Karim Baratov poses in front of his house in Ancaster, Ont., in this undated photo. Online, Baratov presents himself as a high-end car enthusiast who made his 'first million' at age 15. (Facebook)

22-year-old Hamilton resident's social media profiles paint different picture than FBI's

The FBI alleges that 22-year-old Karim Baratov, from Ancaster, Ont., was one of four men connected with a series of cyberattacks carried out on Yahoo that began in early 2014.But you wouldn't know it from Baratov's online persona.

On Instagram, Baratov presents himself as a high-end car enthusiast. He has frequently posted pictures of Aston Martins, Audis, Mercedes and BMWs, among other cars that he claimed to own; gaining nearly 30,000 followers in the process.

In one post, he describes himself as "well off in high school to be able to afford driving a BMW 7 series and pay off a mortgage on my first house.

"In others, he's shown spreading handfuls of $100 bills.

Baratov, who has dual Canadian-Kazakh citizenship, goes by at least two other names according to the FBI. He does not list his profession, nor how he became so well off at such a young age, on social media.

Karim Baratov InstagramThe 22-year-old was arrested Tuesday morning in Ancaster by Toronto police and turned over to the RCMP. (Instagram)

His Instagram profile describes him only as a: "Workaholic. Occasional drawer. Gym rat.

"But a cached search reveals another description: "Self made entrepreneur/programmer/web developer/investor.

"Clues left on Baratov's various social media profiles and websites registered under his name — coupled with allegations of computer hacking and economic espionage made by the FBI — offer a glimpse into how Baratov may have made his living.

He claimed in postings on the social media site Ask.fm that he made his "first million" when he was 15, working on "online services."

 "I prefer online businesses because there is way less risk and less effort in a way," he wrote.

A call to the number tied with Baratov's home address was not answered.

Baratov made a brief appearance in a Hamilton courthouse on Wednesday morning and was returned to custody.

Old websites leave clues

Neighbours on Chambers Avenue where Baratov lives said Wednesday they often puzzled at the young man's lifestyle – to be able to afford to live alone in a large, new house in an expensive subdivision, and to always be seen driving pricey cars.

"His parents either bought him the house, or he's getting money somewhere else, because he doesn't seem to work all day; he just drives up and down the street," said Kerry Carter, a neighbour who lives a few doors down.

Karim Baratov House 56 Chambers Ancaster Yahoo hacking hackerKarim Baratov's house in Ancaster. A call to the number tied to Baratov's house address was not answered. (Kelly Bennett/CBC News)

Baratov's Facebook page links to a website called Elite Space, written in Russian, which claims to offer a number of services, including servers for rent in Russia, protection from distributed denial of service (DDoS) attacks, and domain names in China.

Though it does not specifically mention hacking, there are clues on other sites that this may also have been among his services.

For example, an email address matching one of Baratov's aliases was used to register an account with a Russian discussion forum, which lists DDoS and hacking as the Canadian user's interests. The profile then links to a website that claims to offer email hacking services for a handful of Russian email services, including Mail.ru, as well as Gmail.

There are also a number of websites registered in Baratov's name, including one called "mail-google.us," and another "mail-yandex.us." Though the websites are no longer online, the URLs appear designed to trick visitors into thinking they are visiting a legitimate Google or Yandex email site — a common phishing tactic. 

Karim BaratovKarim Baratov is shown in a photo from his Instagram account. In online postings, he claims he made his 'first million' when he was 15, working in online services. (Instagram/Canadian Press)

While it is difficult to definitively link the sites to Baratov, they appear to fit the FBI's description of his alleged illicit work.

According to the agency's indictment, Baratov's job was to use the information gleaned from the Yahoo intrusion to gain access to targets' email accounts with other service providers.

​Baratov's last Instagram post was a photo from the 70Down restaurant and lounge in Toronto's Yorkville neighbourhood, the night before his arrest.

Source : cbc.ca

Categorized in Internet Privacy

Earlier this year, a security consultant from Telus Security Solutions, Milind Bhargava revealed that over 70,000 Canadian credit card numbers were listed for sale on a dark web market.

