Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By...
Transcript of Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By...
![Page 1: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/1.jpg)
© Copyright Fortinet Inc. All rights reserved.
Into the DarknessAamir Lakhani, Senior Red Team ResearcherFortinet, FortiGuard Labs
![Page 2: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/2.jpg)
Magic Land
![Page 3: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/3.jpg)
This is the wrong OZ
![Page 4: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/4.jpg)
4
Who am I
Senior Researcher – FortiGuard LabsHacker, Ninja, PrinceExpertise in emerging threats 20 years of experience in cyber security
Time Magazine’s Person of the Year 2006…
![Page 5: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/5.jpg)
5
Person of the Year 2006
And so were...
5
![Page 6: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/6.jpg)
6
The Internet Lies
![Page 7: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/7.jpg)
7
The Internet Lies
![Page 8: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/8.jpg)
Hollywood was wrong about hacking
![Page 9: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/9.jpg)
Hacking Devices
![Page 10: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/10.jpg)
10
Who Are Hackers
State Actors Hactivist Script Kiddies Corporate Espionage Researchers
![Page 11: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/11.jpg)
11
The Fight Against Cybercrime
Quality AssuranceCrypters / Packers
Scanners
HostingInfections / Drop Zones
Management
Botnet RentalsInstalls / Spam /
SEO / DDoS
Money MulesAccounts Receivable
Consulting
CRIME SERVICESENABLERS
Exploits
CRIMEWAREPRODUCERSPackers
Special Platforms
Mobile
Senior Developers
Source Code Junior Developers
Bank Accounts
Credentials & Data
Digital Real Estate
VictimsCriminal Organizations
Affiliates
Affiliate ProgramsFakeAV
RansomwareBotnets
Partnerships
Copy & paste
Sales, Licensing, Maintenance
COMPOUNDED CYBERCRIME
![Page 12: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/12.jpg)
12
Russian Mafia
Sergei Mikhailov, head of the Moscow-based Solntsevskaya Organization, with 5000+ members worldwide. Starting with extortion, counterfeiting, drug trafficking, and blackmail, his own organization eventually graduated to arms dealing, money laundering, and infiltration of government and legitimate business. Mikhailov’s Solntsevskaya Organization owns banks, casinos, car dealerships, and even an airport. Solntsevskaya is believed to be behind many cyber-related online crime ventures.
![Page 13: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/13.jpg)
13
Deep WebInvisible web
Hidden web
![Page 14: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/14.jpg)
14
DarkNet Levels
• Indexed By Google Level 0: Common Web
L2-3: Bergie Web
Level 4: Deep Web
Level 5 DarkNet
Level 1: Surface Web• Reddit, Digg, Temp Email, Google Locked Services
• IRC, 4Chan, Newsgroups, Bunny Tube, Streams, FreeHive
• Hacking groups, shelling, banned videos, books, activists community
• Onion Sites, Human trafficking, exploits, markets
![Page 15: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/15.jpg)
15
More than just Tor…
![Page 16: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/16.jpg)
16
![Page 17: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/17.jpg)
17
Connecting
Tor Browser Bundle Tails Operating System
![Page 18: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/18.jpg)
18
Be Careful who you talk to
![Page 19: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/19.jpg)
© Copyright Fortinet Inc. All rights reserved.
Title Title ContinuedPresenterDate
![Page 20: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/20.jpg)
20
Tor Hidden Wiki – Feel the Dark
•Collection of hidden links and .onion sites•How hard is it to find?
![Page 21: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/21.jpg)
![Page 22: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/22.jpg)
22
GHOST MARKETSExample: Wall Street MarketSometimes invite onlyDark Web black marketsChange addresses often
FOR SALEExpertise - malware, exploits, social engineering, coding and programming
Products - social Security numbers, national identification cards, drugs, guns
The Players – criminals, con artists, organized crime, radical factions
![Page 23: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/23.jpg)
23
Agora Market
![Page 24: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/24.jpg)
24
It’s Christmas Time
![Page 25: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/25.jpg)
25
Tracking an attack
![Page 26: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/26.jpg)
26
Medical Databases
![Page 27: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/27.jpg)
27
![Page 28: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/28.jpg)
28
PayPal Accounts
![Page 29: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/29.jpg)
29
Fake Identities
![Page 30: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/30.jpg)
30
Counterfeit Currency
![Page 31: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/31.jpg)
31
Doxing
![Page 32: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/32.jpg)
32
![Page 33: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/33.jpg)
33
![Page 34: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/34.jpg)
34
…or help with a
personal problem?
![Page 35: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/35.jpg)
35
Real or Fake
ScamsSting operationsHoney potsScary stuff exists – not a 5 minute search and find
![Page 36: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/36.jpg)
36
Skill Squatting – How It WorksCriminals
Sound-alike Skill "Name”Sound-alike Skill "Name”
Alexa, open“Skill Name”Alexa, open“Skill Name”
Publish Skill
Publish Skill
User enables"Skill”
User enables"Skill”
![Page 37: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/37.jpg)
37
![Page 38: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/38.jpg)
38
RealReal FakeFake
![Page 39: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/39.jpg)
39
Voice AI Source Code – Darknet ChatterLooking for OffersLooking for Offers
Workflow AutomationWorkflow
Automation
Digital AssistantDigital Assistant
![Page 40: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/40.jpg)
40
Drones – Uses And BenefitsDeliveries
Military Uses
Natural Disasters
![Page 41: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/41.jpg)
41
Drones – Bank Roof Top
Rogue DronesRogue Drones
Credit SuisseCredit Suisse
Acid Drops into Data Center
Acid Drops into Data Center
![Page 42: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/42.jpg)
42
Drones – Darknet ListingNFZ BypassNFZ Bypass
$50$50
Yuneec DronesYuneec Drones
![Page 43: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/43.jpg)
© Copyright Fortinet Inc. All rights reserved.
So What, Now What
![Page 44: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/44.jpg)
44
Advanced ResearchAdvanced Research
Actionable Threat
Intelligence
Actionable Threat
IntelligenceArtificial
IntelligenceArtificial
Intelligence
How do we Succeed?
![Page 45: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/45.jpg)
![Page 46: Into the Darkness - Fujitsu...Deep Web Invisible web Hidden web 14 DarkNetLevels •Indexed By Google Level 0: Common Web L2-3: BergieWeb Level 4: Deep Web Level 5 DarkNet Level 1:](https://reader030.fdocuments.in/reader030/viewer/2022011910/5f7c3dc45235a869e8104525/html5/thumbnails/46.jpg)