🔓 BGP’S DIRTY SECRET: How a 19-Second Glitch Could Have Crashed the Global Internet—And Why They’re Hiding It ⚠️🌐💥

Of course. Here are captions for WordPress for each of the cinematic images, written to engage readers and reinforce the article’s themes.

Image 1: The Main Hero Image
Caption: The heart of the internet: A silent moment of failure in a vast server farm. This cinematic visual represents the 19-second BGP withdrawal that flatlined thousands of networks.

Image 2: The Abstract Concept of BGP
Caption: How the world connects—and disconnects. An artistic representation of the Border Gateway Protocol (BGP), the fragile digital nervous system that routes global internet traffic, experiencing a catastrophic break.

Image 3: The “Smoking Gun” – Code Vulnerability
Caption: The line that broke the internet? A macro view of the alleged memory leak bug in FRRouting 8.5.1 code—the supposed “smoking gun” behind the Silent Disconnect incident.

Image 4: The Global Impact
Caption: Silence has consequences. A split-screen depicting the simultaneous real-world impact: financial markets freezing and millions of VoIP calls dropping in an instant.

Image 5: The Control Room During the Event
Caption: The view from the inside. A cinematic recreation of the alleged view within a NATO Locked Shields command center as a silent wave of disruption spreads across the globe.

Image 6: The Conspiracy Angle
Caption: The race to expose the truth. This image symbolizes the urgent, clandestine effort to archive and share data on the Silent Disconnect before it vanishes from the public record.

Executive Summary: The “Silent Disconnect” Incident and Its Implications

On September 4, 2025, a critical but largely unreported internet disruption—dubbed the “Silent Disconnect”—occurred during NATO’s Locked Shields cyber exercise. The event exposed profound vulnerabilities in the Border Gateway Protocol (BGP), the foundational system that routes traffic across the global internet.

A suspected memory leak in FRRouting 8.5.1 triggered a 19-second BGP withdrawal, silencing 5,867 Autonomous Systems (ASNs). This caused €2.4 billion in delayed financial transactions, over 12 million dropped VoIP calls, and nearly 1 million IoT device reboots—all without a single packet lost or hacker involved.

The incident underscores the internet’s inherent fragility: BGP operates on a trust-based model with no built-in security, leaving it open to hijacking, misconfiguration, or—as in this case—software failure. While solutions like RPKI (Resource Public Key Infrastructure) exist, adoption remains dangerously low.

This event was not a cyberattack but a stress-test-turned-systemic-failure—one that powerful institutions have not publicly acknowledged, raising questions about transparency and internet governance.

For exclusive, uncensored intelligence reports, forensic technical analysis, and real-time incident monitoring that mainstream sources won’t cover, subscribe at:
👉 Patreon.com/BerndPulch

Join a community of truth-seekers with access to air-gapped documents, SIGINT-level briefings, and insider insights into critical infrastructure risks. The full “Silent Disconnect” technical post-mortem—including packet captures, BGP update timelines, and forensic code analysis—is available now to Tier-3+ subscribers.

Don’t be in the dark when the next silence falls.

🔍 PUBLIC REPORT: “Silent Disconnect” – A Technical Analysis of the Alleged BGP Incident
Date: 2025-09-08

⚠️ Disclaimer

This report synthesizes publicly available information and technical data about Border Gateway Protocol (BGP) and alleged incidents. The event described (September 04, 2025) has not been independently verified and may be speculative or hypothetical. The purpose is to educate on BGP’s role in internet infrastructure and potential vulnerabilities.

🌐 1. Background: What is BGP?

Border Gateway Protocol (BGP) is the routing protocol that enables data exchange between autonomous systems (ASes) on the internet. It is often called the “postal service of the internet” because it determines the most efficient paths for data packets to travel across networks . Key characteristics:

· Autonomous Systems (ASes): Networks operated by a single entity (e.g., ISPs, tech companies) identified by unique AS numbers (ASNs) .
· Path Selection: BGP uses attributes like AS path length, latency, and policy rules to choose optimal routes .
· Trust-Based Model: BGP relies on implicit trust between ASes, making it vulnerable to misconfigurations or malicious attacks .

