Do you understand what the dark web is?
The underbelly of the internet makes space for illegal activity, freedom fighters and more
The internet is a lot bigger than you’d think. It’s so big that all the regular sites we all visit — Google, your bank website, of course tctimes.com, are all part of what experts call “the surface web.”
This web is linked by easily searched and accessed web pages. These pages, and all the information, photos and graphics are hosted (stored) on servers of companies, such as HostGator.com and GoDaddy.com.
Beneath the surface web is the space known as the “deep web,” which contains password-protected websites, academic research databases and much more, according to diplomacy.edu. Most of what’s actually online is stored here.
A small portion of the deep web is called the “dark web.” Pages on the dark web act like pages on the surface web, but you just can’t find them through an easy search. According to Tech Advisor, they exist on an encrypted network, and cannot be found using regular web browsers.
Web pages also disappear and reappear randomly or change addresses. Users, and the people behind the web sites, are hidden by encryption.
It can be accessed only by downloading special networking tools. “Tor” is one such browser, and has to be installed on your computer to access these sites.
The dark web is most known for creating a forum for illegal activity. Selling drugs and hosting and distributing child pornography are some of the darker uses for the dark web.
However, according to The Atlantic, it’s possible that less than half of what goes on across the dark web is actually illegal.
Not all uses for the dark web are actually “bad.”
Because the users are anonymous and difficult to trace, citizens living under a tyrannical regime have used the dark web to communicate with the outside world, when the surface web is not available or safe.
“On its good side, the dark web enables the communication of human rights activists and whistle-blowers around the world,” wrote Vladimir Radunovic of Diplomacy.org in his article, “The Dark Web: the Good, the Bad, and the Ugly.” “It has facilitated freedom of expression in Iran and Egypt, and it has been used by Wikileaks and Edward Snowden, as well as by journalists and even officials.”
What it means to be a whistleblower
July 30, 2018 | 5:07 PM
Mayor Michael R. Bloomberg (L), joined by Dr. Jeffrey S. Wigand (R), the anti-tobacco advocate and founder of the non-profit organization ‘Smoke-Free Kids,’ announces plans for the 2002 Smoke-Free Air Act at Union Square Park in New York City on October 9th, 2002. – Adam Rountree/Getty Images
Whistleblowers expose frauds and scandals, and have the power to upend a company’s bottom line. You don’t have to look any further than the recent headlines around Theranos — which was exposed by a whistleblower for defrauding investors, leading the company’s value to plummet from billions to zero — to know that reporting misconduct does make a difference.
But what really is the act of whistleblowing? What are the benefits? The risks? And, if you decide to become a whistleblower, will you be protected?
To put it simply, whistleblowing means to report misconduct or illegal activities of a fellow employee, a higher up or an entire company or government agency. A whistleblower is someone who speaks up when he or she sees something that is ethically or legally wrong happening at their workplace.
Whistleblowing goes back in history as far as medieval England, around the seventh century, according to Whistleblowers International. Medieval England is where the phrase “qui tam” originates, which today refers to a whistleblower lawsuit. Qui tam is short for the Latin phrase “qui tam pro domino rege quam pro se ipso in hac parte sequitur,” which translates to “he who prosecutes for himself as well as for the king.”
The first whistleblower in America was none other than Benjamin Franklin, who in 1773 exposed Thomas Hutchinson, the royally appointed governor of Massachusetts, after he found letters showing the politician was misleading Parliament, advocating for more troops to be sent to the colonies to control and repress people who were revolting against new taxes. This case and similar ones during this time in America laid the groundwork for the whistleblower protection laws we have today.
There are several laws in place today to help protect whistleblowers. One of the most notable is the Whistleblower Protection Act of 1989, which protects federal employees who report misconduct within their agency. There’s also the False Claims Act or the “Lincoln Law,” which was enacted in 1863 under the Lincoln administration after contractors supplied soldiers with low-quality gear during the Civil War. In a provision under the False Claims Act, aptly titled qui tam, private citizens are allowed to bring a lawsuit against a corporation on behalf of the federal government. The First Amendment also protects public employees from retaliation from government agencies if an employee chooses to speak out against misconduct. There are also many state laws in place to help protect whistleblowers. According to the National Conference of State Legislatures, 34 states in the country have laws on the books.