Bhargava released the findings as part of a presentation that was aimed at providing insight on just how much personal information from Canada was available on dark web markets.

He announced this at a SecTor conference held in Toronto.

Credit Cards Were All From One Province

Bhargava’s division, which is usually tasked with monitoring dark web sites that deal in the sale of credit cards for their corporate clients, said that like any other credit and debit cards, Canadian credit cards were easy to identify using the first six digits on the card.

These identify the type of card and also the bank it is affiliated with. As it stands, no organization has claimed credit card theft.

In his presentation, Bhargava said that more than 70,000 Canadian credit cards were suddenly put up for sale on the dark web following the data breach.

Despite the cards being from multiple banks, the security consultant noted that they all came from the same province.

Bhargava noted that it was rare to find such a large amount of stolen credit card information coming from such a localized area. He refused to disclose the identity of the province in question.

Data Breach was Some Form of Contest

70,000 credit cards for sale on the dark web shaken the belief that Canada is immune to cyber and malware attacks rarely make it to the public eye.

 

The stolen Canadian credit cards were on sale for as little as forty cents to as much as $3. The expiry dates on the cards ranged from this year to 2020.

According to Bhargava, there is no clear indication as to how or when exactly the data breach occurred.

The only assumption that could be derived from the situation was that the data collection may have happened for at least over a year.

He also speculated that due to the fact that the cards were sourced from all over Canada, it was possible that the credit card data collection was hosted by some sort of an organization as a contest.

Cyintelligence Inc. Emphasizes on Diligence in Protecting Organizational Data

The CEO of Cytelligence Inc., Daniel Tobok, was not impressed by the figures, saying that the discovery of 70,000 Canadian cards on the dark web market was not that astonishing.

The former managing director of the forensics and security consulting division at Telus, who is now the current head of the Toronto-based digital security consulting firm Cytelligence Inc., divulged in an interview that an upwards of 400,000 different credit and debit cards from Canadian banks are currently on the dark web.

He confirmed the speculation that Canadian cybercrime is largely underestimated, saying that Canada is just as targeted by cyber criminals and malware attacks as any other country.

What’s more, these dark web criminals seek more than just credit card information.

Human resource department databases are often raided for personal data such as social security numbers and T4 income tax information, among other sensitive information.

As Tobok divulged in the interview, his firm had recently been investigating year-long data breaches that resulted in the thefts of approximately 18,000 records containing credit card information and T4 income tax information from a Canadian organization, which he refused to name.

The organization’s security was breached using a carefully executed phishing scam which included email spoofing to install malware in order to breach the organization’s security.

The organization in question was negligent, in Tobok’s opinion, as they had last carried out a thorough security audit two and a half years ago.

Stolen Information Unverifiable

In Bhargava’s presentation alongside Telus consultant Peter Desfigies, he highlighted the fact that despite the alarming amount of Canadian data available for sale on the dark web, there was no way to verify the legitimacy of the stolen data on offer.

However, the availability of Canadian Interac accounts from almost all the major banks in Canada, which came with all the necessary information such as usernames, passwords, and PIN codes, and even security questions spoke volumes about the legitimacy of the stolen information.

Bhargava is, however, sure that little can deter criminals from piecing together bits of data even without the assurance of verification.

He himself had previously been a target of a crime under the pretense of a Canadian government official who tried to extort him in connection with an immigration violation.

The anonymous caller had every bit of Bhargava’s information down pat.

 Source:  darkwebnews.com

Categorized in Deep Web

The science community is keeping a wary eye on a Canadian research team’s claim of finding possible homes for life in outer space.

The researchers from Universite Laval in Quebec City say analysis of some unusual signals has helped them identify 234 potential systems that might be playing host to extra-terrestrial intelligence (ETI).

The theory has evolved over several years and took root when lead researcher Ermanno Borra published a paper in 2012 speculating on how residents of other galaxies may try to broadcast their existence to the rest of space.

