$ getent passwd abritt
├─ name: Allen Britt
└── org: Bluestone Analytics
The websites you visit every day represent just a small fraction of the whole
Internet. Beyond this “surface web” is the Deep Web, and within the Deep Web is
the Dark Web. The presentation will show examples of indications and warnings
of APT campaigns and a wide range of nefarious activities on the Deep Web and
Dark Web, including malware trafficking, credentials dumps, hackers for hire,
and cyberattacks-as-a-service ecosystems that outmaneuver security defenses.
During a live demonstration, analysts will provide rare insights into threat
actors on chans and forums and will explain the basics of dark nets, their
associated technologies, and defining characteristics. The presenters will also
guide participants through examples of APT campaign indications and warnings
The session will wrap with highlights on the value of building a data
repository and staying agile within this complex environment by leveraging
collection and exploitation capabilities that continuously evolve.
Published data on the Deep Web and Dark Web is invaluable; unfortunately, it is
often overlooked due to a lack of tradecraft for persistent collection or
expertise in accessing it safely and securely. For many agencies and
organizations, it means missed opportunities to detect and predict cyberattacks
from intelligence that simply can't be found anywhere else.