The Dark Side of the Web

By Peter Bernstein February 26, 2016

It may be because of the popularity of horror films, or the Oscar-bound The Revenant, but there are times when you go to the movies and sit there with your eyes covered in anticipation of something gruesome yet at the last minute separate your fingers to watch. Such has been the case with what has been called “The Dark Web” and the emergence of Dark Net Markets (DNMs). 

The latter are the illicit marketplaces for seeming all things illegal that are accessible via the Tor network. In short, legitimate businesses abhor the presence of the places where bad actors conduct what unfortunately is very robust business, and where they like to chatter.  However, they need to separate their fingers and keep their eyes open and focused.  The question is how?

The question of how to understand what is going on with the Dark Web, and use the knowledge gained, is certainly germane.  It will be a hot topic at the 2016 RSA Conference in San Francisco which opens Feb. 29.  It is not only timely, but has complexities. And, if you are looking for grounding on the subject and what to do, a good place to start is two recent reports from security solutions provider Flashpoint.

2015 was a good year for the bad guys 

The first resource of note from Flashpoint is their annual research report, 2015-2016 Highlights & Trends in the Deep and Dark Web. The 30-page report looks at the growing complexity of illicit communities and the industrialization of cybercrime.  It identifies the top five high-risk threats developing in the Deep & Dark Web. The report looks at the growing complexity of illicit communities and the industrialization of cybercrime, and highlights the prolific trends that pose the greatest risk to organizations and their critical assets. 

Here are the five trends identified.

  • Anyone can be a cybercriminal. The barrier to entry for would-be cybercriminals continues to lower, thanks in part to expanding toolsets.
  • Get your drugs here. Drugs are more desirable and accessible through dark net markets than ever before, resulting in 50 percent of all Tor markets offering narcotics.
  • The public domain is the Wild West. With conversations on encryption and privacy entering the political realm, and with no legislature or governance in place to address the use of hidden services, the uptick in Tor and I2P services will continue, as well as the exploitation of these services to conduct illicit and malicious activity.
  • Not the fortune, but the fame. The politically and financially motivated actors are still a threat to all governments, organizations and individuals that don’t line up with their agenda. But another dangerous actor group flourished in 2015 – those motivated by chaos and fame. Their actions and goals are much more challenging to predict. 
  • Cybercrime and terrorism without borders. The internationalization and globalization of cybercrime is inevitable.

May the Force be with you!       

All of the above is scary stuff.  In fact, the granularity of the report would make for the foundation of a nice Hollywood thriller if it were not so factually based.  Indeed, that said, what can organizations do and who can they trust to help them get the knowledge and tools they need to be proactive as well as reactive when dealing with cyber threats?

This is where the second resource comes in. It is another page-turner titled, 10 Reasons You Need Help With Deep & Dark Web Intelligence. As Flashpoint says of the just released report done by IT-Harvest, “it provides background, information, and insight as to why it is difficult and risky for companies to build the internal capability and own the responsibility of gathering meaningful data and intelligence from the Deep & Dark Web.  Successfully mining the Deep & Dark Web requires a powerful combination of human expertise and sophisticated technology built upon years of subject matter knowledge, automated data gathering, and a willingness to take calculated risks.”

Realities are “eyes wide shut” is not longer an option when it comes to keeping track of professional threat actors.  As the report explains,  “Most organizations track mentions of their key executives, products, and company via Google News alerts and frequent searches of Surface Web social media and various paste and data dump sites where cybercriminals often share known exploits or pilfered material. But by the time this material bubbles up to the Surface Web, it has already been discussed, shared, and exploited by malicious communities active in the Deep & Dark Web. Monitoring public paste sites is not sufficient for effective research, and the data that shows up there is usually out of date.”

It then goes on to provide those 10 reasons why you can’t keep track of the bad guys relying solely on your own internal capabilities.  Spoiler alert!  They are going to resonate.

Nobody needs to be reminded of the facts regarding 2015. It was a banner year for those with malicious intent.  There are also the sobering realities that 2016 is already off to a rough start.

What the Flashpoint reports highlight are that when it comes to risk management, you can’t defend against what you don’t know. This is true when it comes to all of the latest tools and capabilities that will be showcased at RSA for dealing increasing visibility and control over internal and external threats as they are perpetrated. In addition, using Big Data and sophisticated analytics to detect anomalies faster, and use information about past attacks to shore up defenses and be proactive in building up a defense posture, will also get lots of attention. It is also true when it comes to having real-time information about the Dark Side. To say the least this is valuable intelligence for heading off possible catastrophe, particularly if your organization is target rich, and possibly extremely vulnerable.

This really is a case where fore-warned is fore-armed.    

Edited by Maurice Nagle
Related Articles

Mist Applies AI to Improve Wi-Fi

By: Paula Bernier    11/9/2017

Mist has created an AI-driven wireless platform that puts the user and his or mobile device at the heart of the wireless network. Combining machine le…

Read More

International Tech Innovation Growing, Says Consumer Technology Association

By: Doug Mohney    11/8/2017

The Consumer Technology Association (CTA) is best known for the world's largest trade event, but the organization's reach is growing far beyond the CE…

Read More

Broadcom Makes Unsolicited $130B Bid for Qualcomm

By: Paula Bernier    11/6/2017

In what could result in the biggest tech deal in history, semiconductor company Broadcom has made an offer to buy Qualcomm for a whopping $130 billion…

Read More

How Google's 'Moonshot' Could Benefit Industrial Markets

By: Kayla Matthews    10/30/2017

The term "moonshot" encapsulates the spirit of technological achievement: an accomplishment so ambitious, so improbable, that it's equivalent to sendi…

Read More

After Cisco/Broadsoft, Who's Next for M&A?

By: Doug Mohney    10/27/2017

Cisco's trail of acquisition tears over the decades includes the Flip video camera, Cerent, Scientific Atlantic, Linksys, and a couple of others. The …

Read More