Posts by Buddy Jericho

Internet of Things (IoT) for Search Engines: A New Frontier with Thingful

Online activity is taking a new approach, especially regarding the Internet of Things (IoT) for search engines and devices. New technologies are on the rise, and since the start of search engines, the web has continuously evolved. For independent and secure connection of “things” globally, we are more concerned with a similar approach of “googling” related keyword(s) to find useful content, especially in the field of open-source intelligence (OSINT). 

This key feature is presently transformed into new searches as devices and is expected to link with the internet as part of optimizations for IoT.  As more and more common devices and appliances establish their wifi connections more information will be introduced to the internet but we will also witness an explosion of cyber capabilities to combat risk. In the near future, we will be buying Cyber Protection Plans with our refrigerators the same way we now buy antivirus software for our laptops. 

(more…)

How to Stay Anonymous Online

A few weeks ago, I was speaking with a regional bank in the Southwestern United States, where the lack of anonymity online had jeopardized a recent investigation. The bank was doing online research necessary for them to comply with the Bank Secrecy Act and Anti Money Laundering (BSA/AML) regulations.

A financial fraud analyst found incriminating evidence on the web page of a business she was investigating. Imagine her frustration when she went back the next day to collect that evidence, only to find it had been removed in the meantime. What happened?

The bank suspects that the subject of its investigation was tipped off to the analyst’s research because web traffic from the bank was hitting the website of the investigated business. This happens more often than one would think, as I’ve learned in conversations with other financial services firms before.

Stay Anonymous Online: Fully Anonymous Web Access

Having secure, fully anonymous web access would have kept the bank from tipping its hand in this instance. And lacking a solution to accommodate special web access for its analysts wasn’t just jeopardizing the bank’s investigations.

It also put the bank’s internal IT security at risk, because BSA/AML analysts frequently need to access URLs that are considered “high risk” from a cybersecurity perspective.

Why Online Anonymity Is Crucial for Business

Banking is not the only sector with this problem. Law firms face similar challenges. Take practice groups that need anonymous browsing for conducting litigation support research, for example.

Ideally, law firms would have access to a setup where they can browse anonymously while gathering information for litigation support. The legal professionals commonly pushing for these setups do so because they need to conduct online research without getting blocked by their firm’s URL filter. They also need to prevent their web activity by getting traced back to the firm.

Compliance managers, financial intelligence units, and law firms conducting litigation research are not the only groups facing this challenge. Professionals in other fields depend on unrestricted, secure, anonymous web access on the job as well. Cyberfusion centers, corporate security departments, private investigators, and OSINT professionals also need this level of protection when accessing the web.

And just like leading financial services and law firms, they increasingly turn to a solution that has solved similar problems for federal agencies and the Department of Defense: accessing the web through a secure cloud browser.

Where Traditional Web Browsers Fail Your Business

What’s wrong with using a regular browser for this purpose, you ask? Simply put, the “free” and supposedly “secure” mainstream browser betrays you. It’s neither free nor secure.

You don’t have to take my word for it. Check out https://sploit.io, a tool built to see what information is being broadcast about you when going online with a browser installed on your local computer or mobile device.

Did you know what kind of information local browsers such as Chrome, Firefox, Edge, and Safari share with the world? That data includes the browser’s make and version number, your device’s operating system, plugins you use, languages/fonts, your location…

All of these details, together with basic tracking code such as “cookies”, can be used to create a unique fingerprint.

That information is frequently used to identify and target individual end-users and whole organizations.

Think about it from a security perspective. This “oversharing” by the browser also exacerbates its built-in vulnerabilities. It enables attackers to exploit your browser extensions and plugin – including such that purport to protect you.

How to Stay Anonymous Online

Anonymous browsing tools galore – will they really protect your team’s anonymity when conducting business-critical research?

Yes, you can find thousands of blog posts and articles on “how to browse the web anonymously” on the web. And no, most don’t provide a clear answer.

They suggest a wide variety of approaches, only to then end on a note along the lines of “this is about the best you can do, and you can never be 100% sure.”