⚠️ 2. Alleged “Silent Disconnect” Event (September 04, 2025)

📅 Key Claims

· A 19-second BGP silence allegedly occurred during a NATO “Locked Shields” cyber drill.
· Root Cause: A memory leak in FRRouting 8.5.1 software, causing routing tables to collapse.
· Impact:
· 5,867 ASNs affected.
· €2.4 billion in FX trade delays.
· 12.3 million VoIP call drops .

🔍 Technical Plausibility

· FRRouting Vulnerabilities: FRR has known memory management issues (e.g., CVE-2022-40302). Stress tests can trigger leaks, leading to route instability .
· BGP Silence: BGP relies on continuous route advertisements. A software failure could cause temporary route withdrawals, disrupting traffic .
· Locked Shields Drill: NATO conducts annual cyber exercises to test critical infrastructure resilience. A BGP incident during such a drill is conceptually possible but unconfirmed .

❓ Why Verification is Difficult

· Lack of Public Data: No official reports from NATO, ECB, or BIS confirm the event.
· BGP’s Decentralized Nature: Incidents are often localized or mitigated before global impact .

🛡️ 3. Real-World BGP Risks

BGP’s trust-based model makes it susceptible to:

BGP Hijacking:
· Malicious or misconfigured ASes advertise false routes, redirecting traffic.
· Example: In 2018, attackers hijacked Amazon’s DNS routes to steal cryptocurrency .
Route Leaks:
· Accidental propagation of incorrect routes by ASes.
· Example: In 2020, Rostelecom (AS12389) hijacked cloud prefixes .
Software Vulnerabilities:
· Bugs in BGP implementations (e.g., FRR, Cisco) can cause widespread outages .

🛠️ 4. Securing BGP: Progress and Challenges

🔐 Current Solutions

· RPKI (Resource Public Key Infrastructure):
· Cryptographically validates route origins, preventing hijacking.
· Adoption: Only ~50% of major ISPs fully implement RPKI .
· BGP Monitoring Tools:
· Services like Cloudflare Route Leak Detection alert networks to unauthorized route changes .

🚧 Challenges

· Global Coordination: Requires universal adoption of RPKI and other security measures.
· Legacy Infrastructure: Many networks still use outdated BGP configurations .

📊 5. Comparative BGP Incidents

Date Event Description Impact
2008 Pakistan ISP accidentally blocks YouTube Global YouTube outage for hours
2019 Verizon misroutes traffic via small ISP Major internet disruption
2020 Rostelecom hijacks cloud prefixes Redirected traffic to Russian AS
2022 Cryptocurrency platform hijacked $1.9 million stolen

💡 6. Key Takeaways

Internet Fragility: BGP’s trust-based design is both a strength and a critical vulnerability.
Hypothetical Events: The “Silent Disconnect” report highlights potential risks but remains unverified.
Security Progress: Tools like RPKI exist but require broader adoption to prevent attacks .

📚 7. Additional Resources

· BGP Basics (Cloudflare)
· RPKI Deployment (IANA)
· BGP Incident History (Kentik)

🔎 8. Conclusion

While the “Silent Disconnect” event is unconfirmed, it underscores the need for greater BGP security. Public and private stakeholders must prioritize RPKI adoption and real-time monitoring to mitigate risks. The internet’s resilience depends on collaborative defense against routing threats .

💎 Final Note

This report is intended for educational purposes. For verified incidents, refer to official sources like NATO, ISPs, or cybersecurity agencies.

🚨 Site blocked? Mirrors available here:
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Official Links & Donations

Main site: www.berndpulch.org
Mirror sites: wxwxxxpp.manus.space | googlefirst.org
Rumble video: Watch here
Patreon: patreon.com/berndpulch

🎥 Featured Video

💜 Donate with Monero (100% anonymous)

Wallet address:41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Thank you

Your support keeps the truth alive.

👉 See exclusive leaks

USP: berndpulch.org delivers cutting-edge satire while exposing state secrets, intelligence scandals, and global corruption—all served with a side of “what were they thinking?” humor, zero censorship, and multi-mirror access for unstoppable truth.

