Best Infosec-Related Long Reads of the Week, 10/29/22

Best Infosec-Related Long Reads of the Week, 10/29/22

Hunting for cryptocurrency crime lords, Non-state armed groups turn to cyber, Inside the prisoner swap of Huawei's CFO, El Salvador relies on social media snitches, Leaving social media platforms

Metacurity is pleased to offer our free and paid subscribers this weekly digest of long-form infosec pieces and related articles that we couldn’t properly fit into our daily crush of news. Let us know what you think, and feel free to tell us of your favorite long-reads via Twitter @Metacurity. We’ll gladly credit you with a hat tip. Happy reading!

The Hunt for the Dark Web’s Biggest Kingpin, Part 1: The Shadow

Wired’s Andy Greenberg offers this excerpt from his new book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, about the take-down in Thailand of Alexandre Cazes, the “dark-web mastermind known as Alpha02, a shadowy figure who oversaw millions of dollars a day in narcotics sales and had built the largest digital drug and crime bazaar in history, known as AlphaBay.” Federal prosecutor Grant Rabenn developed a dark web task force that tapped DEA wiretap expert Robert Miller to pierce the veil of the cryptocurrency transactions fueling AlphaBay. This assignment ultimately enabled Thai law enforcement to arrest Cazes in an upscale suburb of Bangkok.

Miller, starting his new assignment, assembled the usernames of AlphaBay's top dealers of heroin and the powerful synthetic opioid fentanyl, and he began to buy from them one by one. As the packages arrived, triple-sealed in silver Mylar and plastic, Miller and the team scrutinized both the shipments and their sellers' online presence. They found that one vendor had made an elementary mistake: He'd linked his PGP key—the unique file that allowed him to exchange encrypted messages with customers—with his email address on the PGP key server that stores a catalog of users' identities.

Miller and Rabenn quickly tied that email to the dealer's social media accounts and real name. They learned that he was based in New York. Miller then found fingerprints on a package of heroin sent from one of his accounts, which matched those of another New York man. Finally, Miller worked with postal inspectors to get photos taken by a post office self-service kiosk. The photos showed the second New Yorker putting a dope shipment in the mail. Miller and a team of agents flew across the country, searched the two men's homes, and arrested them both.

The 5×5—Non-state armed groups in cyber conflict

Simon handler, a non-resident fellow in the Atlantic Council’s Cyber Statecraft Initiative and Digital Forensic Research Lab, brought together five experts to examine how non-state armed groups with histories rooted entirely in kinetic violence are adopting offensive cyber capabilities to further their strategic objective.

Each of these groups has its own motivations for acquiring these capabilities and its strategy to employ them, making developing effective countermeasures difficult for the United States and its allies. In Ukraine, the Russian government is increasingly outsourcing military activities to private military companies, such as the Wagner Group, and it may continue to do so for cyber and information operations. In Mexico, drug cartels are purchasing state-of-the-art malware to target journalists and other opponents. Elsewhere, militant and terrorist organizations such as Hezbollah and Boko Haram have employed cyber capabilities to bolster their existing operations and efficacy in violence against various states.

Inside the Secret Prisoner Swap That Splintered the U.S. and China

The Wall Street Journal’s Drew Hinshaw, Joe Parkinson, and Aruna Viswanatha tell the story of the prisoner swap involving Meng Wanzhou, the chief financial officer of China’s Huawei Technologies, who was arrested in Canada in 2018 on behalf of the U.S., and two Canadians, Michael Kovrig and Michael Spavor, who China seized in retaliation for Ms. Meng’s arrest. U.S. national security officials were convinced Huawei was assembling the architecture China could use to conduct worldwide surveillance and arrested Meng for leverage in a geopolitical battle.

Nervous that any snag could derail the prisoner exchange, only a few select diplomats in Canada’s Beijing embassy knew what was afoot. Embassy staff worked out travel arrangements. A diplomat’s wife volunteered to bake peanut-butter cookies for the trip home.

In Vancouver, Ms. Meng and her lawyers had a 4 p.m. deadline on Sept. 24 to complete paperwork for the agreement with the Justice Department.

After the U.S. case was done, Canada invoked Section 23(3), the article allowing the government to terminate Ms. Meng’s custody.

In China, Messrs. Spavor and Kovrig, handcuffed and blindfolded, arrived at the Tianjin airport. Mr. Barton waited in the VIP lounge.

As the Canadians cleared the immigration checkpoint in China, officers at the Vancouver airport handed Ms. Meng her own freshly stamped passport. She hugged a lawyer and bid farewell to Chinese consular officers.

Social media gossip is fueling mass arrests in El Salvador

Anna-Cat Brigida explains in Rest of World how social-media-driven arrests are rising in El Salvador due to President Nayib Bukele’s crackdown on crime, which relies on citizen reports via public and private messages on social media. Human rights groups and sources close to the police worry that the staff receiving accusations on social media are not trained to identify whether or not they are legitimate.

On May 1, 26-year-old Walber Rodríguez was riding his motorcycle home when a police officer stopped him. He was on his way back from the shrimping cooperative in eastern El Salvador where he works from the early hours of the morning. The officer asked him for his documents to prove his motorcycle was registered, Walber’s sister, Glenda Rodríguez, told Rest of World.

The country was in its second month of a “state of exception,” in which Congress suspended certain civil liberties and granted authorities sweeping powers to make arrests, resulting in mass arrests of more than 55,000 people President Nayib Bukele’s government has argued the measure is necessary to clean up gang violence that has torn apart Salvadoran society for decades. The officer accused Walber of being part of one of these gangs and arrested him.

When Walber’s family found out, they rushed to the scene and asked the arresting officer what proof he had of a crime having been committed. The officer flashed a photo of Walber on his cellphone. Another family member immediately identified it as his Facebook profile picture. “What’s wrong with having a Facebook profile? It’s not illegal,” Glenda remembered saying. “If everyone who has social media is going to end up in a prison, no one’s going to be able to fit.”

Neither Glenda nor anyone else in her family have been able to visit Walber since his arrest.

How to Leave Dying Social Media Platforms

Although not strictly related to cybersecurity, this piece by Cory Doctorow on how to ditch social media platforms is timely for most people in information security.

On a related note, Elon Musk owns Twitter. He bought it with borrowed money, which means that while he has creditors to answer to, he can win any shareholder vote hands down. He is now the dictator of Twitter, just as surely as Rupert Murdoch is the dictator of NewsCorp and Zuckerberg is dictator of Facebook.

Musk’s chaotic acquisition of Twitter has many of its users worried. The private communications where Musk discusses his plans for the service reveal a chaotic, seat-of-the-pants approach to the service that has little contact with reality. Many of those plans are obviously doomed from the outset.

If you value the relationships you formed on Facebook or Twitter, you are likely worried about the future of those relationships. Those platforms are in the hands of arrogant, insulated billionaires who have promised to transform them into something that would be unrecognizable to you, and that’s the best case scenario.

Read more