Alison Connolly spoke about how companies can keep their data secure. Alison gives advice to companies on how they can protect themselves. Click the links below to read about how your company can secure its data and to watch Alison's speech.
The psychographic data -where you live, your likes, dislikes, and birthday- obtained by facebook and harvested by Cambridge Analytica is most likely not on the dark web. Criminals buying data from the dark web are primarily interested in data such which can be immediately monetized, such as credit card numbers and social security numbers. Read the full article below to hear from Mark Turnage, CEO of DarkOwl, about the Cambridge Analytica data and your personal information on the dark web.
Cambridge Analytica created “psychographic” profiles, based off of data collected from Facebook and voting records, to target voters in battleground districts. With the help of Cambridge Analytica, Republicans won a one-vote majority in the state chamber for the first time in a decade. Following their work in Colorado, Cambridge Analytica was hired to help President Donald Trump's 2016 campaign.
As newer cryptocurrencies begin to creep up, law enforcement agencies want the same capabilities targeting the newer technology.
Launched in 2014, Monero is a cryptocurrency built fundamentally built to be private and untraceable. Zcash, a much-hyped 2016 addition to the cryptocurrency world, boasts similar privacy goals and is designed by a team of highly-respected academics in the U.S. and Israel.
“Monero in particular [is gaining adoption],” said Andrew Lewman, previously the director of Tor and now a vice president at the dark net intelligence firm DarkOwl. “One or two [criminal] marketplaces have played with Zcash but Monero is becoming much more popular and there is a marketplace that only does Monero now because bitcoin is easy to trace through the blockchain.”
Crime makes up 95% of dark web content ranging from drugs and weapon sales, to the sale of sensitive personal information, such as credit card and social security numbers. The inconspicuousness of dark web websites allows for criminals to stay under the radar of law enforcement.
Listen to Cyberwire's newest podcast featuring Andrew Lewman, Executive Vice President of DarkOwl, and Sherrie Caltagirone, founder and Executive Director of the Global Emancipation Network to learn more about the digital tools they're using to help stop human trafficking online.
New Branding Reflects Commitment to Darknet Expertise
DENVER—(WEBWIRE)—September 26, 2017—
OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet content, announced today it is changing its name to DarkOwl. The new name better reflects its focus on darknet expertise. The change is effective immediately.
“We’re delighted to announce this effort which helps us better align to our core mission of providing the world’s greatest darknet expertise, ” said CEO, Mark Turnage. “Clients and employees alike are drawn to DarkOwl by our darknet expertise. It makes sense for us to adopt this as our branding with our forward moving momentum.”
DarkOwl is based in Denver, Colorado and provides darknet threat intelligence data and services to allow companies and organizations to understand and mitigate their own digital risks. DarkOwl’s data platform allows companies to see in real-time the theft, breach, or other compromise of their proprietary data on the darknet, allowing them to both mitigate damage prior to the information being misused and to highlight gaps in their cybersecurity perimeter. This database is believed to be the largest database of darknet content available to commercial users. DarkOwl complements this with a full range of cybersecurity consulting services. For more information, visit www.darkowl.com.
Channel 9 News visited the OWL Cybersecurity headquarters to interview Vice President Andrew Lewman on a recent admission from Bill Burr, the creator of the most common modern day password standards, who now feels that his initial guidelines do not hold weight in the current cyber environment.
For the many of us who still follow Burr's old template for strong passwords, Lewman offers advice on how you can improve upon your personal password-creation procedure, Jessica Oh reports.
Denver’s Owl Cybersecurity finds U.S. Navy has largest footprint on darknet
U.S. defense agencies ranked higher than non-defense agencies for the amount of stolen data available in the online underworld where cyber criminals often hawk stolen credit cards, according to a new report by Denver’s Owl Cybersecurity.
The Darknet Index: U.S. Government Edition measures the darknet exposure of 59 large divisions of the U.S. Government
DENVER—(WEBWIRE)—August 8, 2017—
OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today announced the upcoming release of The Darknet Index: U.S. Government Edition, ranking 59 agencies by exposed data on the darknet and security threat levels.
To compile the index, OWL Cybersecurity ran each government agency through its proprietary OWL Vision database, focusing on specific darknets for matches on each company’s website and email domains. OWL Cybersecurity then further adjusted the results based on computations of “hackishness"— a proprietary algorithmic rating system which delivers scores based on the likelihood that data could be used for nefarious intent and how recently the data was made available, with recent breaches or data leaks containing an organization’s proprietary information given the most weight.
