An ever-growing treasure trove of electronic data has attracted a new breed of criminals. They work behind computer screens, not with guns, and steal information that they use or sell.
Domestic cyber thieves sometimes are stereotyped as brilliant but socially awkward people. In reality, advances in technology and the potential profits of cybercrime have opened the field to anyone – and to groups from anywhere in the world – with basic computing skills. A lack of a conscience might be necessary, but social skills are optional.
Large-scale cybercrime is a consequence of the digitization of massive amounts of personal and business information. That’s been going on since the 1990s, notes ID Experts, a company that provides data-breach and identity-protection services.
A secondary factor fueling growth of cybercrime is the Dark Web, an enormous network of limited-access sites in which everything from child pornography and drugs to hacking tools and stolen data can be bought and sold anonymously, reports ID Experts.
The Dark Web lurks below areas often referred to as the Deep Web and the Surface Web.
The Surface Web is the part of the Internet that is indexed by search engines such as Google and Bing. The Deb Web generally refers to an unindexed area of the web in which information with special addresses, such as medical records and legal documents, might be stored.
Accessing the Dark Web requires special browsing capability, but that’s not a big obstacle. The software the access the Dark Web can be accessed online and downloaded at no cost.
“The Dark Web hosts a worldwide marketplace of illicit goods and services, most of which are paid for in Bitcoin, the preferred currency of the black market,” ID Experts says.
I recently toured the Dark Web by way of a webinar hosted by SBS CyberSecurity, a consultant company based in Madison, S.D., that assists banks and other businesses. The company, formerly known as Secure Banking Solutions, recently changed its name.
The SBS webinar was a fascinating but unsettling experience.
“I’ll do anything for money,” one hacker-for-hire advertises. “If you want me to destroy some business or a persons (sic) life, I’ll do it!”
Shopping the Dark Web is like shopping popular sites on the Surface Web. The Dark Web includes features such as virtual shopping carts and payment options. Sometimes products are listed out of stock. The day I browsed with SBS, one supply site indicated it was out of cocaine.
As ID Experts points out, the Dark Web also has its own communications network. It includes advertising, customer reviews and online news publications. I checked out a recent edition of DeepDotWeb, a publication accessible on the Surface Web that reports news and trends from the Dark Web.
Breaking news in DeepDotWeb included a story about $200 million in financial data being sold for $600. Another story reported that two Germans had been caught paying with counterfeit Euros. A column of “Must Reads” included links to “An Updated List of Dark Net Markets” and an apparent primer on “How to Buy Drugs Online.”
The Dark Web, which started as a government project, has evolved into a series of encrypted, interconnected, hard-to-trace networks that protect users’ identification and location. The reality that the black market has become so easily accessible and so mainstream in its style is troubling. It might be of some comfort to know that law-enforcement agencies also are on the Dark Web, and they occasionally make busts.
To help legitimate businesses, Buzz Hillestad, a security consultant featured on the SBS webinar tour, pointed out that there is no legitimate, worked-related reason for employees at most companies to have Dark Web browser protocols loaded on their computers. He and Nick Podhradsky, an executive with SBS, encouraged businesses to block all TOR and 12P protocol traffic coming out of their firewalls.
In addition, security personnel should be alerted to any traffic from those protocols, which often are used by cybercriminals to access the Dark Web and transport ransomware and other malware to victims.
Knowledge is power. But hacker tactics and tools evolve, so there is no end game for businesses protecting their networks, Hillestad said.
“Keep fighting the good fight,” he said.
SDN Communications, the host of this blog, is a leading regional provider of broadband connectivity, cybersecurity services and other telecommunications solutions for businesses.
SDN encourages businesses to invest the necessary time and resources to improve cybersecurity. We have a free guide for you to get started - Cybersecurity Starts With The Basics - a booklet that walks you through nine steps to secure your business. Request a fee copy using the button below.