1
Exploring the DarknetsSession 186, March 7, 2018
Stephen Heath, VP – Security, Intrinium
2
Stephen Heath
Has no real or apparent conflicts of interest to report.
Conflict of Interest
3
Agenda• What is the Darknet?
• How do you get on the Darknet?
• What can you find on the Darknet?
• How do Darknet criminals get caught?
• Q&A
4
Learning Objectives• Recognize how cyber-criminals operate within the marketplaces of
the darknet
• Contrast the reality of the darknet versus the urban legend created by sensationalized headlines
• Evaluate the risk of darknet usage within your organization
• Illustrate how stolen PHI and other PII is bought and sold
5
6
7
Tor• “The Onion Router”
• Distributed Network of relays around the world
• Encrypts communications
• Protects against surveillance and analysis
8
9
10
11
12
13
Disclaimer• This is the part where I start talking about criminal activity
• HIMSS actively discourages, and its employees are prohibited from, engaging in any illegal activity
• I (nor my employer/sponsors/etc.) do not condone this activity
• Topics discussed may be offensive to some people
• If you go on the darknet, you may see things you never wanted to see
• Do not do illegal stuff
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
How to criminals get caught?• Attacks against Tor
• 0-day attacks
• Bad OpSec / Metadata leaks
32
33
34
35
36
37
38
Protecting your networks• NextGen Firewalls
– Application control
– SSL Decrypt
• If you detect Tor activate Incident Reponse
– Employee is doing something they shouldn’t, or…
– Something/someone is in your network
39
Questions• Stephen Heath, VP, Security
• Intrinium.com
• Email: [email protected]
• Twitter: @hackerhiker