Cyber-demic’s Dark Side
Brian Stack
Vice President of Engineering & Dark Web Intelligence at Experian Consumer Services
June 2021
A monthly digest on dark web activity which is heavily influenced by the impact of COVID-19, remote working, nation state activity, seasonal scams, major data breaches, as well as general ID theft protection, data trends, tips and recommendations.
---------------------------------------------------------------------------------------------------------------
First Oil, Then Beef, What’s Next?
We’ll we’ve seen what’s next with a consistent flurry of attacks on different sectors…Interestingly, our Cyber Analysts saw a spike of several hundred Colonial Pipelines emails showing up for sale on the dark web in the months prior to the attack…We can’t confirm that any of these credentials were used as an attack vector for the ransomware but dark web exposure for the company was higher in the last 12 months than the previous, hmmm…Some notable stats - malware statistics from the third quarter of 2020 show that the average ransom payment was $233,817…According to @Coveware, this marks a 31% increase from the second quarter and a 47.8% increase from the first quarter of the year…Notwithstanding the eye-opening $11M paid by JBS…Ransomware attacks statistics show it’s not just the average ransom payment that increased over the past year - the average downtime caused by the attacks also saw a significant rise with downtime 19 days in the third quarter of 2020, up 19.2% from 16 days in the second quarter…Read my data breach expert colleague’s comments about ransomware here.
Alexa Opens The Front Door for Thieves
“Alexa, disarm the security”…What if a thief could issue that command from 100 meters away or more?...A research team in 2019 used light to remotely control Google Assistant, Amazon Alexa, Facebook Portal, and Apple Siri by exploiting a vulnerability in their microphones…They used the light beams to inject invisible and inaudible commands to the digital voice assistants as well as voice-controlled smartphones and tablets – through glass windows as far away as 110 meters…They have demonstrated their light-injection hack against the Amazon Echo 3, Echo, Siri, Facebook Portal, and Google Home...Not to be training any criminals out there but how it works is you shoot the laser to the acoustic part of the mic that then it gets converted into an acoustic signal…The voltage signal looks exactly the same is if it's being done by an acoustic signal…This converted acoustic signal allows a high-tech robber to issue commands to voice-enabled devices, such as garage door openers, smart locks, and home security system cameras…So what to do?...Keep devices up to date and look out for software patches.
Not Samuel Morse’s Telegram
We monitor many messaging platforms and the Telegram app has hit the news as the “new dark web”…But I disagree with this characterization as it’s merely an extension of it and we’ve been infiltrating messaging apps for several years now including such apps as Telegram, Discord, and Facebook messenger in order to protect consumers from identity theft…We currently monitor tens of thousands for messaging channels daily for illegal activity…Any platform that is highly secure and has private messaging is certainly going to be exploited by bad actors.