--[ Cyber Threat Intelligence on the Deep and Dark Web

$ getent passwd abritt
├─ name: Allen Britt
└── org: Bluestone Analytics

The websites you visit every day represent just a small fraction of the whole Internet. Beyond this “surface web” is the Deep Web, and within the Deep Web is the Dark Web. The presentation will show examples of indications and warnings of APT campaigns and a wide range of nefarious activities on the Deep Web and Dark Web, including malware trafficking, credentials dumps, hackers for hire, and cyberattacks-as-a-service ecosystems that outmaneuver security defenses.

During a live demonstration, analysts will provide rare insights into threat actors on chans and forums and will explain the basics of dark nets, their associated technologies, and defining characteristics. The presenters will also guide participants through examples of APT campaign indications and warnings The session will wrap with highlights on the value of building a data repository and staying agile within this complex environment by leveraging collection and exploitation capabilities that continuously evolve.

Published data on the Deep Web and Dark Web is invaluable; unfortunately, it is often overlooked due to a lack of tradecraft for persistent collection or expertise in accessing it safely and securely. For many agencies and organizations, it means missed opportunities to detect and predict cyberattacks from intelligence that simply can't be found anywhere else.