CodeX
Published in

CodeX

What is Dark Web?

From a cybersecurity point of view, the dark web is like a huge marketplace, where sensitive data (personal data, banking data, credentials, etc.) rubs shoulders with cyberattack kits. We find indeed malware sold between $50 and $500, there would be 15 billion credentials in circulation.

After clarifying the terms deep web, dark web, and darknet, we will see how to verify if your business data is available on the dark web and what to do if it is.

The ‘Open Web’

This is the publicly visible part of the internet that most of us use each day, and is accessed through search engines such as Google or Bing.

The ‘Deep Web’

This is the part of the internet that is generally hidden from public view. It can’t be accessed via the usual search engines and is reached in other, less widely-known ways.

The majority of the ‘Deep Web’ is made up of databases that can be accessed securely over the ‘Open Web’. For example, databases associated with hotel bookings, online purchases, medical records, banking, and others. The content can only be read by authorized people (such as employees) and is protected using passwords.

The ‘Dark Web’

When most people go online, they do so via a computer or device that has an IP (Internet Protocol) address — a unique online identity.

An IP address enables networks to send the right information to the right place — for example, making sure an email reaches its destination. An individual’s internet activity can be tracked and monitored using their IP address.

Why do people use the ‘Dark Web’?

There are three main reasons why people may use the ‘Dark Web’:

1. Anonymisation

People may have many reasons for protecting their online identity. In some cases, this is because they would be in danger if their identity became known — for example in countries where the government forbids a free press or where there is political censorship.

Others may use it to reduce their risk of falling victim to crime, such as people who have been cyberstalked or who are concerned about the security of online banking.

Tor is mainly used for people to browse the open web anonymously, a very small percentage of its traffic relates to Hidden Services (below).

2. Accessing ‘Hidden Services’

A Hidden Service (also known as an ‘onion service’) is one where not only the user but also the website itself, have their anonymity protected by Tor. This means that the IP address of the site cannot be identified, meaning that information about its host, location, or content is hidden. Hidden Services are sometimes called “onion addresses” because the website name often ends .onion.

Tor itself is not a Hidden Service, but the sites it hosts are. Hidden Services can be used legitimately, for example for whistleblowing or to allow members of the public to share sensitive information such as knowledge about crimes without the risk of reprisals. However, it is generally believed that the majority of Hidden Services contain illicit material. They often require registration (username, password, etc) and some have ‘VIP’ sections, accessible only by an invite from the administrators or through an application made by the member and approved by the administrators.

3. Illegal activity.

The Dark Web may be used by people wishing to carry out illegal activities online, such as selling weapons or drugs. These kinds of operations, and the websites offering them, are often referred to as Hidden Services (above).

The Dark Web, a Marketplace for Selling Confidential Data

After a data leak, attackers might publish the collected information on the dark web for several reasons:

  • selling data: credentials, banking data, health data, IT infrastructure information… All this data has a market value, as it allows attackers to optimize their phishing, identity theft, or money fraud campaigns.
  • blackmailing the legitimate owners of the data (both personal and professional),
  • ideological reasons: exposing practices, revelations that could lead to scandals… Attackers may have political or religious goals.

Financial profit is the main motivation for attackers to put data on the dark web. They sell not just personal data, corporate data are traded too. A study of Digital Shadow in July 2020 showed that administrator access to corporate domains was sold for around $3,000. Sensitive corporate documents are a gold mine for people who intend to commit targeted cyberattacks.

How to access the dark web

The dark web was once the province of hackers, law enforcement officers, and cybercriminals. However, new technology like encryption and the anonymization browser software, Tor, now makes it possible for anyone to dive dark if they’re interested.

Tor (“The Onion Routing” project) network browser provides users access to visit websites with the “. onion” registry operator. This browser is a service originally developed in the latter part of the 1990s by the United States Naval Research Laboratory.

Understanding that the nature of the internet meant a lack of privacy, an early version of Tor was created to hide spy communications. Eventually, the framework was repurposed and has since been made public in the form of the browser we know today. Anyone can download it free of charge.

Think of Tor as a web browser like Google Chrome or Firefox. Notably, instead of taking the most direct route between your computer and the deep parts of the web, the Tor browser uses a random path of encrypted servers known as “nodes.” This allows users to connect to the deep web without fear of their actions being tracked or their browser history being exposed.

