The Dark Web - A Hot Bed for Cybercrime

By Special Guest
Gad Naveh, Advanced Threat Prevention Evangelist, Check Point
March 12, 2018

There is a corner of the internet that is cloaked from every day users. Beneath the typical search engines and web browsers, an illegal marketplace is operating in an untraceable environment – the dark web. For many, the dark web is not fully understood. Its illusive nature has allowed the subject to slip under the radar.

Users are only able to access the dark web with special software and encrypted browsers, allowing criminals to conceal their identities and hide within the anonymity of the platform. This layer of protection has allowed the dark web to exist largely unhindered by authorities. Consequently, it is difficult to trace illegal activities back to the culprit.

New attack vectors emerge on a regular basis, but the dark web has become the place where criminals obtain dangerous attack methods immediately after they become available.  Typically, the dark web is known for selling drugs, promoting prostitution, and distributing illegal goods. But a less talked about sector is the market for cybercrime. If you have never browsed, or even thought about the dark web, you can still be at risk. This dark corner of the internet has become a hub for cybercrime. Criminals use the dark web as a platform to sell malicious malware, ransomware, exploits and even stolen credentials. There has been a surge of criminals trafficking consumer data obtained through illegal practices. If you’ve fallen victim to a breach or phishing attack, there is a possibility that your information is available on the dark web.

Last year, personal data from national credit bureau, Equifax, was stolen from approximately 143 million consumers, compromising anything from addresses to social security numbers, driver’s licenses and credit card numbers. This means 143 consumers could run into serious complications down the road if their information was purchased on the Dark Web. Such a trove of Personal Identify Information can be valued in the millions and a successful fraud using someone’s private information from the Dark Web can lose the victim sums in the millions.

Perhaps more concerning, individuals can recruit hacking services. The common phrase “Hacking for Hire” is part of the well-known lingo in the dark web. Cybercriminals can now hunt down and hire hackers to craft and execute dangerous cybercrimes for them. Consequently, unskilled criminals now have access to sophisticated tools and have skilled hackers at their disposal: while hacking for hire is one example of how the dark web can affect cyber security, there are countless other ways this platform has created new threats.

Criminal activity within the dark web is constantly being monitored by cybersecurity professionals and global law enforcement. Though this portion of the cyber realm is difficult to regulate, surfing the dark web does not guarantee you are out of the law’s reach.  With the recent shutdown of the two biggest marketplaces found on the dark web, AlphaBay and Hansa, a spotlight has been cast on the subject.

It is important to recognize the security risks the dark web poses on the general public. With emerging threats and risks taking shape, organizations must start proactively managing their cybersecurity rather than maintaining a reactive approach. The dark web is now the unsettling reality for all internet users.

As long as the Dark Web exists, there will always the possibility of cybercrime or stolen information being sold through that channel. So what can businesses do starting today to protect themselves? Business leaders and IT decision-makers can start with a basic cybersecurity risk assessment checklist:

Understand your current infrastructure – Know the crown jewels and risk of your infrastructure, as well as its access points. Be mindful of what kind of information is stored in your system … and how much. Whether it’s an enterprise or SMB, any infrastructure that handles financial information such as credit card numbers can also be at risk.

Assume that you’ve might have already been breached – The Dark Web market can sell existing infections inside your organization to cyber criminals for monetary gain.  Examine internal traffic within your company for lateral moving infections and segment your network. Even the adware inside your network can download a payload as a service offer and start ransoming your network.

Think beyond hackers as threats – Keep in mind that inadvertent compromises can come from within the company. Details such as human error, faulty backups and encryption, as well social engineering are often overlooked when trying to protect the infrastructure. But these details can be just as dangerous as hackers themselves.

Examine the landscape – It’s crucial to check on the security of governing factors such as user authentication and provisioning, administrator access, infrastructure data protection and continuity of operations. All it takes is one vulnerability among these details that result in something more catastrophic. 

It’s important for businesses to educate themselves when it comes to the dark web and the multiple harms it can bring to a company. With deep knowledge about the dark web – as well as your company’s own infrastructure – businesses can be better equipped to deploy the best cybersecurity solutions possible, not just to detect an attack, but to prevent one as well.

About the Author: Gad Naveh is the Advanced Threat Prevention Evangelist at Check Point. 

Edited by Mandi Nowitz

Related Articles

Robotic Process Automation vs. Business Process Automation in the Modern Customer Centric Enterprise

By: Special Guest    3/23/2018

There's a lot being said about robots these days and about Robotic Process Automation (RPA). RPA describes a software development toolkit that allows …

Read More

How to Grow Your VR Company

By: Special Guest    3/23/2018

Developers from every walk of life are now flocking to Virtual Reality as it has grown from a niche idea to a legitimate hardware. Companies all over …

Read More

Satellite Firm Swarm Technologies Facing Death After Defying FCC

By: Doug Mohney    3/22/2018

Swarm Technologies is the most important satellite company you've never heard about. But a failure to heed the Federal Communications Commission (FCC)…

Read More

Apple, IBM Partner on AI, ML

By: Paula Bernier    3/21/2018

Apple and IBM are collaborating to make it easier for developments to create AI-powered applications. The effort will employ IBM Watson Services for C…

Read More

5 Influential African-Americans In Tech

By: Special Guest    3/19/2018

It's no secret that Silicon Valley has a problem with diversity. Apart from being male-dominated, most of its workforce is white or Asian, with whites…

Read More