He published a theory that such life forms could use lasers to make their home planet emit an unusual signal that would be noticed by anyone carefully observing the cosmos.

Now, Borra and graduate student Eric Trottier say they’ve identified 234 stars emitting that exact signal, adding they all appear to have characteristics that would enable them to help sustain life.

Fellow academics are intrigued enough by the research to study the findings more

closely,

but are currently treating the findings with skepticism and saying it’s too early to make definite claims.

Borra agrees, saying the latest findings – which have been published to a repository of scientific papers and are awaiting peer review – are far from conclusive.

“The kind of signal we found is in agreement with the ETI hypothesis, but right now it’s still a hypothesis that must be confirmed with further work,” Borra said in a telephone interview from Quebec City.

The signal at the heart of the theory involves lasers, which Borra said are a simple form of technology to produce and would be well within the capabilities of civilizations that are potentially much more advanced than humankind.

Borra theorized that sending flashes of light millionths of a second apart would be an easy feat that could produce a dramatic result – altering the unique light spectrum produced by an individual star.

Earth-bound scientists have already dedicated vast resources to charting the spectra of planets, stars and other bodies in various galaxies and collecting the information in central databases.

For their research, Borra and Trottier turned to the Slone Digital Sky Survey, a 16-year project that has purportedly mapped more than 30 per cent of the sky and catalogued

spectra for at least 2.5 million astronomical objects.

Borra said they compared the theoretical spectrum that would be produced by laser flashes to the survey results and found only 234 matches.

Borra said the stars in question all share spectral characteristics with the sun, which itself is too hot to support life forms. The stars he’s identified are therefore more likely to be the centres

of prospective stellar systems in which other life-sustaining planets could exist, he added.

“We intuitively expect that an ETI would bein a planet that turns around a star like the sun at about the same distance as the Earth from the Sun,” he said. “This is because this environment would be the best for life to exist. The proof comes from the fact that life exists on Earth.”

Borra said he accounted for the fact that the spectra might be caused by factors other than ETI, such as chemical makeup or calculation errors, but said the research suggests such factors are not at play.

Academics at the University of California, Berkeley, however, aren’t so quick to dismiss such causes.

The university’s Breakthrough Listen project has announced it will be studying the results more closely, but currently doesn’t place much stock in the findings as a sign of life beyond Earth.

Scientists dedicated to searching for extra-terrestrial intelligence have developed the Rio scale to assess the likelihood that anomalies are a sign of alien life. UC Berkeley currently give the Canadian findings a 0 or 1 on the Rio scale, classifying them as “insignificant.”

“The one in 10,000 objects with unusual spectra seen by Borra and Trottier are certainly worthy of additional study,” the university said in a statement. “However, extraordinary claims require extraordinary evidence. It is too early to unequivocally attribute these purported signals to the activities of extraterrestrial civilizations.”

Borra said the Berkeley researchers will try to reproduce the results with their own telescopes, adding he welcomes the additional scrutiny and potential confirmation from outside sources.

“I do not know myself what this really is,” he said. “More work has to be done to confirm it.

Source:  theglobeandmail.com

Categorized in Science & Tech

Upon discovering that it had been hacked by China, the Canadian government’s scientific-research body did digital damage control on an enormous scale. Firing up its vintage fax machines, it jettisoned scores of computer servers, bought its staff hundreds of new laptops and drew up a list of about 20,000 corporate partners in Canada whose secrets risked being collateral damage.

Records newly released to The Globe and Mail reveal these and other details about the extensive fallout from this nightmare at the National Research Council. The hack of the NRC was highlighted in July 2014, when the then-Conservative government blamed China, making it the only cyber-espionage campaign that Canada has ever pinned on a specific state adversary.

While hacks of government departments occur relatively routinely, the NRC could be considered a more valuable target than most. For decades, it has been routing tax dollars to fund cutting-edge research in agriculture, engineering and computer science. Placing bets on Canadian companies helps the NRC work to ensure future prosperity, and its staff gets a glimpse of emerging technologies and proprietary business plans. 