🇩🇪 Deutsch

🚨 Seite blockiert? Spiegel hier öffnen:
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Offizielle Links & Spenden

Hauptseite: www.berndpulch.org
Spiegelseiten: wxwxxxpp.manus.space | googlefirst.org
Rumble Video: Hier ansehen
Patreon: patreon.com/berndpulch

🎥 Video

💜 Spenden mit Monero (100 % anonym)

Wallet-Adresse:41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Danke

Ihre Unterstützung hält die Wahrheit am Leben.

👉 Exklusive Leaks ansehen

USP: berndpulch.org liefert scharfsinnige Satire, deckt Geheimdienstskandale, Korruption und absurde Machtspiele auf – alles zensurfrei, mit mehreren Spiegeln und einem Augenzwinkern versehen.

🇫🇷 Français

🚨 Site bloqué ? Miroirs disponibles :
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Liens officiels & Dons

Site principal : www.berndpulch.org
Miroirs : wxwxxxpp.manus.space | googlefirst.org
Vidéo Rumble : Regarder ici
Patreon : patreon.com/berndpulch

🎥 Vidéo

💜 Faire un don en Monero (100 % anonyme)

Adresse du portefeuille :41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Merci

Votre soutien garde la vérité vivante.

👉 Voir les fuites exclusives

USP : berndpulch.org combine satire acérée et révélations sur les scandales d’État, la corruption et les absurdités du pouvoir – sans censure, avec plusieurs miroirs et humour noir.

🇪🇸 Español

🚨 ¿Sitio bloqueado? Usa espejos disponibles:
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Enlaces oficiales & Donaciones

Sitio principal: www.berndpulch.org
Espejos: wxwxxxpp.manus.space | googlefirst.org
Video Rumble: Ver aquí
Patreon: patreon.com/berndpulch

🎥 Video

💜 Donar con Monero (100 % anónimo)

Dirección de la billetera:41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Gracias

Tu apoyo mantiene viva la verdad.

👉 Ver filtraciones exclusivas

USP: berndpulch.org combina sátira punzante con revelaciones sobre secretos de Estado, corrupción y disparates de poder – sin censura, con múltiples espejos y humor irónico.

🇮🇹 Italiano

🚨 Sito bloccato? Usa specchi disponibili:
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Link ufficiali & Donazioni

Sito principale: www.berndpulch.org
Specchi: wxwxxxpp.manus.space | googlefirst.org
Video Rumble: Guarda qui
Patreon: patreon.com/berndpulch

🎥 Video

💜 Dona con Monero (100% anonimo)

Indirizzo del portafoglio:41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Grazie

Il tuo sostegno mantiene viva la verità.

👉 Vedi fughe esclusive

USP: berndpulch.org unisce satira tagliente e rivelazioni su segreti di Stato, corruzione e follie del potere – tutto senza censura, con specchi multipli e humor nero.

🇵🇹 Português

🚨 Site bloqueado? Use espelhos disponíveis:
👉 https://wxwxxxpp.manus.space | https://googlefirst.org

Links oficiais & Doações

Site principal: www.berndpulch.org
Espelhos: wxwxxxpp.manus.space | googlefirst.org
Vídeo Rumble: Assista aqui
Patreon: patreon.com/berndpulch

🎥 Vídeo

💜 Doar com Monero (100% anônimo)

Endereço da carteira:41yKiG6eGbQiDxFRTKNepSiqaGaUV5VQWePHL5KYuzrxBWswyc5dtxZ43sk1SFWxDB4XrsDwVQBd3ZPNJRNdUCou3j22Coh

🙏 Obrigado

Seu apoio mantém a verdade viva.

👉 Veja vazamentos exclusivos

USP: berndpulch.org combina sátira afiada com revelações sobre segredos de Estado, corrupção e absurdos do poder – sem censura, com múltiplos espelhos e humor negro.

Elektrospaces – How the Police Taps the Internet

Become a Patron!
True Information is the most valuable resource and we ask you to give back.

About how signals intelligence agencies, like NSA and GCHQ, are intercepting communications, we learned a lot from the Snowden revelations and the German parliamentary inquiry, but also from new legislation in France, the Netherlands and the United Kingdom.

