In most dark web vendor busts, the vendors are identified not due to complex LE investigations, but because they fail in basic OPSEC.

In a typical vendor bust, the investigators make undercover purchases, conduct surveillance at the post office the drugs were mailed from, and identify the sender who in most cases turns out to be the vendor. The investigators almost always track the bitcoin to the vendor's account at a crypto exchange. In some cases, the vendors are so sloppy that their identities are uncovered without the undercover purchases.

Let's take a look at some vendors whose operations were characterized by bad OPSEC [...]

Operations Security

What is OPSEC?

Operations Security, or OPSEC, OPSEC is about minimizing attack surfaces and single points of failure through proper habits and policies. It's a systematic and proven process that we can use to deny adversaries information they need to do us harm or interrupt our plans. It's also a mindset that can be applied to any mission or plan.

Although the term originated in the military, OPSEC is now used for so much more. This includes law enforcement, computer and network security, home safety, travel, and so much more.

OPSEC isn't a list of rules, and it's not as simple as using a VPN and keeping your mouth shut. It includes elements of INFOSEC, APPSEC, NETSEC, COMSEC[TRANSEC/SIGSEC/EMSEC], PHYSEC[PERSEC], and (CO)INTEL.

THE OPSEC PROCESS

Identify the information you need to protect
Analyze the threats
Analyze your vulnerabilities
Assess the risk
Apply countermeasures

Understand your own risk/threat model: Who is your adversary? What needs protecting?

The OPSEC Two-Step: Know what to protect and know how to protect it.

Created December 10, 2020

Subscribe via RSS

Epic Cases of Costly OPSEC Failures

Comments