The dark web is renowned for being the leading marketplace for all kinds of dirty deals, with stolen data being among the most coveted of purchases.
Dark web market browsers are by no means immune to cyber threats themselves, as seen last year when a malicious version of the privacy-focused Tor Browser was deployed to steal $40,000 from dark web shoppers. In short, the dark web is the ultimate industry of anything illegal.
Still, it’s worth noting that the dark web doesn’t always entail malicious activity. Last year, the BBC launched on Tor, joining the New York Times and Facebook, who already have a presence on the dark web. For organisations like these, the dark web can be useful for reaching audiences in selected geographies with restricted freedom of speech.
Nonetheless, illegal activity remains rampant; beyond physical goods, criminals have got their sights set on anything that can be traded for profit — so data theft is on the rise from login details, credit card information, identifiable employee information to intellectual property and beyond. To exacerbate the issue, ransomware-as-a-service (RaaS) is immensely popular, opening up access to cybercrime to those who lack computing skills – more on this later.
Some myth-busting is warranted to better understand the dark web, so let’s take a look to see what actionable lessons we can learn on how to identify risks early, doing so will help arm businesses to better mitigate issues before they escalate in the event that they should find their data compromised on the dark web.
What’s in a name?
In popular culture, the dark web is sometimes also called the ‘deep web’. In real life, the dark web is only part of the deep web, otherwise known as the invisible web, whose contents are not indexed by standard search engines. This is what differentiates the deep web from the ‘surface web’ — otherwise known as the regular World Wide Web, where websites are indexed and easy to find for the average person.
While the World Wide Web is what most people assume is the vast majority of content online, as this is only the part that is easily found by robots or search engines. The indexed part of the web, according to estimates, accounts for only five percent of the web. Countless sites can only be found with a direct URL, rendering them inaccessible to the general public.
Do only crooks use the dark web?
As touched upon earlier, much dark web traffic is taken up by illegal activities, such as selling prohibited drugs, weapons, illegal porn, and fake IDs. Buying and selling stolen data is also prolific, along with RaaS. This is the preferred marketplace for nefarious programmers to sell their malware for a fixed sum or profit share — which means just about anyone can carry out a cyberattack on unsuspecting businesses and citizens.
However, certain collectives need the dark web for legitimate reasons, deemed only illegal in select places, such as investigative journalists and whistleblowers. This is also a place for citizens resisting a totalistic regime to share their thoughts and have their voices heard.
The dark web dictates a special browser
There are myriad methods of restricting access to dark web resources. Typically, a login is needed to access the clandestine site a person is seeking. However, in most cases, a VPN, proxy, anonymised network, or similar service will also be required.
For sites with a .onion domain, a Tor browser is required for access. This browser protects privacy and anonymity by encrypting end-to-end traffic from the websites visited by using a proxy. In terms of the user experience, the browser is similar to Firefox. It’s how Tor connects that makes it different. Tor can also be used on the surface web; which people often do to preserve their privacy.
Why businesses should care
It’s understandable for business leaders to think that the dark web might bear little relevance to them – presuming their trade isn’t in illegal arms, narcotics, or similar. Unfortunately, this is not the case. The dark web presents and ever-present danger as it is the place where cybercrime is for sale to the highest bidder (and often many lower bidders), with RaaS proving one of the most popular packages.
Unlike standard ransomware, RaaS requires no computing skills from the malicious actor to launch an attack, as the delivery model is comparable to a monthly subscription service – like a Netflix nightmare. RaaS has grown in popularity, moving beyond targeting individuals by increasingly attacking companies of all sizes, having started with SMEs and now aiming for larger enterprises as well.
This method creates a mutually beneficial outcome for both the malware author and malevolent purchaser. On New Year’s Eve, Travelex illustrated only all too well the damage that can be done should a business suffer a ransomware attack.
Now, in our digital world, every business is a digital business – even brick and mortar stores use email and cloud storage. So, to protect themselves, businesses must be vigilant in learning how to protect themselves from attacks and recover quickly in the event that they are targeted.
While at one time, it seemed businesses could take a risk and the odds were with them that they wouldn’t be targeted, today this is no longer the case. Every business must be prepared in the event that they too, become the target of one of these attacks.