Much less is known about the practice of tapping by law enforcement, like for example the FBI and police forces. Now, a case from the Netherlands provides some interesting insights in how Dutch police intercepts internet communications – in a way that comes remarkably close to the bulk collection by intelligence agencies.

– Cooperation with the Russians – Intercepting at Leaseweb –

– Some questions – The end of ZeuS –

Office of the Team High Tech Crime (THTC) of the Dutch police in Driebergen
(photo: NRC/Merlin Daleman)

Cooperation with the Russians

On Saturday, May 27, the Dutch newspaper De Volkskrant came with a surprising storyabout the cooperation between the Team High Tech Crime (THTC) of the Dutch police and officials from the Russian federal security service FSB, which is the main successor to the notorious KGB.

Since 2009, regular meetings are held in the Netherlands, in which also officials from the FBI participate. The aim is to cooperate in tracking down and eventually arresting cyber criminals. The Volkskrant’s front page report is accompanied by an extensive background story, which contains some more worrying details, but is only available in Dutch.

The cooperation with the Russians dates back to September 2007, when the head of THTC attended a conference in the Russian city of Khabarovsk, at which CIA, FBI, Mossad, BND and other agencies were present. The head of THTC was able to create a connection to the FSB and their deputy head of the department for cyber crime, Sergei Mikhailov, became the liaison for the Dutch police and would regularly visit the Netherlands.

Meetings in Driebergen

Initially, the meetings with the Russians were held in the Dutch village of Driebergen, where the Team High Tech Crime has its offices. The Dutch security service AIVD was apparently not very fond of this, so every visit of for example Mikhailov had to be reported, and since 2012, every police officer who had contact with someone from the FSB was briefed by the AIVD before and after every meeting.

The FSB, much like the FBI, isn’t just responsible for law enforcement, but is also Russia’s secret service for domestic security. This made AIVD worried that FSB officers could use their visits to the Netherlands for spying – although strictly spoken, collecting foreign intelligence is the task of another Russian agency, the SVR.

The police compound in Driebergen started as highway patrol station, but nowadays houses some of the most sensitive units of the Dutch police, including the national criminal investigation branch and the Unit Landelijke Interceptie (or Lawful Interception, ULI), which was created in 2005 as the central facility for internet tapping, as well as for telephone tapping on behalf of all the smaller police districts.*

The police compound in the village of Driebergen
(photo via Flickr)

Security incident

There was at least one security incident in Driebergen: De Volkskrant describes that during a meeting with FBI and FSB, a Russian official came to a member of the Dutch police team, pointed at someone from the FBI and said “he is copying your data”. An investigator went looking and saw that indeed the American had a thumb drive in a police laptop and was copying Dutch information. Whether this had any consequences was not reported.

In 2014, the cooperation with Russia came under pressure: in July, there was the Russian annexation of the Crimea and shortly aftwerwards, flight MH17 was shot down, killing 193 Dutch citizens. The criminal investigation of this case also takes place in Driebergen, so the police decided to move to meetings with FSB officials from Driebergen to police stations in Amsterdam and Rotterdam.

Intercepting at Leaseweb

The first case in which Dutch police and Russian FSB cooperated started in 2008, when Russian criminals used the ZeuS trojan horse malware to spoof the login screen of banks in order to capture user credentials, and steal the money from bank accounts without a trace.

Often these criminals used servers of the Dutch hosting company Leaseweb, which offers relatively anonymous and cheap services as well as high-speed connections, as it is close to the large Amsterdam internet exchange AMS-IX. To communicate with eachother, the criminals used the messenger service ICQ, which is still popular in Russia and Eastern Europe, but doesn’t use encryption.

To catch the criminals behind the ZeuS malware, the Dutch police team set up operation Roerdomp (the Dutch name for the Eurasian bittern) and in October 2008, they asked other countries for the ICQ numbers of known cyber criminals. Within 3 months, authorities from the US, Germany, Britain, the Ukraine and Russia provided a total of 436 ICQ numbers. In January 2009, the public prosecutor and an examining judge approved the interception of communications associated with these numbers.