That’s why the Canadian government was alarmed when federal officials announced two years ago that they had “detected and confirmed a cyber intrusion” within the NRC by “a highly sophisticated Chinese state-sponsored actor.”

But while prime minister Stephen Harper's government took the unprecedented step of allowing officials to make the controversy public, it remains unknown how or when Chinese hackers first infiltrated the NRC’s computer systems, or what drew them to it in the first place.

The records released to The Globe under the Access to Information Act show only the aftermath. Job No. 1 at the agency was to warn the “clients” – corporations, academics, entrepreneurs – via phone calls and mailed letters that they were at risk. “The NRC has been the target of a cyber intrusion. As a result the information held in our systems from your organization may have been compromised,” one form letter reads.

One version of this letter in the NRC files was accompanied by a spreadsheet of more than 20,000 Canadian firms, most of them apparently engaged in government-sponsored research.

“As a precautionary measure, NRC informed all clients and research partners involved in business relationships and research activities of the cyber intrusion,” spokesman Guillaume Bérubé said in reply to questions about this list.

Several of the companies that were contacted by The Globe said they felt that the fallout was minimal because they were careful, even before the hack, about sharing trade secrets with the agency. Their biggest gripe with the NRC was that correspondence and payments became frustratingly slow in 2014. “It wasn’t back to the buggy, but it was pretty close,” said one entrepreneur, who asked not to be named.

This was because staff at the scientific agency had been told not to use computers to communicate. E-mail “must not be used to transmit secure, sensitive or confidential information,” one memo read. “The preferred way of transferring confidential information … is paper (fax, mail, courier),” another said.

Clients were to be told that “if you must share sensitive information with the NRC, the best practice is to do it via physical media” – meaning on paper or via USB sticks.

As the hack was announced publicly, one enterprising NRC employee wrote that he found a stash of safe digital devices. “I’ve dug up a box of brand new McAfee USB keys that we bought a few years ago,” he told colleagues in an e-mail. Calling them “state of the art” for their encryption capability, he said they could serve as a “stopgap, at least until NRC gets in more for everyone.”

Even the act of plugging a smartphone into an NRC computer was deemed risky. “Instead of using your computer to charge your phone, charge it through a wall outlet,” one memo says.

The agency started to pull the plug on almost all of its existing computer architecture as it created the data equivalent of an airlock. The hope was to move electronic files from the NRC’s legacy “black” environment to a blank slate of new machines dubbed the “green” environment.

The in-between step was the “grey zone,” a locked-down “scrubbing” station with no external network connectivity and which banned unfamiliar digital devices and outsiders. “The process of scrubbing data to be taken out of the Grey Zone can take a long time. We have seen up to 40 minutes to scrub 1 GB [gigabyte] of data,” one employee complained.

The NRC’s initial hope was to have fully rebuilt systems within a year. Most are in now place, but the Canadian Press recently reported that some parts will not be ready until July 2018.

Early this summer, the NRC announced that it had embarked on a partnership with its scientific counterparts in a foreign country.

That country is China. This new joint venture with Guangdong province aims to better fund collaborative Canadian and Chinese research projects.

The NRC was asked by The Globe why it would want to do business with a country that allegedly stole from it just two years ago.

Mr. Bérubé said simply that “global collaboration is a competitive necessity to generate new business opportunities.” The NRC spokesman added in his e-mailed reply that “the government of Canada is committed to deepening our trade relationships with established and emerging markets, including China.”

Over the years, the NRC has engaged in several foreign partnerships, and has done business with China before.

But Peter Phillips, a University of Saskatchewan professor who specializes in agriculture and innovation, suggests that several motivations could be at play in the new partnership.

“There’s an old adage that if you can’t beat them, join them,” he quipped.

He added that 2014 will be remembered as a painful year at the NRC. “Everything was down to hard copy, paper, and fax machines at best,” he said. “And this is our largest research organization in the country.”

Source : http://www.theglobeandmail.com/news/national/records-show-extensive-fallout-from-chinese-hack-of-national-research-council/article31695327/

Categorized in Science & Tech

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now