Having recently reranked the Fortune 500 on this basis, OWL Cybersecurity examined the U.S. Government to see whether its agencies have a markedly different darknet footprint than previously released indices.
“These results are not encouraging given the amount of money the [U.S.] government spends on cybersecurity,” said Mark Turnage, CEO of OWL Cybersecurity. “With higher darknet footprint scores than even the largest commercial sectors, it is critical that these agencies look at the darknet as a key component of a complete information security program.”
Preliminary insights from the index include:
- The U.S. Navy leads the Index. It has the most extensive darknet footprint of all of the government agencies examined.
- The U.S. Government scored worse than expected as compared to the largest U.S. companies. The U.S. Government averaged 1.6 points higher than the average Fortune 500 company, meaning that the government has a comparably larger amount of darknet exposure.
- Military and defense groups overall are the largest target, closely followed by Cabinet agencies. A target’s attractiveness stems from the desirability of its protected information. Whether personal or proprietary, it would appear that the groups more closely linked to defense have data that cyber criminals find attractive.
Based on the results of OWL Cybersecurity’s Government Darknet Index, it is apparent that the company’s approach is a key factor in a complete information security approach. This tactic also offers a glimpse into the sheer volume of information available on the darknet, confirming that no company or organization is without risk on the darknet — not even cybersecurity organizations. Analyzing and monitoring darknet data is an integral part of a complete cybersecurity program, allowing organizations to quickly detect security gaps and mitigate damage prior to the misuse of their compromised data.
OWL Cybersecurity is based in Denver, Colorado and provides darknet threat intelligence data and services to allow companies and organizations to understand and mitigate their own digital risks. OWL Cybersecurity’s data platform allows companies to see in real-time the theft, breach, or other compromise of their proprietary data on the darknet, thus allowing them to both mitigate damage prior to the information being misused and to highlight gaps in their cybersecurity perimeter. This database is believed to be the largest database of darknet content available to commercial users. OWL Cybersecurity complements this with a full range of cybersecurity consulting services, including security assessments, penetration testing, application and code review, incident response, and digital forensics. For more information, visit www.owlcyber.com.
"Like commercial entities, government agencies have a tendency to find their secrets leaked to the dark web. Unfortunately, US government secrets are leaked at a much higher rate," TechRepublic reports.
TechSling's Andy Heikkila recently covered our Fortune 500 index and "[how] nobody is safe from the dangers of the dark web. If Fortune 500 companies are at risk, yours may be too — but how do you tell? And, more importantly, how do you protect yourself?"
Cyberscoop's Patrick O'Neill talks to Andrew Lewman of OWL Cybersecurity about the recent takedown of the darknet's two most popular marketplaces, Hansa and Alphabay.
The two discuss the United States Attorney General's recent comments on the dangers of the darknet, and how his public statements have led to a notable, increased interest by federal and private funders to invest in firms who specialize in darknet (or "dark web") intelligence.
Hewlett Packard and Accenture also rank high on OWL Cybersecurity’s Darknet Index: Black Hat Edition examining the darknet presence of all 283 exhibiting companies
DENVER—(WEBWIRE)—July 26, 2017—OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today released The Darknet Index: Black Hat Edition ranking all 283 Black Hat USA 2017 exhibitors by security threat levels and exposed data on the darknet.
To compile this Index, OWL Cybersecurity ran each Black Hat exhibitor through the OWL Vision database, focusing on specific darknets for matches on each company’s website and email domains. Then, OWL Cybersecurity further adjusted the results based on computations of “hackishness” — a proprietary algorithmic rating system which delivers scores based on the likelihood that data could be used for nefarious intent. OWL Cybersecurity also weighted data based on how recently the data was placed on the darknet, with recent results — from within the last 90 days — given the most weight, as recent breaches or data leaks containing an organization’s proprietary information often are most useful in targeting organizations.
“What matters most is an exhibitor’s ranking as compared to its competition,” said Mark Turnage, CEO of OWL Cybersecurity. “For example, if Symantec, Trend Micro, and Kapersky Lab consider each other competitors, they should assess their footprint scores in relation to one another.”