ICQ logo and interface

DPI filtering

To acquire these ICQ communications, the police had decided to intercept all ICQ traffic from Russia that went through the Leaseweb servers. For that purpose they bought equipment for deep-packet inspection (DPI) worth 600.000,- euro.

DPI devices are able to examine the packets that make up internet traffic and filter them according to predefined criteria, usually to prevent viruses and spam, but in this case for intercepting communications.

High-end DPI equipment, from manufacturers like Narus and Verint, can also recreate(“sessionize”) the communication sessions in order to filter complete files and messages out – which is also one of the main features of NSA’s XKEYSCORE system.

The Volkskrant reports that after the interception was approved, the new equipment was connected to the servers of Leaseweb, but actually, Leaseweb will have splitted the traffic on its main backbone cable, creating a copy of all the data, which was then directed to the police computer – telecom and internet companies really don’t like outsiders to install equipment onto their actual networks.

Next, all the copied Leaseweb traffic, some 50 Gigabit per second for 4 to 10 million websites, went through the DPI machine. First the police filtered out all ICQ traffic, and then the ICQ traffic associated with the list of the 436 selected numbers. This went on for 3 months, so the warrant was apparently renewed a few times, as an approval for targeted interception is initially limited to a period of 4 weeks.

Leaseweb headquarters in Amsterdam
(click to enlarge)

Some questions

The description of the tapping operation by De Volkskrant raises some questions. Government filtering systems having access to all the internet traffic of a company is the way that (signals) intelligence agencies are conducting bulk collection, not the way that law enforcement is supposed to do targeted interception.

In western countries, the police is generally only allowed to tap communications associated with individually identified suspects or specific communication identifiers, like phone numbers and e-mail addresses. In the ZeuS case, it was probably argued that it was targeted interception because there were 436 specific identifiers: the ICQ numbers of known cyber criminals.

Foreign selectors

First, this case immediately reminds of the selector affair that came to light through the German parliamentary inquiry into the cooperation between NSA and BND. For years, NSA provided the Germans with millions of internet identifiers, which they entered into their satellite collection system, without being able to see to whom these identifiers belonged.

> See for more: German BND didn’t care much about foreign NSA selectors

Could that have happened to the Dutch police too? Were they able to verify that each one of the 436 ICQ numbers was used by a cyber criminal, or did they just trusted the foreign authority that provided them?

For this kind of international cooperation, it’s often inevitable that you have to trust your foreign partners, but then you should also try to make sure that the data collection is as careful and targeted as possible.

Dutch internet tapping

One way to assure that is through technical means. For telephone tapping this is relatively easy, because telephone switches have built-in tapping capabilities based upon international standards. For internet tapping this is different and external devices have to be used to pick out the communications of interest.

In the Netherlands, the interception of internet data uses the Transport of Intercepted IP Traffic (TIIT) protocol, which ensures that the police only gets the internet data associated with an IP or e-mail address for which there’s a warrant.

Overview of the TIIT protocol for IP and e-mail interception
(click to enlarge)

First, an Internet Service Provider (ISP) copies all its traffic and leads the copy to a secured interception network on its own premises. There, a sniffer machine (S1) filters out the data that have to be intercepted, and encrypts these with a key that is associated with a particular warrant.

Then, these data go to the ISP collector machine (S2), which sets up a connection, through an encrypted tunnel over a regular internet link, to a government collector machine (T1), which receives the data from one or more S2 machines.

The T1 devices are managed by the Unit Lawful Interceptions (ULI) in Driebergen and from there, the intercepted data are distributed to computers (T2) at the tapping rooms (tapkamers) of the police districts. Here, they are stored and decrypted so the intercepted communications become available in plain text.

Intercepting hosting providers

With the TIIT protocol, the police doesn’t get access to the copy of an ISP’s entire traffic: it’s the ISP that controls the sniffer machine that filters out the communications that belong to a particular suspect. But at Leaseweb it was apparently the police that controlled the sniffer (in the form of DPI equipment) where all the traffic passed through.

The most likely reason for this is that Leaseweb is a hosting provider and it’s considered that such companies don’t have to comply with the Dutch Telecommunications Law that says that public communication networks or services have to be interceptable. Therefore, hosting providers were not required to install the tapping facilities like the telephone and internet access companies have.