Despite all the protections that exist, a company can still make it incredibly difficult for a whistleblower once they’ve come forward. After 26-year-old Tyler Shultz contacted New York state’s public health lab to report his former employer, health technology corporation Theranos, for manipulating proficiency lab testing and talked with the Wall Street Journal, Theranos retaliated against him. Shultz said that Theranos accused him of leaking trade secrets and violating a confidentiality agreement, and had him followed by a private investigator hired by the company. He and his parents have spent more than $400,000 in legal fees for his whistleblowing actions, despite the fact that the claim he made has turned out to be accurate.
An older yet equally famous whistleblower case is that of Jeffrey Wigand, who in the early 1990s was a senior executive at Brown & Williamson tobacco company. He blew the whistle on the company, telling a grand jury and the media the dark and dirty secrets of Big Tobacco: that using it could lead to serious, life-threatening diseases, that it was very addictive and that the industry knew these facts and were trying to hide them from the public.
While Wigand did not take down the tobacco industry, his information aided in lawsuits that ended up costing the industry hundreds of billions of dollars. His decision to come forward got him an undesirable amount of attention from the media and as well as several lawsuits, not just from his former employer Brown & Williamson, but from many other tobacco giants. However, speaking with the New York Times a few years later, Wigand said he did not regret the decision he made to blow the whistle. Today, he lectures on tobacco-related issues around the world and runs a nonprofit he founded called Smoke-Free Kids.
Not every company sees whistleblowers as the enemy. Many companies embrace whistleblowing policies in order to create an honest and open environment and a transparent culture. This pays off, according to the Association of Certified Fraud Examiners, the largest anti-fraud organization in the world. In a 2014 study conducted by the organization, it found that receiving tips on misconduct is the main way that companies detect fraud; it accounted for 42.2 percent. So while being a whistleblower is far from an easy task, it is a vitally important one for both companies and the public good.
Mission First: The Story of an NSA Hacker
August 1, 2018
By George I. Seffers
A front-line network warrior describes the heat of battle.
Millions of times every single day, antagonists search for entry into the U.S. Defense Department’s networks. They come from all over: Russia, China, North Korea, Iran. Some are sponsored by nation-states; others are terrorist groups.
“Adversaries approach the perimeter, and that’s where we sit. They test our defenses, and we’re the ones on the front line, mitigating the threat,” says Spc. Alexander Woody, USA, a counter pursuit operator within the National Security Agency’s (NSA’s) Cybersecurity Threat Operations Center (NCTOC). “We provide 24/7 year-round support for network monitoring, coordination and crisis response.”
Spc. Woody works on what he calls the center’s “watch floor,” where monitors and large display screens are omnipresent. It is an open space with no cubicle walls and constant chatter.
“It’s a little bit like you’d see in the movies, quite honestly,” Spc. Woody says.
Given the rapid-fire, all-action, all-the-time operations tempo, that movie might be called Fast & Furious: The Cyber Connection. “The speed of cyber is a buzzword, but the surprising thing is how true that is. The turnaround on a mitigation for something we’ve discovered is very fast,” he offers. “It’s a lot. The threat is ongoing and persistent.”
The rapid pace requires continual collaboration. The collaboration extends to other organizations, including the U.S. Homeland Security and Energy departments, the FBI, the Defense Intelligence Agency, the Defense Information Systems Agency, the Joint Force Headquarters-Department of Defense Information Network, the Defense Security Service and the U.S. Cyber Command. “Cyber Command is right next door to us, so we are very good friends with CYBERCOM,” Spc. Woody states.
He compares the center’s daily operations to a high-level tennis match. “We’re volleying back and forth with our adversaries all the time. They attack and we defend. They attempt to exploit a vulnerability, and we mitigate that threat. Staying one step ahead—that’s our goal. And we are more than prepared to handle whatever they serve to us,” the specialist declares.
He recalls once when his team won the cyber equivalent of a grand slam. “My team and I discovered an intrusion within a Department of Defense host, and we were able to mitigate that threat before it could cause any damage. We were also able to identify the guy behind that intrusion as a counter pursuit operator,” Spc. Woody reports.
The constant struggle to defend the network can initially be overwhelming. Some version of “I’m not ready for this” is a sentiment expressed more than once by newcomers to the watch floor. “We get them ready,” Spc. Woody says. “When I first got on the floor, I had no idea what I was getting into.”
He defines a sophisticated threat as adversaries who know what they’re doing rather than simply downloading readily available software. “These groups author their own malware or modify existing malware to be especially dangerous,” the specialist reports. “If they are just taking a tool they found on the Internet and throwing it against targets, I wouldn’t call them sophisticated. I would call them sophisticated if they modified that tool or developed their own tool and deployed it.”
