Upload File

in the dark: an introduction to the hidden world of the ... the dark: an introduction to the hidden...

  • Home
  • Documents
  • In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect
42
#RSAC Will Gragido In The Dark: An Introduction to the Hidden World of the Dark Web Head of Threat Intelligence Digital Shadows

Upload: dinhkhanh

Post on 23-May-2018

215 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Will Gragido

In The Dark: An Introduction to the Hidden World of the Dark Web

Head of Threat IntelligenceDigital Shadows

Page 2: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

The dark web…

2

Page 3: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Where is it?

Not accessible via traditional browsers

Exists somewhere amongst the Surface and Deep webs

For most people it is the stuff of legend; like monsters under the bed

Page 4: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Oh what a wicked web we weave…or is it?

For some, it is a vehicle and means to an end for illicit activity

For others, it is a vital tool in their arsenal to ensure privacy and anonymity

Global privacy and anonymity issues will ensure it continues to grow

Page 5: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Dangerous but worth the risk

Complexity is worth the value provided

Why?

Page 6: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

And so the dance begins…

Page 7: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

But not all is as it seems…

7

Page 8: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Legitimate uses of dark web services

https://facebookcorewwwi.onion/

Page 9: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Dark net markets

Page 10: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSACYou can have anything you want, but you won’t get it for free!

Page 11: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Ransomware

Page 12: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Botnet

Page 13: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Exploit kit

Page 14: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Weapons

Page 15: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Weapons, continued

Page 16: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Drugs

Page 17: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Credit cards

Page 18: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Currency

Page 19: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Take aways

The Dark Web is not going away anytime soon; its popularity is growing

We can embrace it or we can ignore it at our own risk

Become familiar with it; its content, services, and denizens

Use this knowledge to ensure that the noble reasons for its use continue while the illicit diminish

Page 20: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Contact me

[email protected]

Twitter: @wgragido

Twitter: @digitalshadows

mailto:[email protected]
Page 21: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Will Gragido

In The Dark: An Introduction to the Hidden World of the Dark Web

Head of Threat IntelligenceDigital Shadows

Page 22: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Vicente Diaz

A Futurist´s look at Nation-State Cyber-Espionage

Principal Security AnalystKaspersky Lab@trompi

Page 23: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

The rules driving evolution

Page 24: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Where do we come from?

Obviously, all countries pushed to develop their capabilities.

According to their capabilities, we can make 3 categories.

Page 25: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Category 1 - “Unlimited” resources

Page 26: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Category 2 - “Middle class”

Page 27: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Category 3 – Externalize capabilities

Page 28: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

What happens when you get public?

Public level: Public scrutiny´s power depends on democracy´s health. May affect legislation and future capabilities.

Operational level: Operation burst – but maybe amortized

Operational changes and continue as usual

Do nothing

Diplomatic level: Obvious consequences

Page 29: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Lessons learned

Avoid attribution (but get the job done)

Page 30: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Where are we now?

Top players have:Legislation controlInfrastructure controlRelationships with partners/companies

Page 31: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Only one barrier left

Page 32: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Actually, where is the data now?

11

Page 33: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Who can do that?

Nobody trusts other´s infrastructure Internet Balkanization

Page 34: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

What will we see in the future?

Besides espionage, control of adversary´s critical systems

“Middle class Stuxnet”

Page 35: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future cyberespionage

“Middle class” operations are enough when you control the infrastructure

Page 36: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future cyberespionage

Assume unlimited supply of 0 days

Page 37: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future cyberespionage

Get control of non-controlled infrastructure attacking network devices, firmware, rogue hardware, etc. Regin and Equation as early adopters.

Page 38: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future cyberespionage

Exfiltration through non monitored protocols and devices.

17

Page 39: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future and present cold war

18

Page 40: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

Future and present cold war

19

Page 41: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

Presenter’s Company Logo – replace on

master slide

#RSAC

The rules of evolution

Rule 1: Keep sophistication low to avoid attribution

Rule 2: Infrastructure control

Rule 3: Improve your Cyber diplomacy

Rule 4: “IoT” infections over “computers”

Page 42: In The Dark: An Introduction to the Hidden World of the ... The Dark: An Introduction to the Hidden World of the Dark Web. Head of Threat Intelligence. Digital Shadows. ... May affect

#RSAC

Subhead if needed

A Futurist´s look at Nation-State Cyber-Espionage


THE HIDDEN TRUTH Italy Piedmont - BirdLife€¦ · THE HIDDEN TRUTH – Italy – Piedmont ... predation by wolves and wild dogs’. In absolute terms the budget available for ‘dark

A Radio for Hidden-Photon Dark Matter Detection

ABOUT DARK WATERSABOUT DARK WATERS DARK WATERS tells the shocking and heroic story of an attorney who risks his career and family to uncover a dark secret hidden by one …

ACTIVITY BOOK - Help and Hope · Color the pieces without dots a dark color to find the hidden picture

