Tuesday October 22, 2019
Home Lead Story Dark Web Expo...

Dark Web Exposes Computer-server Data Transfer to Hackers

In comparison, there were just 531 mentions for ransomware

0
//
Representational image.

Cyber criminals now have access to the most-secured data files used to facilitate confidential communication between organisations’ servers and clients’ computers on the Dark Web, say researchers.

According to the team from Georgia State University and the University of Surrey, a thriving marketplace for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) certificates exists on a hidden part of the Internet.

SSL and TLS are security technology (https protocol) that protects the transfer of data and information between computers and servers.

Networked machines use keys and SSL/TLS certificates to identify and authenticate themselves when connecting to each other, much like humans employ user names and passwords to go online.

According to the researchers, when these certificates are sold on the darknet, they are packaged with a wide range of crimeware that delivers machine identities to cybercriminals who use them to spoof websites, eavesdrop on encrypted traffic, perform attacks and steal sensitive data, among other activities.

“One very interesting aspect of this research was seeing TLS certificates packaged with wrap-around services — such as Web design services — to give attackers immediate access to high levels of online credibility and trust,” informed lead author David Maimon, Associate Professor in Georgia State.

Two days before the major cyber-hack on Wednesday, Dr.Krishna warned about the growing number of hospitals that could be shut down by ransomware attacks.

A search of five marketplaces in the darknet uncovered 2,943 mentions for SSL and 75 for TLS.

In comparison, there were just 531 mentions for ransomware.

It was surprising to discover, he added, how easy and inexpensive it is to acquire extended validation certificates, along with all the documentation needed to create very credible shell companies without any verification information.

Also Read- Supreme Court Restricts Defacement of Hillocks, Public Places with Political Slogans

“This study found clear evidence of the rampant sale of TLS certificates on the Dark Net,” said Kevin Bocek, Vice President of Security and Threat Intelligence for cyber security firm Venafi.

“Every organisation should be concerned that the certificates used to establish and maintain trust and privacy on the Internet are being weaponised and sold as commodities to cyber criminals.” (IANS)

Next Story

Oracle Ensures Keeping Sensitive Data within Boundaries of India

Not just big enterprises, Sutherland is confident the new Oracle Cloud will help small and medium businesses (SMBs) shun the legacy infrastructure and begin their Cloud journey

0
Oracle office.

By Nishant Arora

There is definite hunger and desire among the Indian enterprises to move their workloads to the Cloud and with Oracle Gen 2 data centre now open in Mumbai, we have ensured that sensitive data remains within the boundaries of the country, a top company executive has said.

The Indian CEOs and CTOs are clear on one thing: It’s from my data that I’m going to learn my customers’ behaviour, understand my product better, receive new insights and innovate on top of those.

“Every organization is a data organization today; it’s all about the information and how to analyse it, parse it and create AI-based Cloud models that help the organization grow. We have now fulfilled the most challenging demand coming from the Indian businesses: If the data doesn’t stay on-premise, let it stay within the country,” Andrew Sutherland, SVP-Technology, Oracle EMEA and JAPAC, told IANS.

For Sutherland, it is big leap for Oracle at a time when not only companies but the governments too recognize the value of information and how data is core to the success of any firm across verticals.

“We’re becoming increasingly conscious that there are strong data jurisdictions and we need to respond to that in a sensible way. By putting Gen 2 Cloud data centre here in India, we hope that we will meet those requirements,” the executive noted.

Over 100 enterprise customers in the country have already moved their workloads onto the Gen 2 Cloud data center in Mumbai, which is being run solely by Oracle without any third-party involvement.

The Cloud major has plans to open another Gen 2 Cloud data centre in Hyderabad next year.

Oracle Launches Intelligence Map for Close Look at Internet.
Witnessing double-digit growth in India for past 3 years: Oracle. IANS

Customers and partners in India can now harness the power of Oracle Cloud and leading services like Autonomous Database to unlock innovation and drive business growth.

The Gen 2 enterprise cloud supports all legacy workloads while delivering modern cloud development tools, so enterprises in India can bring forward their past as they build their future.

According to Sutherland, to help enterprises achieve greater insights and deliver better customer experiences, we need to have a whole new Cloud architecture that is built around cost, scalability, agility and self-repairing capabilities.

“In the new Oracle Cloud infrastructure (OCI), the multi-layered security provides a different security architecture with incorporating intelligence into it. We’re asking data to look after itself with autonomous database in this infrastructure. That’s what we are confident it will help unlock the modern Cloud era for enterprises,” he elaborated.

Also Read: Bitfury to Set up a Blockchain Innovation Centre in Hyderabad

Not just big enterprises, Sutherland is confident the new Oracle Cloud will help small and medium businesses (SMBs) shun the legacy infrastructure and begin their Cloud journey.

“There’s hunger and desire to move onto the Cloud among SMBs in India. I don’t think there’s any cultural resistance in any way. There is boldness in their approach. The next step is where to take the first bite to eat and for that, we are here to help,” said the Oracle executive. (IANS)