By Warrior Maven Global Security Staff
Private security firms are working with US law enforcement and intelligence professionals to integrate downloadable software products able to access, investigate and ultimately thwart criminal and terrorist activity on the Dark Web.
Described as exploited areas of the “deep web,” the part of the web not indexed by search engines, the “Dark Web” often affords bad actors an opportunity to engage in money laundering, human and drug trafficking, illegal business transactions and many other activities known to inhabit the dangerous nexus between transnational crime and terrorism.
Emerging technology can now synthesize elements of various available products such as a free software called TOR -- a product designed to enable anonymous communication directing traffic through a network of more than 7,000 relays.
Growing concern in this area, including the fast-growing synergy between terrorist activity and recruiting and the Dark Web, continues to generate substantial security-minded activity throughout the international community.
As a result, a select group of global security firms are now supporting broad-sweeping industry, US government and United Nations efforts to close a troubling gap between the growing volume of dangerous activity on the dark web …. and the amount of technical expertise needed to fight it.
A 2012 report from the United Nations Office on Drugs and Crime on the internet and terrorism speaks to this concern, writing that “there is limited specialized training available on the legal and practical aspects of the investigation and prosecution of terrorism cases involving the use of the Internet.”
One particular application now being taught and implemented is a Dark Web Advanced Privacy Browsing technology engineered by Torres Advanced Enterprise Solutions, a global security firm; Torres, which supports the US Department of State, Department of Defense and allied efforts from various friendly partners, has provided law enforcement and counterterrorism authorities in Paraguay, Argentina and Brazil with cyber forensics systems with integrated downloadable software designed to track Dark Web activity.
Products of this kind, have a particular relevance and utility in places such as the less-regulated and dangerous tri-border area of South America where Brazil, Paraguay and Argentina intersect. Long known as a hotbed of organized crime and terrorist activity, this area continues to command substantial attention from US and allied security professionals. Having engineered an integrated browser and Cyber Forensics system, Torres currently trains international law enforcement and counterterrorism organizations around the world in cyber forensics to help expand the effectiveness of allied international efforts to fight terrorism on the Dark Web. (-- To Read Warrior Maven Global Security's Story on Training in Cyber Forensics in Tri-Border Region CLICK HERE --)
Leveraging an ability to use “white hat” cyber professionals, the Torres products enable what’s called Penetration Testing. Essentially, this involves having expert computer professionals utilize various “offensive cyber tools” to “hack” into various networks to find potential vulnerabilities. These are the same tools that bad actors, black hat hackers, engineer to attack businesses and governments globally.
For this reason, law enforcement and government counterterrorism professionals operate on the Dark Web with products such as TOR, which “makes it more difficult for internet activity to be traced back to the user as it conceals users’ locations and online usage,” Torres officials explain.
TOR can obscure a range of practices, such as “visits to web sites, online posts, instant messages and other forms of online communication,” Torres experts add.
TOR is therefore something which can be leveraged by bad actors seeking to avoid surveillance as well as “white hat” cyber professionals and law enforcement hoping to identify and prosecute those involved in illegal activity.
The effectiveness of TOR is further detailed in a 2016 essay from Texas A&M University, titled “Deep Web, Dark Web, Invisible Web and the Post-ISIS World.”
The paper describes how TOR browsers use random entry points provided by a server in what’s called an Onion network, a routing technique used for anonymous communication online often using layers of encryption.
“Data requests are encrypted and forwarded along with the final destination address. Each subsequent relay point in the path unencrypts the address, re-encrypts the request and forwards along. It only knows where the data came from last and where it goes next,” the essay writes.
As a result, the particular path taken by data cannot be determined, because data is encrypted between nodes at each point. Furthermore, the TOR network can generate “new paths approximately every 10 minutes to provide further privacy in case someone is performing traffic analysis at a singular node.”
Also, Torres has integrated TOR with a desktop operating system known as Whonix which also enables anonymity on the internet. Whonix, based on both TOR and Debian GNU/Linux, consists of virtual browsing tools which can access and investigate the Dark Web, Torres information indicates.
The Whonix operating system consists of two virtual machines, the Whonix-Workstation and the Whonix-Gateway; based on the principle of “security by isolation,” the Workstation runs user applications on an entirely isolated network while the Gateway runs TOR processes, according to Torres.
“Within this 100% isolated network environment, research and evidence-collecting on illegal activity can be gathered by investigators without accidental exposure. This keeps bad actors from knowing that law enforcement is conducting cyber investigations,” a Torres research paper explains. (-- To Read Warrior Maven Global Security's Previous Piece on Dark Web Security CLICK HERE -)
The Texas A&M research paper addresses several of these promising cutting-edge methods increasingly being explored by law enforcement and intelligence professionals seeking to address crime and terrorism on the Dark Web. One such program cited in the paper is DARPA’s Project MEMEX, a technology designed to build a better map of the internet. Based upon the premise that standard technologies such as Google and Bing are only able to capture a small percent of the internet, MEMEX works to discover the full range of content and make it available for analysis.
“MEMEX allows you to characterize how many websites there are and what kind of content is on them,” the paper says.
Tracking someone using TOR can also be done by tracking a user’s keystrokes, the Texas A&M paper says.
“Just like how someone will have the same handwriting tendencies over and over again, when people use a computer they tend to create a pattern with their keystrokes,” the paper writes.