Forces of darkness surveyed

Thomas Olofsson was facing an important decision. Either follow in the footsteps of some of his friends and hack companies and government agencies. Or choose the other side and continue with the same interest but in the service of conventional society.

The choice fell to the latter. All things considered, it felt like the path to a simpler and more rewarding life. This is how a career began that has led to Thomas owning his an own company in the security branch, Intelliagg, where Thomas and his colleagues have made the biggest-ever survey of the Internet’s dark forces.

“We've spent a lot of time surveying the Dark Web, the darkest reaches of the Internet, where weapons, drugs and hacker attacks are sold as conventional goods and where few have access,” says Thomas.

The information Intelliagg gathers is sold to their customers so that they can find out, for example, if a coordinated attack on their companies is planned. Thomas and his colleagues can, for example, see if queries are being made regarding how a certain company is hacked, or if challenges for joint actions begin to be circulated. For a company that is facing an attack, this provides valuable time to prepare. The way in which Thomas works is both simple and ingenious.

USING SAME METHODS AS FORCES OF DARKNESS

“We use the same anonymisings against the forces of darkness as they use. We can't see where they are or who they are. But they can't see who we are either and why we are there. To avoid detection and create a comprehensive picture of what is happening, we've infiltrated the networks via hundreds of nodes on a scale that to my knowledge, has never been previously attained.”

The initiative is necessary because the threats during recent years have grown to a scale never before seen. Thomas has observed the changes over the years. 

“Those who think that cyberattacks are conducted by bored youths who want to test their knowledge haven't kept up. Sure, they also exist, but it's criminal groups and increasingly national governments that are behind the intrusion attempts and attacks these days. The latter is not seen in the statistics, which is because states often engage the criminal groups to conduct the attacks.

Cyberattacks against businesses, harmful code, weapons and sex trafficking are on sale, side by side. Increased digitalisation entails new business opportunities even for the dark forces.  

Difficult to get at hackers

Many of the criminal groups have their base in Asian countries at the outer edges of Russia. Many groups previously had their bases in Russia, but after Putin initiated harder measures against them, they' moved to smaller countries beyond the Russian borders. For Western companies, it’s naturally to difficult get at them. So what should can be done?
“The main thing is that companies conduct a thorough risk analysis so that they know where the risks are and what or which information needs to be protected. This work should preferably be made into a process that senior management can update and work with regularly. It is also important to conduct open source intelligence analyses and find out about who might want to access the information or sabotage things for the company or its customers. The more you know about your enemies and their resources, the easier you can prepare and establish a reasonable level of security.”

Identify business-critical information

It might sound like a job for your IT department, but this is something Thomas is strongly against.

“They naturally have an important role in the process, but this has become a matter for senior management. Neither IT nor security departments can have the same understanding of the market situation and of what is business-critical information. Companies that don't understand this will be risking major problems in the future.”