Sites on the deep web also use Tor (or similar software such as I2P, the “Invisible Internet Project”) to remain anonymous, meaning you won’t be able to find out who’s running them or where they’re being hosted.

How to Know if your Corporate Data is on the Dark Web?

To identify leaked sensitive documents, the solution is to search the surface web, the deep web, and the dark web. However, navigating the hidden web is difficult, as pages are not indexed. You have to know the URLs of the pages you want to access or use underground search engines. Besides, the risk of hacking is very high.

Investigating the dark web enables first to detect if your business data is present. It can also help you detect and correct data leak flaws that you were not aware of.
This research can be conducted internally or you can rely on a third party to conduct a reconnaissance audit. This kind of audit service identifies all the items related to your business that are exposed online.

If confidential documents are indeed on the dark web, then it is necessary to confirm whether they are accurate. Depending on the data, you can take the first emergency measures. Wanting to delete it from the web is wishful thinking; it is better to aim that it is useless and obsolete for attackers.

This may involve changing authorizations, modifying network access, or notifying your customers if their data has been leaked (and, depending on your legislation, also advising an official monitoring body).

Including Security Upstream to Prevent Data Leaks

It is important to consider the security of your infrastructure and applications. Web or mobile applications are gateways that are highly exposed to attacks. Performing a penetration test makes it possible to secure the data that flows or is stored in these applications, to avoid leaks on the web (whether on the visible or hidden web).

A key is also to limit as much as possible any information exposed on the web. By reducing the attack surface exploitable by attackers, attacks will be less relevant and a little more restrained.

Finally, raising internal awareness of cyber-risks is an essential element in strengthening security. Poor practices and misunderstanding of the current dangers can lead to major incidents. During a training session or a social engineering pentest, your teams are exposed to threats adapted to your company’s context. Raising awareness through real-life situations helps to remember good practices and to respect procedures.

In conclusion, any data leak is likely to end up on the dark web, as attackers can make various gains from it. This data feeds new cyberattacks and new data leaks. To break this vicious circle, it is necessary to strengthen its cybersecurity, both technical and human.

Can the authorities ever stamp out the dark web?

The government is unlikely to ever fully suppress the dark web for the same reason that law enforcement has never been able to eliminate conventional black markets: there’s a lot of demand for the information and products offered on these sites, and there’s always going to be someone willing to take the risks involved in meeting that demand.

And these sites can earn a lot of money. Silk Road 2, for example, reportedly earned $8 million in a single month before it was shut down. That kind of money will always attract copycats who believe they can succeed where their predecessors had failed.

Moreover, the government probably can’t — and shouldn’t — shut down the underlying technologies that make the dark web possible. Tor provides crucial protection to dissidents and whistleblowers around the world. Bitcoin has the potential to produce significant innovations in the payments business. And shutting down these technologies won’t stop people from using the internet for illicit purposes. Most likely, these activities will simply shift overseas, where it will be even harder for American authorities to police.

Also worth looking at: https://en.wikipedia.org/wiki/Dark_web

Sources:
https://www.thinkuknow.co.uk/professionals/our-views/the-dark-web/
https://www.kaspersky.com/resource-center/threats/deep-web
https://www.vaadata.com/blog/are-your-corporate-data-and-sensitive-documents-on-the-dark-web/
https://us.norton.com/internetsecurity-how-to-how-can-i-access-the-deep-web.html
https://www.vox.com/2014/12/31/7470965/dark-web-explained

--

--

--

Everything connected with Tech & Code. Follow to join our 900K+ monthly readers

Recommended from Medium

Personal Token Sales on a Roll

How to add a custom token to MetaMask?

Roblox games’ servers being attacked!? How?

QKD: Unbreakable in Theory, Harder in Practice

{UPDATE} Play For Scary Teacher. Forest Hack Free Resources Generator

{UPDATE} Enemy Strike Hack Free Resources Generator

🚀 Airdrop: KuCoin Round 3 💰 Value: $ 10 👥 Referral: $ 30 📅 End Date: 7th July, 2022 🏦…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Oguzhan Ozturk

Oguzhan Ozturk

https://www.linkedin.com/in/oguzhanoz7urk/

More from Medium

SIEM TOOLS & CONFUSION MATRIX

Keeping Your Personal Data Out of the Wrong Hands

Installing HashCat on Linux w/ Nvidia RTX dedicated Driver

Rename Multiple Photos At One Time With Ease on Linux