Did you end up more confused than when you started? Most of these how-to guides suggest a multi-step solution where several methods are combined to prevent your web activity from being traced back to you.

It seems as if the six most commonly suggested methods are imperfect at best:

Switch to “Private Browsing” or “Incognito Mode”

Although helpful, switching to an “incognito mode” only prevents the browser from storing your web session’s browsing history, cached web pages, or “cookies” locally.

Because the browser is still sharing your browsing history and other traceable details with your Internet Service Provider (ISP), your web activities remain vulnerable to snooping and are neither anonymous nor private. Let’s move on.

Accessing the Web Through a Virtual Private Network (VPN)

By utilizing a VPN, you are further protected when using public WiFi because it encrypts the connection. As a result, it becomes harder for attackers to intercept internet traffic. Still, VPN services don’t fully anonymize your web activity.

VPN also does not protect against web-borne exploits, such as spyware infections, and can make larger organizations more vulnerable. And it often is slow – but you likely knew that already.

Misconceptions about VPN are widespread even among IT professionals. If you’re considering it to ensure anonymity and non-attribution for web investigations, I recommend reading this Authentic8 whitepaper about VPN [PDF] first.

Using a Proxy Service

When using a proxy service, you effectively hide your originating IP address from websites when going online. It doesn’t protect users against tracking code or malware fingerprinting. Depending on the vendor that runs the proxy server, your IP address and web requests may be stored and sold to third parties who aggregate such data. Feeling anonymous yet?

Installing Browser-Based Anonymity or Privacy Tools

After installing browser-based privacy tools, you can shield your online activities to a limited degree from tracking on the local browser. Paradoxically, such browser extensions also can make it easier for third parties to find out who you are, what you’re up to, or to launch an attack.

Another downside is that plugins also compound the inherent vulnerabilities of the local browser, especially in business IT environments.

Browser plugin user data can be sold to third parties and used for deanonymization. Attackers frequently hijack plugin developer accounts to push malicious “updates” for add-ons. Are you willing to take that risk?

Using “Privacy Browsers”

Although doing so won’t fully anonymize your web sessions either, most of these “secure” browsers are derivatives of popular traditional browsers that are tweaked to enhance online privacy protections.

That means they still process – potentially dangerous – web code on your local machine and don’t provide professional-grade anonymity.

They have been outlawed in some countries and too often get blocked by certain web services. This makes them even less viable for professionals with the need for conducting anonymous web research while abroad.

Avoiding Public WiFi

Avoiding public WiFi is also a – surprisingly common – suggestion. So we’re supposed to cease work when out and about, at the airport, at a coffee shop, or when connecting from the home office? Seriously?

To be fair – some of these methods can be useful for browsing mostly anonymously, as long as we keep in mind that none of them were built for this specific purpose. For business-critical and compliance-relevant use cases, however, cobbling together a mingle-mangle of tools that keep you mostly anonymous isn’t enough.

In the age of remote work, enabling secure, anonymous web access becomes ever more important, because IT doesn’t always control the network or machine employees and contractors are connecting from.

*** This is a Security Bloggers Network authored by Kurt Cunningham.

Learn More with Echo Analytics Group

Echo Analytics Group is a full-service intelligence firm providing services, products, training, and technology to both public and private sector businesses.  Echo Analytics Group has trained thousands of intelligence professionals in-person and online.  We also deliver world-class products and services to a host of businesses across the globe.

To learn more about Echo Analytics Group, please contact us by completing our online form or through emailing us at info@echoanalyticsgroup.com.

To sign up for a course, explore our Echo Academy!

We look forward to connecting with you.

Advantages of Data Visualization Tools: Sentinel Visualizer 

Data visualization tools create and deliver visual designs for data.

Additionally, data visualization also offers a more straightforward technique to visually represent data of large sets. The process of handling data sets with data points running into thousands or millions can be automated by the use of visualization tools. These data visualizations can serve several purposes and can virtually present information that needs interpretation. 

