Magomed Alikhanov Biography

Classmates Pocket Deephound belongs to the rare type of startups who do not want to know a lot about them. The platform for searching for the dark part of the Internet that is not indexed by other search engines was created in the year by Magomed Alikhanov and Alexei Avramenko, as well as a team of programmers who worked in the field of cybersecurity.

Alikhanov himself, the former top manager of the large Russian companies Renova, Vimpelcom, Renaissance Group, has repeatedly encountered fraud in the financial sector and decided to create a technology that can monitor and prevent cyberosis in this industry. Currently, DeepHound is used by three banks, one of which is included in the “big four” of Britain banks. Do you think we need great publicity?

You will not find about DeepHound information on the Internet. The less they know about us, the better. This is an open Internet, that is, what we see: a variety of sites, social networks, “Wikipedia” and much more. Half of it is occupied by Deep Web's dipweb - approx. Rusbase available but not indexed by search engines sites, as well as pages where you can only get using a password.

The lower part of the Internet-firing is Dark Web or Darknet-approx. They go there already using special programs, for example, Tor. Communication in the Darknet implies complete anonymity. Scheme of the shadow Internet. Slide from the presentation of Deephound - Who can use the darknet? Basically, these are technically savvy people who can use the desired software.

According to American data, in the world 40 million users of Darknet. I think that in Russia, the account goes on tens of thousands according to Tor Metrics, in Russia about thousands of people are currently using TOR, while only part of them visits Darknet with the help of it - approx. Due to the fact that in the Darknet everything happens anonymously, it turned into a platform to communicate and make various transactions between cybercriminals and scammers.

Kalashnikov assault rifles, Glock pistols, ammunition are not isolated cases, but well -formed black markets. We saw many forums where they sell drugs. Then another spectacle. The problem of crime in Darknet is dealt with by all leading countries. Leaders in this area are the USA and Israel. In these countries, there are several search projects in a darknet. In the States, this is Flashpoint and Palantir.

The latter, as far as I know, played a key role in capturing terrorists. The Israelites have Sixgill. All the projects we heard about-for example, tried to do something in Skolkovo-turned out to be dummies. Perhaps there is some kind of search among special services. We have not heard anything about him. Since we specialize in financial cybersecurity, the search mainly applies to the banking sector - we can warn the bank about the most relevant external threats, for example, information leak.

Deephound interface - Explain how it works. And confidential data on customers, payments, accounts, credit card numbers flowed out. All this information can be sold in a darknet. Her buyers are hackers who need to know exactly who to attack, so as not to poke a finger into the sky. Deephound's task is to collect statistics, scoring threats, analyze them and notify the client.

Something is not believed that someone in the Darknet writes: “I will sell Sberbank data. Call such a number. Kolya ” - of course, fraudsters do not communicate in the usual language. There are no fools there, these guys are very high. They have a special terminology and encryption, so that if it suddenly comes to trial, it was impossible to prove anything. This is the essence of our search - to understand that the threat applies to this particular bank, even if its name is not mentioned, and the authors of all ads are anonymous.

When financial frauds are planned for millions of dollars, criminals do not sit together in a cafe, racking their heads, how to turn out the matter, but work from different countries. Their roles are distributed: there are performers, customers, intermediaries, and even financial guarantors. When planning an attack, they are looking for a person who will tell where the bank's vulnerability point is.

That is, a bank security officer or just a person from the inside. In many banks, the biggest threat is associated with the threat of an insider. There is also a list of vulnerabilities of various banks in terms of cybersecurity. In our archive, there are now 12 million notes related to the most diverse threats in the banking sector in Russia. This is data on money laundering, insider, selling duplicate cards of leading banks and much more.

In other words, we know about many threats - both yesterday and tomorrow. In our portfolio - several Russian and foreign projects, including a company that is engaged in the production of renewable energy. At some point, we decided that we also wanted to attach a hand to the creation of a startup. I was lucky with my partner with Alexei Avramenko, a former top manager of the largest state-owned company, who for many years of his career was engaged in serious developments in the field of cybersecurity.I think that today Alexei is one of the most advanced and informed people in this area in the country.

Magomed Alikhanov Biography

When we met and began to communicate, they began to think what we could do together. It was important for us that the project was innovative, technological and solved fundamental problems that are relevant anywhere in the world. We understood that there are many problems related to Frod from English. Fraud - Fraud - approx. Rusbase that financial frauds can be internal and external and that the damage from them is only growing.

Here is the figure: according to official American data, the losses of banking business in the United States due to cyber abuse amounted to more than billion dollars in the year. In the States, the law makes banks report. We have this gray zone. What are they going to? But this interest is 25 - the main problem is that the existing approaches do not give the proper effect.

The market leader in terms of fighting Frod is the American company SAS, but it is only responsible for the internal perimeter. Group-Ib helps to investigate cyber abuse, it has competencies, specialists and laboratories. No one has a platform that automatically allows you to monitor threats related to individual banks. This is machine learning, and a system of hidden monitoring and data processing.

In individual pieces of information that DeepHound finds on the open Internet, Dipweba and Darknet, we collect a certain puzzle. This is not easy and requires a lot of serious programming. The search engine collects information automatically, by keywords. At the same time, he should not give out himself - we must also protect ourselves from hackers. Magomed Alikhanov, photo: Masha Parfitt - in the book “Girl with Dragon Tattoo” there is an episode when a hacker makes a detailed dossier on Bloomquist’s journalist - “digs” before his personal correspondence and files in hidden folders in a laptop.

Do you know how to make such a "dossier"? If we ourselves are fighting scammers, we cannot fall to their level. Firstly, any hacking will still become known about any hacking, and our reputation will be spoiled forever. Secondly, believe me, you can also find a lot of interesting things on a public Internet. By pressing one button, special algorithms look for user profiles in social networks, build a social graph of a person, analyze his behavior, and so on.

But how are you looking for in a darkn, where everyone is sitting under fictional nicknames? Deephound can compare user behavior and compare the smallest similarities. I can’t tell all the technology, as we calculate scammers. There are many subtleties. Sometimes the bank itself can help us - if a person is already under suspicion, they can tell us, for example, at what time the employee was on vacation.

This greatly facilitates the search, and with a probability of 95 percent we can calculate a person by dates and movements. I can’t name them because of the confidentiality agreement according to Rusbase, a foreign client is included in the “big four” of Britain banks. We also cannot assess the damage that these two employees caused, since we simply do not see the numbers. In general, we have a case for every large Russian bank - in the form of a layout of threats that exist for each of them.

We show this data to the top managers of banks during meetings when we agree on cooperation. Some bank managers grab their heads. Our task is to warn the bank about the most critical threats for their business. In simple words, we inform customers that at such and such a time and on such an area, the people who want to rob them will gather. Our platform sees all the logic and mechanisms and with a high probability can prevent processes related to money laundering and carding.

Have you heard about stories when the data of credit cards merge, after which scammers withdraw money? Deephound is able to prevent it. We set up the system, looked for threats relevant for them, showed statistics.