February's OSINT Digest: Cyberattacks Spiral While Black Markets Embrace 'Fair Play'

Starting from February, every month we’ll be handpicking a unique selection of the most curious, important or thought-provoking news and trends across the world of infosec and OSINT. From the latest industry innovations and breaking global stories, to underground news items, surprising facts, and essential hacks – we'll be covering it all. Watch this space to keep your ears to the ground for all things OSINT.

So, let's jump into this month’s news!

The February Round-Up

As OSINT is slowly being integrated into the working life of professionals outside the cybersecurity industry, modern journalists claim that high-quality material demands both scientific approaches and tech-savvy investigation methods.

In another story, underground aspects of the Internet, such as the Dark Web, are becoming a little more ‘civilized’ with emerging quasi-regulations. And as the icing on the cake, the cybercrime game has reached a new level as an entire state has funded a nuclear defense program with stolen cryptocurrency.

OSINT as a New Weapon for Modern Journalists

Being an advanced Google user with a branching network is no longer enough to carry out a trustworthy journalistic investigation. Fake news, the deepfake epidemic, digital footprints, and the ambivalence of public opinion, are all combining to distort all media that is being produced and consumed. In response to this worrying state of affairs, notable journalists have begun speaking out about the necessity of intelligent data mining and analysis tools, to keep the issue in check.

In the journalism sphere, OSINT helps reporters separate the wheat from the chaff and confidently stand by their claims. In his article 'The Rise of Science-Based Investigative Journalism,' the famous journalist James Fahn argues for the necessity of data mining and satellite imagery research in conducting successful investigations.

Meanwhile Deborah Blum, director of the Knight Science Journalism Program at MIT, also supports the use of OSINT in simplifying the investigation process. In an article published last year, she asserts that by following a 7-step algorithm, journalists can leverage such technologies to draw innovative conclusions. We don’t doubt it!

Illicit Marketplaces on the Dark Web are Becoming More… Civilized

Since most darknet classified marketplaces exist as forums, they tend to look similar to ordinary chat spaces. However, unlike traditional forums, they are also platforms for selling illegal tools such as malware, ransomware, and zero-days, as well as typical black market commodities such as drugs.

While such platforms may seem lawless by definition, in recent developments they have begun adopting dispute resolution procedures to oversee proceedings and penalize users who do not trade fairly. Curiously, it seems like black markets are cultivating a taste for fair play and client-oriented trade approaches.

The primary objective of such arbitration is to de-dramatize open disputes over ‘rip-off merchants’ because it can attract the unwanted attention of the law (e.g., a disappointed customer can anonymously draw the police’s attention to a marketplace as a means of ‘retaliation’). For instance, on the Hydra marketplace, buyers on cybercrime forums can turn to administrators to start a dispute resolution.

The claimant must provide the following information:
•   An overview of the claim;
•   The nickname of the defendant, including a link to his profile;
•   The defendant’s contact information (e.g. Telegram, Jabber, or email address).

Once a formal complaint has been lodged, proceedings unfold like quasi-court hearings with other members of the forums contributing testimony before a final ruling is made. Verdicts may result in temporary or permanent bans. For wary customers, administrators also offer voluntary escrow options, whereby a ‘neutral’ third party holds funds until both payments have been assured and goods received.

Meanwhile, for OSINT investigators, the information gathered by these marketplace administrators represents a mine of valuable data in conducting criminal investigations. That said, they are also a treasure trove for cybercriminals who want to profit from trading in sensitive personal data.

Corporate Cyberattacks Hit New (Anti)-Record

According to CheckPoint, the global number of weekly cyberattacks rose in Q4 2021 to 925 attempts per organization. The security vendor claims that these figures have been steadily on the rise for over two years, showing a 50% increase from 2020 to 2021.

The most popular sectors for attackers:
•   Education and research — 1605 attacks per organization every week (a 75% increase since 2020);
•   Government/Military — 1136 attacks (a 47% growth);
•   Public sector — 1079 weekly attacks (a 51% growth).

So, where is this taking us? Well, if the online sphere can be considered a dimension of human life – which it clearly can – we are entering the ‘cyber-Wild West’. But unlike the actual Old West, there's no waiting for a sheriff to come and sort things out. Unfortunately, since cybersecurity cannot develop quite as quickly as the Internet, organizations should ensure their own cyber-protection before it's too late.

The Fact of the Month

Crime-related cryptocurrency transactions have hit an all-time high: $14B in 2021.

Further Reading

Cybersecurity Conferences 2022

Online security has always been more about community than any other IT sector (together, we're stronger 💪). Interested in meeting new people and sharing your ideas? Check the list of upcoming conferences! By the way, it'd be lovely to see you at the ISS World conferences where our team regularly participates.

Deepfake Identification for Non-Specialists

Deutsche Welle’s team has prepared a great guide on the concept of deepfake photos and videos. This will be engaging for anyone unfamiliar with the topic or people who want to explain the issue to friends in simple terms.

Cybersecurity Failure Now a Top-5 Global Problem

According to the World Economic Forum’s 2022 Global Risks Report, cybercrime is not just one of the biggest threats to individuals and businesses today, it is one of the most formidable challenges facing humanity at large, alongside climate change and the Covid-19 pandemic.

North Korea is rumored to have funded its new ballistic missiles with cryptos

According to a United Nations report, North Korean hackers targeted crypto firms, exchanges, and other institutions in stealing $400M worth of cryptocurrencies to fund the state missile program. Wow.🕵️

OSINT Tools a Game-Changer for the Law Enforcement Sector

We've recently published a new article in our blog dedicated to the uses of open-source intelligence among LEAs and intelligence bureaus. We cover how OSINT technologies can enhance investigations and increase case success rate – all supported with practical examples.

That’s all for this month. Stay tuned for our new releases!