As the threat grows more persistent and sophisticated, the outcome of attacks grows more severe. Spc. Woody cites the 2014 attack on Sony Pictures Entertainment as one example. A hacker group going by the name Guardians of Peace not only stole and revealed sensitive information but also deployed a modified version of the Shamoon wiper malware to destroy the company’s computer infrastructure. “This kind of behavior became more aggressive and destructive over the years, and they’re not stopping anytime soon,” the specialist warns.
He describes the threat as evolving from exploitation to disruption. “Bad actors are using tactics like spear-phishing to infect systems and disrupt their operations,” he says, pointing out that the vast majority of cyber incidents occur “when people click things they shouldn’t.”
NCTOC personnel are seeing more and more supply chain attacks in which an adversary targets the systems that host legitimate software and then modifies that software to become malicious. Users then download a seemingly legitimate but dangerous program. “These attacks are especially concerning since users can become compromised even when downloading from trusted sources,” Spc. Woody adds.
He expresses concern that future threats will involve malware that exploits vulnerabilities in hardware as well as software. The specialist offers Spectre and Meltdown as two recent examples. An Intel website explains that the exploits are based on side-channel analysis. A side channel is some observable aspect of a computer system’s physical operation, such as timing behavior, power consumption or even sound. “The statistical analysis of these behaviors can, in some cases, be used to potentially expose sensitive data on computer systems that are operating as designed,” according to Intel.
“If attackers are able to exploit vulnerabilities in a processor, they can hide their malware from software detection and make it a lot harder for us to detect,” Spc. Woody adds.
Intel reports that the exploits cannot corrupt, modify or delete data, but the specialist suggests that could change as techniques evolve. Such exploits would give an attacker the ability to potentially destroy physical components within the victim’s machine. “If an attacker gains control over low-level processor functions, they may be able to bypass safety limits on that chip, and they can modify the chip voltage or temperature to ultimately destroy that computer,” he elaborates.
To counter the threat, the NSA’s cyber force relies on two readily available tools, Splunk and Wireshark. Splunk’s speciality is big data analysis. Wireshark is an open-source packet analyzer used for troubleshooting networks. Because Wireshark is free, anyone can download it and “use the same tool NSA hackers use,” Spc. Woody says.
Sifting through massive amounts of data and properly reporting the results using the NSA’s strict reporting protocols are two of Spc. Woody’s specialties. Reporting requires that analysts focus only on the facts rather than on emotions or hunches. “We have to formulate all of the cyber knowledge into an easily digestible format for all of our partners. That means taking the cyber jargon and boiling it down to something that the end-line users can understand and act on,” he elaborates.
His reports have at times been presented to Adm. Michael Rogers, USN, the recently retired former NSA director. “I find it weird that a [specialist] can produce an intelligence report that can cross the desk of an [admiral],” he says. “Anytime anybody has a reporting question or has anything they want to report, I’m the go-to soldier for that.”
But one skill set he would most like to sharpen is on the offensive side of network warfare. Spc. Woody reveals he is using his own computer and a Raspberry Pi, a small, inexpensive computer, to develop an exploit he could ultimately employ to train other soldiers.
“Network defense and computer network attack go hand in hand. To understand the defense, you really need to understand the attack. I would like to practice more attacks in order to understand defense better,” he explains.
Spc. Woody has been with the NSA for nearly two years. In that time, he has gone from being the most junior analyst on the floor to a senior analyst in charge of his own team.
Before joining the U.S. Army, he studied chemistry at North Carolina State University. Uninterested in the more marketable careers in chemical engineering or applied chemistry, however, he chose a different path, preferring the chemistry and camaraderie of the NSA’s elite force for cyber. A technology career seemed a natural choice for a self-described computer nerd who had built his own computer and managed his own network. “I was an amateur at it, but I enjoyed it,” Spc. Woody allows.
He jokes that coming out of college, he really wanted to train for another career, but he also wanted a paycheck and a place to live while he trained. “The military was the answer to that,” he says.
Spc. Woody voices no regrets about joining the NSA. “I really love this job. In the military, after the military, this is where I want to be,” he asserts.
The specialist says he tries to live by one part of the soldier’s creed: mission first. “I know that’s trite, but it is really easy for me and other people to get sidetracked on and off the job. I like to keep my sights on what’s important,” he offers. “The work we do here directly supports the warfighters downrange who use our networks to carry out the mission every day.”
For more related this story, see Mom Inspires NSA Hacker.