OWL Cybersecurity recently reranked the Fortune 500 by darknet footprint and security levels, and decided to examine the Black Hat USA 2017 exhibitors to see whether they have a markedly different darknet footprint than other indices. Every company on the Fortune 500 index had a presence on the darknet, whereas only 75 percent of the Black Hat exhibitors did, by far the lowest percentage of positive sample results OWL Cybersecurity tested across multiple groups.
Some key takeaways from the index include:
- Microsoft leads the Black Hat Darknet Index. Microsoft scored higher than the score they registered three months ago when their darknet footprint landed them at #12 on the Fortune 500 Index.
- Hewlett Packard and Accenture are not far behind. OWL Cybersecurity attributes these rankings to the companies’ growing volume of data collected in the OWL Vision platform.
- The U.S. government is exposed. The Department of Homeland Security ranks fourth on the Black Hat Darknet Index, which is surprising given its overall mission. (Next month, OWL Cybersecurity will publish their ranking of the top U.S. government agencies by their presence on the darknet.)
- Top targets are large organizations expanding into cybersecurity. Four of the top 10 ranked companies in the Black Hat Darknet Index are also listed in the Fortune 500 Index. All three of the largest anti-virus firms were in the top 20. While OWL Cybersecurity expects larger, more established companies to have more significant darknet footprints overall, the degree to which these factors determined the top rankings of the Black Hat Darknet Index was surprising.
- Hacked valuable data leads to an increased risk. The highest-scoring companies all had credentials and/or intellectual property, which can be monetized by others, exposed on the darknet. The presence of this type of sensitive information is quite common in the database.
Based on the results of The Darknet Index: Black Hat Edition, it is apparent that investing in cybersecurity has tangible Darknet Index score benefits. While there were exceptions, companies that take information security seriously (like most Black Hat exhibitors), should have smaller darknet footprints and, thus, lower Index ratings.
“Our approach is a key factor in a complete information security program,” said Turnage. “A complete program incorporates the analysis and monitoring of darknet data, allowing organizations to quickly detect security deficiencies and alleviate any damage prior to the misuse of their compromised data.”
The complete Black Hat 2017 Darknet Index will be released for public download at http://www.owlcyber.com/black-hat-2017 on Friday, July 28, but will be available to all Black Hat exhibitors and attendees at OWL Cybersecurity’s booth, 973 in the Business Hall, during the conference, which begins today.
To see the OWL Cybersecurity Darknet Index: Black Hat Edition, please visit us at Black Hat USA 2017 in Booth 973. Otherwise, the report will be available digitally at the below link starting Friday, July 28, 2017.
DENVER—(WEBWIRE)—July 24, 2017— OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today announced members of the company’s technical teams will be presenting at DEFCON 25, the oldest continuously running hacker convention, July 27-July 30 at Caesar’s Palace in Las Vegas.
OWL Cybersecurity members will be presenting a discussion on operational security titled, “From OPSUCK to OPSEXY, an OPSEC Primer” on Friday, July 28 at 1 p.m. PST at DEFCON Skytalks in Caesar’s Palace. The discussion will be led by Justin Whitehead, Steve Pordon and Preston Nelson, all of OWL Cybersecurity, and will focus on first-hand experiences in the information security industry to help people gain a better understanding of threats and how to protect against them.
Whitehead will also be teaching at DEFCON R00tz Asylum with the Drone Wars team at 1 p.m. PST in Caesar’s Palace on Saturday, July 29. Whitehead will teach an introduction to setting up the Raspberry Pi 3 and discuss how the computers can be used in the world of drones. The talk and workstation will offer flight simulators, as well as construction and operation projects using drone build kits, custom 3D-printed designs (you can print your own at the event), Raspberry Pi build kits and drone racing. Attendees will learn about remote camera setup and functions, real flight controllers, simulated flights and drone functions, as well as exciting adaptations. Drone race winners will leave with a custom drone build kit plus remote or a Raspberry Pi.
“We are thrilled to contribute to this con that brings together the best and the brightest of the infosec community for what is, undoubtedly, one of the most anticipated events among colleagues and friends,” said Whitehead. “This is one of the only conferences where we can race drones one second, and then share real-world experiences to help each other become more effective in our work.”
In addition to all the activities, the OWL Cybersecurity research team will unveil their unique Kali Linux distribution and delivery/deployment adaptation at the convention.