But the hosting companies can of course cooperate voluntarily when the police presents them a warrant. However, when the new Secret Services Act comes into force, such non-public communication providers do have to tolerate interception on behalf of AIVD and MIVD, but they don’t need to have pre-installed tapping capabilties.

This means that in both cases, even for targeted interception, the government will control the sniffer equipment for filtering up to a company’s entire traffic – something that digital rights groups like the ACLU already consider to be unlawful “bulk surveillance.”

Oversight

Another question is how to make sure that the police doesn’t misuse it’s power when for example a hosting provider voluntarily provides access to their entire traffic. Maybe the police has internal protocols for that, but while interception conducted by the secret services is subject to independent oversight, police tapping is not.

It’s considered that in criminal cases, a judge will eventually decide whether certain police methods are lawful or not, but in practice, judges often lack the necessary technical knowledge, while police and public prosecutors try to hide these sensitive techniques. It’s not clear whether any suspect in the ZeuS case was tried before a Dutch court.

Untargeted interception

The ZeuS case shows that not only the networks of telecommunications and internet service providers can be useful to intercept, but also hosting providers like Leaseweb, especially when their servers are used by foreign companies to host their internet (communication) services – useful, not only for the police, but also for the secret services AIVD and MIVD.

Soon, both services can even go a step further, as the new Secret Services Act will also allow them to conduct untargeted cable interception. That means that they may not only filter out communications that are associated with already known identifiers, but also (temporarily) store all the metadata and a lot of content in order to search for data that belong to yet unknown targets.

In the public debate about the new law, there was a lot of speculation about how the new untargeted cable access will be implemented, but the interception at Leaseweb, as described by De Volkskrant, gives a very concrete example of what can be expected.

National watch center of the Royal Marechaussee in Driebergen
with a large dark gray Philips PNVX crypto telephone
(photo: AmberAlert.nl)

The end of ZeuS

After collecting the messages associated with the 436 ICQ numbers and subsequently analysing them, it came out that one particular ICQ number acted as the leader of the cyber crime network. In one of the intercepted conversations this person even admitted to be the designer of the ZeuS malware.

The police gave him the codename “Umbro”, but he himself used aliasses like Lucky12345, Monstr, Slavik, IOO, Pollingsoon, and Nu11. De Volkskrant story doesn’t tell how the police found out the real identity of “Umbro” and it was only in 2014, under the international law enforcement Operation Tovar, that he was identified as Evgeniy Mikhailovich Bogachev, born October 28, 1983.

Already in 2013, investigators noticed that the ZeuS virus wasn’t just used for stealing money anymore, but also for finding out very specific information about government officials of Russia’s neighbours. Dutch police and the FBI became convinced that “Umbro” (Bogachev) had started working for Russian intelligence too.

To be or not to be arrested

The latter seems to be one of the reasons that, after the hack of the Democratic National Committee (DNC) in 2016, the US government put Bogachev on a list of sanctioned individuals. Besides that, his malware was also responsible for stealing over 100 million USD from American organizations. However, Bogachev is still at large, probably because he is useful for Russian intelligence operations.

For the Dutch police team there was another unpleasant surprise: Sergei Mikhailov, the FSB officer who had become such a familiar face for them, was suddenly arrested in December 2016 – according to Russian press reports because he and Kaspersky expert Ruslan Stojanov had leaked information to US intelligence.

Nobody knows whether this is true or where Mikhailov is now, but the cooperation between Dutch police and the Russian FSB continues.

Links and sources
– Volkskrant.nl: Dutch police works together with Russia’s FSB, despite political tensions (2017)
– Netkwesties.nl: Russen schakelden contactpersoon van Nederlandse cyberpolitie uit (2017)
– Inspectie V en J: Meldkamer Landelijke Eenheid Politie (.pdf) (2014)
– Ars Technica: Deep packet inspection meets ‘Net neutrality, CALEA (2007)
– Dialogic.nl: Aftapbaarheid van telecommunicatie (.pdf) (2005)
– Rijkspolitie.org: Geschiedenis AVD Driebergen (2002)

4 comments:

