With the new year upon us, it’s not just security professionals who are wondering where to focus their attention in 2015. Data uncovered using Cyveillance’s Cyber Threat Center suggests some types of illegal activity that cyber criminals would do well to avoid if they wish to evade scrutiny by international law enforcement. Without spending too much time digging, we were able to uncover approximately 2,400 sites seized during law enforcement efforts in recent years.
These sites are easy to spot because they feature a prominent message that the site was seized by United States or European law enforcement. Most have a message such as, “this domain name has been seized by ICE – Homeland Security Investigations” or “This domain name has been seized through Operation In Our Sites” in the page title. Many redirect the visitor to this video produced by Immigration and Customs Enforcement.
Digging Into the Data
More than 80 percent of the sites are from the .com top level Domain: A specified location where a set of activity or knowledge exists. For instance, an Internet domain is synonymous with a website address or URL where information can be made available. LookingGlass Cyber (n) - A fancy name for a URL or website. (TLD). Other patterns that emerged based on the domain names on the list:
|Number of Domain Names (approximate)||Counterfeit Products||Examples|
|140||Beats By Dre headphones||beatsbydre-greenmonday.com
|110||Louis Vuitton apparel||especiallouisvuittonoutlets.com
You can download a list of the domain names related to the seized sites here.
An image from the Youtube video produced by US Immigration and Customs Enforcement
Data that Fuels Research
This is the type of data that ignites the curiosity of a good analyst. Questions that arise with review of such data include:
- Is federal law enforcement very good at taking down many small websites selling counterfeit apparel, or able to make a bigger impact by taking down a common actor responsible for many websites selling counterfeit sports apparel?
- Is there a particular emphasis on counterfeit sports apparel by ICE’s National Intellectual Property Rights Coordination Center (IPR) in Operation In Our Sites?
- Is the IPR especially effective in taking down sites in the .com TLD versus other TLDs, as reported earlier?
- Are online pharmacies becoming less of a concern, or are previous efforts to crack down on them paying off?
It’s worth noting that there may be many sites out there which do not advertise that they were seized by federal law enforcement, so the trends described above may only apply to a subset of their successes.
What Matters to Your Business in 2015?
As you plan your information or physical security programs for 2015, feel free to conduct similar research using our Cyber Threat Center. Free trials are available for your team. We’d love to help you understand the threats facing your organization so you can better mitigate the risks.
The Cyveillance Threat Center was designed for security, risk, and compliance professionals in mind, so it has the tools your analysts need to reclaim their primary role analyzing Threat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations understand the risks common and severe external threats, used to inform decisions regarding the subject’s response. LookingGlass Cyber (n) - Actionable, relevant, and timely information that can help when assessing the security posture of an organization. A little more left. No no, that’s now too far..., not collecting data. Find out what OSINT can tell you about a threat actor, how to determine if your business should be using an OSINT platform, and how to get a free trial of the Cyveillance Cyber Threat Center