Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
A Darkwebathon Journey
My Darkwebathon journey started in December 2021. It was the first time that the Anti-Human Trafficking Intelligence Initiative (ATII) had conducted a global CTF. The event was for a worthwhile cause. 400+ participants among 56 teams joined the virtual fight against various real-world criminal entities. ATII launched their own dark web intelligence monitoring tool during the competition, which helped us track these criminals. I’d like to share more about my experience in the hopes that others might see the value of applying intelligence work to special events that help solve real, global problems.
If you’re interested in all of the different types of events– including threat intelligence focused activities – here is an overview of the ATII event challenges from the past 3 years:
One fruitful aspect of the event was the free use of new tooling. ATII provided training related to sponsor-related tools, which we could access for a limited time. Their platform had a large dataset with selectors, crypto addresses, graphs, screenshots, image hashes and more. At the 2023 conference I attended, we also leveraged tools like DarkOwl and SOSIntel, which are dark and clear web data scraper tools allowing users to find important intel. We also used DarkBlue to pivot intelligence data and store snapshots of crawl data pages with historic versions. Plus, the cryptocurrency forensic investigation tool, Qlue, provided intelligence on whether the specific crypto addresses were risky, suspicious or good and when the transactions happened.
During my 2021 Darkwebathon experience, my team started the investigation with a single email ID and an image hash data set. Our goal was to complete an intelligence report in 2 days. Using the platform's dataset and sponsored tools, my team found various information about the threat actor – including a phone number, crypto addresses, a website, and social media. Sponsors provided challenge winners with prizes that included tool licenses and course memberships for up to a year. My team secured 2nd place in this event, and I won the Cryptocurrency Challenge Award.
I learned about even more tools and strategies during the 2023 Darkwebathon. My team used the data scrapers tools to find threat actor data. We also used open-source databases like Google, Virustotal, and Whois to track pivot intel, like contact information and social media and WhatsApp accounts. I researched the concept of pig butchering scams and created a detailed report on it. Our team successfully submitted 19 different reports that were hundreds of pages in length. I secured the first-place prize for the cryptocurrency challenge, and my team earned 2nd place in the OSINT challenge.
Below are my some Maltego graphs I created during the 2023 Darkwebathon:
Below are my 2022 Maltego graphs:
The Darkwebathon was a fantastic event! Unlike most CTFs, all participants worked with real human trafficking-related data collected from the dark web. This type of event is extremely useful in understanding dark web activities and gaining insights about threat actors. One main takeaway from these events is that by using appropriate methods and tools, we can avoid the risk of exposure. This event gives the entire infosec community the opportunity to gain hands-on practice and training using helpful tools.
Learn more about ATII and the Darkwebathon from the following ref links:
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Let us know what you need, and we will have an Optiv professional contact you shortly.