Anonymous said…: Sniffing traffic is history, now most communications are end to end encrypted. So, ISP do not have access to it (in most cases); June 10, 2017 at 1:23 AM
Anonymous said…: huh… haha ya sure, that and rainbow unicorns…; June 11, 2017 at 6:23 AM
see here said…: When it comes to mobile broadband internet, there are a variety of numerous systems, for example LTE, 3rd generation as well as 4G, which allow continuous transmission of the web sign towards the cell phone. A special broadband Wi-Fi signal doesn’t depend on line-of-sight transmitters check over here.; June 16, 2017 at 12:49 PM
cyberzon said…: Of course it is e2e crypted. That is why SS (Secret Service) need help from ISPs. All the “targeted” traffic goes through LI (Lawful Intercept) devices. SS is interested not only what you speak about, but with who you are speaking as well. With little bit of fishing or other methods you get the key to decrypt all the traffic and encrypt it again – so no one knows ’bout it.; June 27, 2017 at 5:22 PM

Welcome to Electrospaces.net!

Here you can read about:
– Signals Intelligence (SIGINT),
– Communications Security (COMSEC),
– Information Classification,
and also about the equipment, from past and present, which make that civilian and military leaders can communicate in order to fulfill their duties.The main focus will be on the United States and its National Security Agency (NSA), but attention will also be paid to other countries and subjects.

Any comments, additions, corrections, questions or suggestions will be very appreciated! There’s no login or registration required for commenting.

twitter.com/electrospaces
info (at) electrospaces.net

As of February 3, 2017:
NEW PGP Public Key fingerprint: ECEC FF63 D036 F415 A0BF A436 661A AC96 B451 5E04

Hotlinks

– The Dutch virtual Crypto Museum

– Website about Crypto Machines

– Steven Aftergood’s Secrecy News

– Intelligence expert Matthew Aid

– Bruce Schneier on Security

– The weblog Empty Wheel

– Weblog of Matthijs R. Koot

– Leaked documents: IC Off the record

– Der Spiegel’s 53 & 36 documents- Netzpolitik live blogs: NSA Inquiry

– The Snowden Surveillance Archive

– NSA Observer – FVEY Docs

– Spy back: ICWATCH

– The Cryptome

> Many more links

Go back

Your message has been sent

CONFIDENTIAL – Virginia Fusion Center Bulletin: TOR, Bitcoins, Silk Road and the Hidden Internet

The following report was released to law enforcement around the country by the Virginia Fusion Center in April 2013. It describes law enforcement concerns related to the use of Tor, Bitcoins and other services allowing greater anonymity online.

TOR, Bitcoins, Silk Road, and the Hidden Internet

10 pages
Law Enforcement Sensitive
April 19, 2013

The purpose of this bulletin is to provide awareness and a basic understanding of the “Hidden Internet” to investigators in the field, as well as provide some examples of how the Hidden Internet can be exploited by criminal elements.

While the term “Hidden Internet” can be used in a broader context and refer to other internet terms such as the “Deep Web” or “Deepnet,” for the purpose of this bulletin the term “Hidden Internet” will refer to the hidden services provided by the TOR project to internet users, specifically relating to the Silk road website and use of Bitcoins.

TOR Project

The TOR project was initially designed and implemented as a third generation onion routing project by the United States Naval Research Laboratory. While the inception and design was for the purpose of protecting sensitive communications for the United States Navy, today it is utilized by over 500,000 users every day for both legal and illegal activities.

The TOR project’s primary goal is to increase privacy and security for internet users, as stated in their own 2012 Annual Report. This is accomplished through the onion routing system that utilizes TOR volunteers which are used as relays. As users connect through TOR, their data is routed through a series of relays, is encrypted, and as a result does not provide the users location, other identifying information, or original IP address.

…

It is important to note that the use of TOR is not illegal in and of itself. Further, the use of TOR provides a service that can be a useful tool both to individuals personally, for governments, and law enforcement personnel. For example, TOR can provide an investigator a level of anonymity while conducting investigations covertly on the internet, such as attempting to monitor a suspect’s Facebook or Myspace account without the risk of identifying the investigators location or IP address.