Advantages of Data Visualization

Data visualization makes available quick access to clearly understand input data. Owing to the availability of graphic illustrations, large volumes of data can be visualized in a comprehensible and intelligible way. This approach helps in analyzing data, draw insights and conclusions. This approach also saves time and offers more efficient solutions.

Other significant advantages of Data Visualization include: 

• Information design aids in the identification of emerging trends that can be quickly acted upon based on its outcome. These trends offer better insights into the graphical representation and the detection of highly correlated parameters. Obvious connections can be well represented and aid other decision-making processes.   

• The representation of data and infographics allows better identification of connections and patterns inside digital assets, as perceptive trends in data provides competitive benefits in terms of factors that may affect output quality. 

• Data storytelling permits the development of new ideas that help tell and share your story with others. It offers a method that allows the easy creation of narratives via analytical diagrams and graphics. It also helps in visual analytics, which can reveal new insights and engagements. 

• Visualization of data offers analysis at different levels of detail. Some evidence becomes known through underlying analysis. Also, other analytics breakdowns provide evidence for backstories as well as extra experience in the area of data. 

Sentinel Visualizer for Data Visualization

Interconnected data are challenging to comprehend with traditional tools. Sentinel Visualizer makes available advanced visualization surfaces to aid in discovering meaning from complex data. Sentinel Visualizer offers analysis and data visualization solutions for big data.  

Researchers of big data seeking data visualization platforms can swiftly see multi-level links among entities and models with several relationship types. 

Sentinel Visualizer can help you: 

• Find hidden relationships. 
• Identify clusters and patterns rapidly. 
• Organize complex networks into manageable groups. 
• Perform ad-hoc analysis, test theories, and scenarios.
• Advance drawing and redrawing to generate optimized views for essential entities. .

Learn More with Echo Analytics Group

Echo Analytics Group is a full-service intelligence firm providing services, products, training, and technology to both public and private sector businesses.  Echo Analytics Group has trained thousands of intelligence professionals in-person and online.  We also deliver world-class products and services to a host of businesses across the globe.

To learn more about Echo Analytics Group, please contact us by completing our online form or through emailing us at info@echoanalyticsgroup.com.

To sign up for a course, explore our Echo Academy!

We look forward to connecting with you.

Buddy is a military veteran, former intelligence officer, and entrepreneur who teaches dozens of courses on a variety of intelligence-related topics. He currently serves as the Chief Executive Officer of Echo Analytics Group and is based in Tampa, Florida.

350+ hackers hunt down missing people in first such hackathon

More than 350 ethical hackers got together in cities across Australia on Friday for a hackathon in which they worked to “cyber trace a missing face”, in the first-ever standalone capture-the-flag (CtF) event devoted to finding missing persons.

Similar CtFs have been held before, alongside conferences such as DEF CON and B-Sides, but this was the first such event focused entirely around a missing persons hackathon.

Astounding Results

Organizers called the results “astounding,” ABC News reports.

During the six hours, the competing teams hammered away at the task of searching for clues that could potentially solve 12 of the country’s most frustrating cold cases. 100 leads were generated every 10 minutes.

The National Missing Persons Hackathon was run by the AustCyber Canberra Innovation Node, which partnered with the Australian Federal Police, the National Missing Persons Coordination Centre and Trace Labs: a nonprofit with a mission of crowdsourcing open-source intelligence (OSINT) and training people on OSINT tradecraft.

Resources Collected

OSINT is data collected from publicly available sources. That includes Google searches, for example. The missing persons hackathon is the sunny side of that coin. Last week, we saw a much darker side to OSINT when we heard about a Japanese pop star who was attacked by a stalker who zoomed in on the reflections in her eyes from selfies, then searched for matching images on Google Maps to find out where she lives.

ABC News mentioned another recent case of the use of OSINT: last month, Twitter user Nathan Ruser picked up on a video uploaded to YouTube that showed hundreds of detainees at a train station, handcuffed and blindfolded, and all with freshly shaven heads. They were allegedly members of the Uyghur Muslim community in western China.

Chinese officials had denied the mass detention. To verify the image, and to find out when and where it was taken, Ruser used elements in the imagery to geolocate the scene: buildings, a cell tower, a carpark, trees, and train tracks, for example, feeding the images into Google Earth. Other useful elements included a pole that acted as a sundial, casting a shadow that could be matched with other images that show the sun at a given azimuth, casting specific shadows, on a particular day, to get a rough idea of the day it was taken.

Cold Cases

The participants in the Australian missing persons hackathon used similar search techniques to try to find previously uncovered hints at what could have happened to the missing persons focused on in the event. Those 12 cold cases were selected from what ABC News says is now more than 2,600 Australians listed as “long-term” disappearances.

At the start of the event, contestants were allowed to view the missing persons case details by logging into the CtF platform. The organizers haven’t released results of the mass gathering of OSINT. All leads generated on the missing person cases were handed over to the National Missing Persons Coordination Centre.

Technology Decisions quoted Minister for Industry, Science and Technology Karen Andrews, who said that an event like this shows the good that can come from hacking:

Haunted by the Experience

You can only imagine the great heartache when a loved one goes missing. Family and friends are often haunted by the experience of life. They never stop looking and trying to find answers.

This event is a great opportunity to use online investigative techniques and hacking skills in creative and socially useful ways.

Australian Federal Police Assistant Commissioner Debbie Platz said that crowdsourcing like this opens up a whole new way of policing that will hopefully lead to solving more of these heartbreaking cases:

by Lisa Vaas

OSINT and Money Laundering

OSINT and Money Laundering

Let’s take a look at OSINT and Money Laundering. With social media websites and cyber-related intelligence which has given rise to an unprecedented volume of intelligence at one’s fingertips, the internet is an ocean of data that can significantly assist to crack money laundering and terror financing investigations.

AML_CTF Investigations

Over the last decade, there has been an increase in the drive to adopt intelligence-led approaches and solutions in order to deal with cyber threats based on the understanding that individuals and illicit networks intent on committing financial crimes can be identified by those who utilize all capabilities to see the wider intelligence picture.

Financial institutions (FIs) can be attacked by individuals and networks who mask their identities in sophisticated methods. However, digital fingerprints can be tracked down online, and analysts can exploit the internet to their advantage to reveal hidden leads and connections.

Numerous web sources hold an unparalleled amount of hidden information. Threat actors and illicit network operators leave a digital footprint that can be identified by analyzing the technical details of electronic activity, behavior and cyber information such as IP addresses, time-stamps, device indicators and more.

Suspicious Activity

But despite the advantages available to FIs when using cyber information, many don’t use it to its full potential when conducting Anti-Money Laundering (AML) investigations. Though, the inclusion of this data in suspicious activity reports will make them as complete and accurate as possible.

During AML investigations, social network analysis of the OSINT gathered allows analysts to map and measure the relationships between social networks which may be used to move illicit funds or to finance terror activity.

Terrorists and Criminal Activity

Is OSINT illegal? While practicing OSINT is legal, doxing can quickly become a serious crime when used to exploit, harass or threaten someone.

Transnational criminal organizations and terror organizations have benefited tremendously by technology such as electronic banking systems and cryptocurrency and the accessibility it provides for illicit network financing.

Criminals and terrorists who work in the shadows of the deep and dark web are often paid in virtual currency such as Bitcoin or other cryptocurrencies, which is an attractive way to launder funds without concern of being caught by AML authorities.

While FIs don’t have the capabilities to gather the type of data that Counter-Terror Financing (CTF) agencies do, they can disrupt the attempts of illegal organizations by blocking and rejecting suspicious transactions and allow assessment of data that might link illicit networks and laundering funds.

SOURCE Cobwebs Technologies

Why did a state plane fly to New Mexico and back?

Why did a state plane fly to New Mexico and back?

A LearJet owned by the Kentucky State Police flew to Albuquerque on Sunday, stayed for a little over an hour, then flew back to Lexington. Why?

For some time, news organizations across the state have been asking the Bevin administration to account for the use of state aircraft to fly the governor around the country. To this point, the administration has refused to explain any trips that are not official state business, even though anyone with a web browser can find them.

(more…)