Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By...
Transcript of Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By...
© Copyright Fortinet Inc. All rights reserved.
Into the DarknessAamir Lakhani, Senior Red Team ResearcherFortinet, FortiGuard Labs
Magic Land
This is the wrong OZ
4
Who am I
Senior Researcher – FortiGuard LabsHacker, Ninja, PrinceExpertise in emerging threats 20 years of experience in cyber security
Time Magazine’s Person of the Year 2006…
5
Person of the Year 2006
And so were...
5
6
The Internet Lies
7
The Internet Lies
Hollywood was wrong about hacking
Hacking Devices
10
Who Are Hackers
State Actors Hactivist Script Kiddies Corporate Espionage Researchers
11
The Fight Against Cybercrime
Quality AssuranceCrypters / Packers
Scanners
HostingInfections / Drop Zones
Management
Botnet RentalsInstalls / Spam /
SEO / DDoS
Money MulesAccounts Receivable
Consulting
CRIME SERVICESENABLERS
Exploits
CRIMEWAREPRODUCERSPackers
Special Platforms
Mobile
Senior Developers
Source Code Junior Developers
Bank Accounts
Credentials & Data
Digital Real Estate
VictimsCriminal Organizations
Affiliates
Affiliate ProgramsFakeAV
RansomwareBotnets
Partnerships
Copy & paste
Sales, Licensing, Maintenance
COMPOUNDED CYBERCRIME
12
Russian Mafia
Sergei Mikhailov, head of the Moscow-based Solntsevskaya Organization, with 5000+ members worldwide. Starting with extortion, counterfeiting, drug trafficking, and blackmail, his own organization eventually graduated to arms dealing, money laundering, and infiltration of government and legitimate business. Mikhailov’s Solntsevskaya Organization owns banks, casinos, car dealerships, and even an airport. Solntsevskaya is believed to be behind many cyber-related online crime ventures.
13
Deep WebInvisible web
Hidden web
14
DarkNet Levels
• Indexed By Google Level 0: Common Web
L2-3: Bergie Web
Level 4: Deep Web
Level 5 DarkNet
Level 1: Surface Web• Reddit, Digg, Temp Email, Google Locked Services
• IRC, 4Chan, Newsgroups, Bunny Tube, Streams, FreeHive
• Hacking groups, shelling, banned videos, books, activists community
• Onion Sites, Human trafficking, exploits, markets
15
More than just Tor…
16
17
Connecting
Tor Browser Bundle Tails Operating System
18
Be Careful who you talk to
© Copyright Fortinet Inc. All rights reserved.
Title Title ContinuedPresenterDate
20
Tor Hidden Wiki – Feel the Dark
•Collection of hidden links and .onion sites•How hard is it to find?
22
GHOST MARKETSExample: Wall Street MarketSometimes invite onlyDark Web black marketsChange addresses often
FOR SALEExpertise - malware, exploits, social engineering, coding and programming
Products - social Security numbers, national identification cards, drugs, guns
The Players – criminals, con artists, organized crime, radical factions
23
Agora Market
24
It’s Christmas Time
25
Tracking an attack
26
Medical Databases
27
28
PayPal Accounts
29
Fake Identities
30
Counterfeit Currency
31
Doxing
32
33
34
…or help with a
personal problem?
35
Real or Fake
ScamsSting operationsHoney potsScary stuff exists – not a 5 minute search and find
36
Skill Squatting – How It WorksCriminals
Sound-alike Skill "Name”Sound-alike Skill "Name”
Alexa, open“Skill Name”Alexa, open“Skill Name”
Publish Skill
Publish Skill
User enables"Skill”
User enables"Skill”
37
38
RealReal FakeFake
39
Voice AI Source Code – Darknet ChatterLooking for OffersLooking for Offers
Workflow AutomationWorkflow
Automation
Digital AssistantDigital Assistant
40
Drones – Uses And BenefitsDeliveries
Military Uses
Natural Disasters
41
Drones – Bank Roof Top
Rogue DronesRogue Drones
Credit SuisseCredit Suisse
Acid Drops into Data Center
Acid Drops into Data Center
42
Drones – Darknet ListingNFZ BypassNFZ Bypass
$50$50
Yuneec DronesYuneec Drones
© Copyright Fortinet Inc. All rights reserved.
So What, Now What
44
Advanced ResearchAdvanced Research
Actionable Threat
Intelligence
Actionable Threat
IntelligenceArtificial
IntelligenceArtificial
Intelligence
How do we Succeed?