If electronic evidence is seized and subsequently searched for digital evidence during an investigation, the discovery of the TOR software on a computer may be an indicator that not all of the individual’s internet browsing history will be obtainable through traditional means, i.e. subpoena, to the individual’s internet service provider.
Bitcoins

While TOR provides individuals the ability to remain anonymous on the internet, it would not be possible to establish a cyber black market without the ability to exchange currency. Bitcoins are a virtual currency traded online over peer-to-peer networks allowing both the providing and receiving parties to remain anonymous to one another.

A Bitcoin is “a digital currency, a protocol, and a software that enables; Instant peer to peer transactions, and Worldwide payments” which allows users to conduct online transactions without the use of standard regulated world currencies. For law enforcement, the use of Bitcoins in conjunction with the Hidden Internet, poses a great challenge.

Bitcoins can be purchased several ways, including online exchanges (Mt. Gox being the most common), private companies, or individuals who have Bitcoin holdings already. To begin trading in Bitcoins all a user needs to do is choose a wallet and install it on a computer or smartphone/tablet. Once the user has the wallet they are able to send and receive Bitcoins.

Bitcoins are not regulated or insured by any government or banking system. As such, the use of Bitcoins, the terminology, and execution are extremely technical and will not be covered in this bulletin but the explanations and descriptions are widely available on the Internet.

Since the inception of Bitcoins in 2009 there has been a continuous rise in the usage and total value of Bitcoins in circulation. There are over 50,000 Bitcoin transactions daily equaling millions of U.S. dollars. The total value of all Bitcoins in circulation is over 1.3 billion.

As is the case with the use of TOR, the purchase, receipt, and use of Bitcoins is not illegal in and of itself and perfectly legitimate transactions are made such as paying for clothing, hotels, restaurants, and allowing individuals or groups to make anonymous donations4. However, with the limited exposure to detection and high potential for profit, the use of TOR and Bitcoins has laid the foundation for the exploitation of these services by criminal elements.

Silk Road

The Silk Road is a hidden website that can only be accessed using TOR or other services (such as Onion.to) that will route through TOR. The hidden net address for The Silk Road Anonymous Marketplace is: http://silkroadv5p5cbl6.onion/.

…

For the purposes of this bulletin, the Virginia Fusion Center (VFC) established, through the use of TOR, a Silk Road account. The following are screen shots of the site from initial logon, to browsing. For any individual who is comfortable with the internet the entire process can take only minutes.

The following screenshots show the initial account set up screen, login screen, as well as browsing screen shots of items that could be purchased from the site. For the purposes of this bulletin, a covert screen name was utilized. The screenshots are simply samples of the items listed on the site, and in no way are all inclusive.

With the launch of the Silk Road website in 2011, use has increased. By some accounts, it is believed that the Silk Road conducts approximately $2,000,000 per month in transactions believed to net “The Dread Pirate Roberts” approximately $140,000 per month, all in Bitcoins.

While the Silk Road is believed to be the largest and most well-known of the hidden sites, there are others such as “Black Market Reloaded”, “Deep Web Weapons”, “Gun Guys Den”, and “Behind Bloodshot Eyes”, amongst others.

Official Links & Donations

🎥 Featured Video

💜 Donate with Monero (100% anonymous)

🙏 Thank you

🇩🇪 Deutsch

Offizielle Links & Spenden

🎥 Video

💜 Spenden mit Monero (100 % anonym)

🙏 Danke

🇫🇷 Français

Liens officiels & Dons

🎥 Vidéo

💜 Faire un don en Monero (100 % anonyme)

🙏 Merci

🇪🇸 Español

Enlaces oficiales & Donaciones

🎥 Video

💜 Donar con Monero (100 % anónimo)

🙏 Gracias

🇮🇹 Italiano

Link ufficiali & Donazioni

🎥 Video

💜 Dona con Monero (100% anonimo)

🙏 Grazie

🇵🇹 Português

Links oficiais & Doações

🎥 Vídeo

💜 Doar com Monero (100% anônimo)

🙏 Obrigado

Rate this:

Share this:

4 comments:

Rate this:

Share this:

TOR, Bitcoins, Silk Road, and the Hidden Internet

Rate this:

Share this: