12
Sep, 2016
deployment_of_nsa_malware_400.jpg

Exploits From the NSA are Now on the Black Market

deployment_of_nsa_malware_400.jpg

If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools–a dangerous concept.

Granted, there’s no proof that the tools are legitimate exploits used by the NSA, and they certainly won’t admit to being hacked. Yet, some security professionals hint that the hackers might actually be telling the truth this time. Researchers have found sample files provided by the hackers to contain some legitimate exploits that could realistically be used to launch hacking campaigns. In fact, some of the stolen exploits take advantage of widely-used security services and firewall solutions, which could be used to infiltrate countless infrastructures around the world.

The hackers responsible for this crime claim to have stolen the exploits from the Equation Group, which is a cyber espionage organization that supposedly has ties to the NSA. The Equation Group is most notorious, perhaps, for their probable role in the development of the Stuxnet computer worm and other advanced malware. The group of hackers who stole the NSA’s exploits–aptly titled the Shadow Brokers–desire to auction the exploits to the highest bidder on the black market.

More specifically, the exploits for sale target the firewall technology of some big names in the cyber security industry, such as Cisco, Juniper, Fortinet, and Topsec (a Chinese brand). Despite suspicions, many security professionals are labeling the code as legitimate, and one has even managed to confirm that one of the exploits uses an IP address that’s registered to the United States Department of Defense. However, rather than the exploits being stolen directly from the NSA, it’s thought that they were discovered on another system that the NSA was in the process of monitoring and that the hackers stole the code in order to turn a profit off of it.

These hackers are currently selling the exploits on the black market in exchange for Bitcoin, but even if they were to receive a value proposition, who can say if it’s likely that they’ll actually hand over such valuable information? There are some researchers who believe that it’s nothing more than an elaborate scam, primarily due to the fact that the NSA hasn’t confirmed any affiliation with the Equation Group or the exploits. Perhaps the Shadow Brokers aren’t telling the truth, but either way, we can expect some dire consequences of such powerful exploits being leaked to the world.

The Shadow Brokers have claimed that they will publicly expose the exploits if they can acquire one million Bitcoins, which presents an interesting (and terrifying) gambit; what would happen if these exploits were to be made public? Hackers around the world would be able to exploit government-grade malware for espionage and network infiltration. It’s a nightmare just waiting to happen.

What are your thoughts on this development? Let us know in the comments.

11
Mar, 2016
b2ap3_thumbnail_cybercrime_black_market_400.jpg

Drugs, Assassins For Hire, Weapon Sales, and More: All Conveniently Found On the Web

b2ap3_thumbnail_cybercrime_black_market_400.jpgThe Internet is a fascinating and wonderful place full of great, informative resources and websites, but it’s also home to online markets for illegal and unethical practices. These hotbeds of criminal activity are a danger not only to your business, but to everyone who uses the Internet.

Specifically, the Internet (or what’s known as the “dark web”) is often used to anonymously distribute drugs, data, and other questionable activity. The Internet itself allows for anyone to take on a pseudo-anonymous nature, but there are other, much darker parts of the Internet that can only be accessed if you’re truly anonymous. Users who are using the anonymity browser Tor can go about their business on the dark web with little to fear. Many online black markets will only allow users to access them if they’re using Tor, primarily because they want to dodge law enforcement as much as possible.

Not all online black markets take this same precaution, though. Some illegal online markets don’t care about staying available to their buyers or hidden from the authorities, and will even sell to the common masses rather than hardened criminals. This sporadic and unpredictable behavior is one reason why everyone should be concerned about the dark web. Since these underground black markets are often available via the “surface web” (the part that the average user sees), this increases the range and scope of who criminals can target with their goods, which allows the cybercrime industry to thrive.

From Trend Micro via TechRepublic, here’s a chart detailing what the online crime market is primarily used for.

ib stats

Drugs are one of the biggest components of the online cybercrime industry, but stolen data dumps and crimeware are the second and third largest threats, respectively. A surprising factor, however, is the presence of illegal online arms manufacturing, and even assassinations. When you consider the fact that anyone can access these assets through the surface web, it’s a frightening concept indeed.

The North American underground dark web network is generally considered what’s called a “glass tank.” It might be useful for its intended purpose, but it’s so transparent and fragile that it can shatter and break at any given moment. Trend Micro reports that the life cycle of most black market sites is very short. The sites could be available one moment, and gone the next.

If you take away anything from this blog article, it’s that cybercriminals are as resourceful as they are slippery, and that they’ll use any means necessary to make a quick buck. This includes selling information they’ve stolen from businesses just like yours on the black market, or selling malicious code to would-be hackers. Business owners need to be exceptionally cautious when dealing with criminals on the Internet, simply due to the fact that they’ll attack for no other purpose other than to cause a little bit of chaos and to throw your sensitive data in the “for sale” window. It’s important to remember that there is, in fact, a market for your stolen data, and that hackers will do whatever it takes to breach your systems and make money off of your misfortune.

NuTech Services knows how to handle the security threats that your business faces every day, and we can outfit your network with the solutions required to eliminate and detect issues before they become bigger problems. Furthermore, we can protect your organization’s end-users from accessing infected or suspicious sites, like potentially malicious web pages, or those designed to sell questionable goods. Perhaps the best way we can protect your business is by offering enterprise-level security solutions, like firewalls, antivirus, content filtering, and spam blocking solutions, effectively mitigating the odds of your business falling prey to a hacking attack.

For more information, give us a call at 810.230.9455.