weaknesses

•Dynamic methods•Focuses effort and emphasis on weakest areas

•Human Intelligence (HUMINT)•Information Security (INFOSEC)•Communications Intelligence (COMINT)

•Signals Intelligence (SIGINT)•Open Source Intelligence (OSINT)•Cyber Intelligence (CYBINT)•Culturonomics

Risk assessment based – path of least

resistance

•Repeatable process•Metrics used (what gets measured gets results)

•Exploits human vulnerabilities•Uses denial and deception to obfuscate

•Remains hidden and resident•Extracts information of value for monetization, economic advantage, strategic advantage

OpportunisticOnly as sophisticated as it needs to beSophistication determined and dictated by aggressors after intelligence gatheringExploits technological vulnerabilities

Normally clandestine means to

consistently gather

intelligence

Treadstone 71 LLC©

4

Treadstone 71 LLC©

Jeff Bardinjbardin@treadstone71.com

www.treadstone71.comAdjunct Professor, Cyber Intelligence, Cyber

Counterintelligence, Cyber Terrorism and CybercrimeUtica College

Looking at Cyber Jihadists Like Cybercriminals look for you

Infiltration

Treadstone 71 LLC©

How do you find the sitesMALTEGOTOUCHGRAPH (DEMO)SILOBREAKER

WWW.ONSTRAT.COM/OSINT

Treadstone 71 LLC©

OSINT

http://www.onstrat.com/osint/http://www.touchgraph.com/http://www.paterva.com/

Treadstone 71 LLC©

Historical Aspects

الحرب دار االسالم دار كافرالسلفيهالتحرير

House of War House of Islam

Infidel

Salafi

Liberation

االقتصادي الجهادالسياسي الجهاد

الجهاد االستخباراتالجهاد التخريبيه

الدبلوماسية الجهاد

Economic Jihad

Political Jihad

Intelligence Jihad

Subversive Jihad

Diplomatic Jihad

Five Pillars of Islam (Arabic: أركان is the term given to the five (اإلسالمduties incumbent on every Muslim. These duties are:

1) Shahadah (profession of faith)2) Salat (ritual prayer five times each day)3) Sawm (fasting during Ramadan)4) Zakat (Islamic tax or tithing)5) Hajj (Pilgrimage to Mecca at least once during life).

Jihad (6جهاد

Treadstone 71 LLC©

Personas WWW.FAKENAMEGENERATOR.COM

Treadstone 71 LLC©

Persona examples

Treadstone 71 LLC©

Sample desktop configuration

Treadstone 71 LLC©

Minhaj – Answers to Questions

Treadstone 71 LLC©

Social / Cultural Values

Treadstone 71 LLC©

Islam Arabic English Translation 1 Allah (ƅ¦) The Greatest Name 2 Ar-Rahman (Ǻŧǂdz¦) The All-Compassionate 3 Ar-Rahim (ǶȈƷǂdz¦) The All-Merciful 4 Al-Malik (ǮǴŭ¦) The Absolute Ruler 5 Al-Quddus (² ÂƾǬdz¦) The Pure One 6 As-Salam (¿ȐLjdz¦) The Source of Peace 7 Al-Mu'min (ǺǷƚŭ¦) The Inspirer of Faith 8 Al-Muhaymin (ǺǸȈȀŭ¦) The Guardian 9 Al-Aziz (DŽȇDŽǠdz¦) The Victorious 10 Al- Jabbar (°ƢƦŪ¦) The Compeller 11 Al-Mutakabbir (Őǰ Ƭŭ¦) The Greatest 12 Al-Khaliq (ǪdzƢŬ¦) The Creator 13 Al-Bari' (¥°ƢƦdz¦) The Maker of Order 14 Al-Musawwir (°Ȃǐ ŭ¦) The Shaper of Beauty

Treadstone 71 LLC©

Muhammad (PBUH)

Treadstone 71 LLC©

What it takes to get started - Infiltration

Create Personas Create email addresses Document personas

Acquire pre-paid phones Establish Twitter and

Facebook accounts to match personas

Setup IRC accounts to match personas – unique nic

Human Intel Cyber Intel Open Source Intel

Need historical understanding

Need religious understanding Need cultural understanding Need linguistic

understanding

Treadstone 71 LLC©

Snuggling

DISRUPT AND CONFUSECOMMAND, CONTROL, COMMUNICATIONS

Treadstone 71 LLC©

Friend Them Using Personas

Treadstone 71 LLC©

Jeff Bardinjbardin@treadstone71.com

www.treadstone71.comAdjunct Professor, Cyber Intelligence, Cyber

Counterintelligence, Cyber Terrorism and CybercrimeUtica College

Rapid Look at cyber intel exerciseweb 2.0 and beyond

Cyber Intelligence

Treadstone 71 LLC©

Methods Tools

Google.com (maps and search engine)

Spokeo.com Intellius.com Yahoo.com Paterva Facebook.com Myspace.com LinkedIn.com VisualCV.com Treadstone71.com

Methods Social Engineering Attempts Online Search Engines Government Records Search

Web searches and sites▪ Bing▪ Silobreaker▪ Public Records (free sites, and

those available from ancestry.com)

▪ Social Networking sites: LinkedIn, Classmates.com, Facebook, YouTube

Special OSINT tools▪ MaltegoCE▪ Web Data Extractor▪ TouchGraph SEO Browser▪ FOCA

HUMINT▪ Phone calls and emails to

known associates and/or relatives

Treadstone 71 LLC©

Jeff Bardinjbardin@treadstone71.com

www.treadstone71.comAdjunct Professor, Cyber Intelligence, Cyber

Counterintelligence, Cyber Terrorism and CybercrimeUtica College

Looking at HCCAn example – 27 minutes work

Treadstone 71 LLC©

One final piece

Treadstone 71 LLC©

Jeff Bardinjbardin@treadstone71.com

www.treadstone71.comAdjunct Professor, Cyber Intelligence, Cyber

Counterintelligence, Cyber Terrorism and CybercrimeUtica College

Closing

MALTEGOTOUCHGRAPH (DEMO)SILOBREAKERANCESTRY.COM

WWW.ONSTRAT.COM/OSINT