Phenomenology of Spontaneously Broken Dark Matter Hidden ... · Phenomenology of Spontaneously Broken Dark Matter Hidden Sector. 2 C. Arina (ULB PhysTh) - COSMO/CosPA 2010 The Dark

Hidden worlds of dark matter by Scientific American Magazine

Deep Web Hidden Web Dark Web

Dark Matter, Hidden Sectors from Gauge Kinetic Mixing, … · Dark Matter, Hidden Sectors from Gauge Kinetic Mixing, and Jets of Leptons David Morrissey ... 8.5 kpc 20 kpc Us. •

Hidden Photon Dark Matter Search with a Large …DESY 14-166 Hidden Photon Dark Matter Search with a Large Metallic Mirror Babette D obrich 1, Kai Daumiller2, Ralph Engel2, Marek Kowalski;3,

WIMPS: AN OVERVIEW, CURRENT CONSTRAINTS, AND WIMP … · 2014. 5. 19. · HIDDEN DARK MATTER • All evidence for dark matter is gravitational. Perhaps it’s in a hidden sector,

Dark souls 2 15 hidden items you must find

Simple Hidden Sector Dark Matter · 2020-04-01 · WIMP dark matter in minimal supersymmetric setups is made stable by assuming R-parity. This, however, does not work for a hidden

A Radio for Hidden-Photon Dark Matter Detection · Firstly, the mass allows hidden photons to behave as cold matter, and thus to be considered as a dark matter candidate [14]. Secondly,

Defense against the dark arts - fighting against magic in programming, hidden complexity and obscurity

A Radio For Hidden Photon Dark Matterschmidta.scripts.mit.edu/tabletop_workshop/slides/irwin.pdf · “Hidden” photon: generic vector boson (spin 1) Hidden photon DM drives EM currents

Six Hidden Hands Hidden Hands...a Dark Occult Ritual by Jeremy James The pagan Elite who rule this world from behind the scenes like to think of themselves as “the hidden hand.”

The ATIC/PAMELA Experiments and Decaying Hidden Dark Matter in Warped Compactification

Dark Web Monitoring Challenges...The dark web is hidden in the deep web, which accounts for 90% of all web content. The dark web consists of IP addresses that are routable, but not

Report: Impact of new and emerging information and ... · The dark web 3.3 The 'dark web', alsoreferred to as the 'darknet', is thatpart of the internetthat is hidden from the view

The Invisible Web Definition Searching. The Invisible Web Also called: deep content hidden internet dark matter

THE DARK MATTER RADIO: A QUANTUM-ENHANCED …...This thesis introduces Dark Matter (DM) Radio, an electromagnetic search for wave-like axion and hidden-photon dark-matter at rest-mass

Supreme Court of the United States - Campaign Legal Center Whitehouse... · B. Dark Money Fuels Partisan Gerrymandering On Both Sides Of ... Dark Money: The Hidden History of the

Hidden in the Dark

Specialist Tools for Tackling the Hidden Web · 5/21/2006  · 21 May 2006 Karen Blakeman 3 What is the hidden web ? − Sometimes called the invisible web, the deep web, the dark

The Rise and Challenge of Dark Net Drug Markets · hidden web and digital crypto-currencies used for payment on the Dark Net drug markets. Enforcement responses risk exacerbating

ABOUT DARK WATERS · 2019-12-14 · ABOUT DARK WATERS DARK WATERS tells the shocking and heroic story of an attorney who risks his career and family to uncover a dark secret hidden

THE HIDDEN UNIVERSE - University of Oregonpages.uoregon.edu/jimbrau/talks/Quarknet-dark-universe-brau.pdf-we know how the universe might make Dark Energy, but we don’t know how to

IN THE DARK - The Wilderness Society the Dark... · 2016 fiscal year, private companies held over 40,000 4 | In the dark: The hidden climate impacts of energy development on public

Dark Matter with Neutrino Experiments · Motivations of Boosted Dark Matter: e.g. Hidden dark matter sector with multiple components 4 ⌦ /hann vi 1 (11) ⇠ 0.1 GFermi G 2 Mweak

Heavy Dark Matter Through The Higgs Portal€¦ · Heavy Dark Matter Through The Higgs Portal Introduction Hidden Sectors, Hidden Valleys and Higgs Portals. DM in Higgs Portal Models

Patrolling the Dark Net - O'Reilly Media · The dark net is a smaller realm existing within the deep web. Infor‐ mation on the dark net is often intentionally obscured, hidden or

Hidden Photon Dark Matter in the Light of XENON1T and Stellar … · dark matter particles, whereas the anomalous cooling of horizontal branch stars arises from resonant production

Heidelberg Probing the Hidden Sector...Electricity from Dark Matter ;-). • Photon Regeneration Hidden photon (dark matter) Photon (amplified in resonator) Heidelberg University!

The Dark Side of Document Imaging: ‘The Hidden Cost of Capture’

What Lies Beneath Anchor Video When people say that someone has a hidden dark side, they mean that ____________. Another aspect of a person’s hidden dark