When you hear folks mention the “darknet” it may conjure up an image of something very sinister; this would not be too far from the truth. The darknet is a place where criminals congregate to do bad things. Examples of the type of bad deeds that the darknet facilitates are plentiful. In a recent case, Stephen Caamano, was sentenced to 13-years in a U.S. prison for selling 4.3 million counterfeit Xanax pills and laundering money; all made possible using the darknet.
But what exactly is the darknet and what kind of things can you find there. And, importantly, how does the darknet help create the kind of cybersecurity issues that modern businesses face?
A Tale of the Darknet, What Lies Beneath
The darknet has a history that sits closely alongside the history of the internet we all know and love. While the internet that we use on a daily basis is known as the “surface web’, the darknet is what lies beneath that surface.
As the internet began to expand from its early days into the form we know today, along with the legitimate business and service websites, came more secretive sites. These were originally not meant for nefarious reasons. ARPAnet (Advanced Research Projects Agency Network) originally built the structure for the internet and added these sites for security reasons. But as the surface web expanded, so too, the dark side of the net evolved. Soon, malignant elements took over this underground of sites, using them for illegitimate reasons and the true darknet took off.
Entering the Darknet Zone
You cannot see darknet sites using your normal browsers, like Chrome or Safari. Instead, you have to use a specialist browser, known as the Tor browser to navigate through the darknet. Tor is also a ‘private browser’ so your access to the darknet is anonymized. This is a key part of making the darknet a criminal’s paradise. However, the Tor browser, itself, is not just a browser used by criminal elements. It is legitimately used by people like journalists to afford a degree of privacy when browsing.
A darknet search engine is used alongside the Tor browser to perform a private search for darknet sites, for example, the Onion search engine.
Inside the Darknet and Cybercrime
Once you are inside the darknet you will find many things that you wish you’d never seen. A study, “Cryptopolitik and the Darknet”, looked deep into the darknet and classified the sites into 12 areas. The results included sites containing “drugs, illicit finance, and pornography involving violence, children and animals.” One of the other key areas, and one which impacts businesses across the globe, was the proliferation of cybercriminal activity.
The darknet is a place where cybercriminals are extremely active. The data from breaches usually ends up for sale on the darknet. Dark marketplaces are used to sell all of the needs of cybercrime. Typical cybercrime-related items for sale on darknet marketplaces are:
- Stolen data: Anything, from personal data records to health records and financial information is for sale. Data from 50 million users, stolen in a Facebook breach, was found for sale on a darknet site. The price paid for such stolen data was found by Experian, to be, on average, around $1 for a social security number and $2000 for a passport.
- The tools of cybercrime: Various tools needed to commit cybercrime are available for purchase on the darknet. Tools such as Malware-as-Service and Phishing-as-a-Service have made cybercrime more accessible. These are rented out as a complete kit, to perform a cyber-attack. This availability has made cyber-attacks more frequent and widespread.
- Company intelligence: The success of a modern cyber-attack is often down to the cybercriminal being able to target a company. Hacker forums are used to share intelligence about companies.
Into the Light: Four Ways to Prevent Data Loss to the Darknet
The darknet has given cybercrime a boost. It has all of the tools and knowledge needed to commit continued cyber-attacks. But the darknet needs to be fed. If we can put robust security measures in place on the light side of the internet, we can cut off the darknet’s feeding line.
The darknet needs data to exist. To prevent a data breach at your organization you must put robust security measures in place. These include:
- Prevent data loss through phishing: Make sure that you have taken measures to prevent phishing. This includes making employees aware of how phishing works. You can also use spam filters and tools such as anti-malware.
- Patch policy: Make sure that you have a patch policy that keeps your network devices, including mobile devices, regularly patched and up to date.
- Security awareness for all employees: Keep employees aware of all of the tricks and fail points of cybersecurity at work. This includes training on good password practices and the secure use of social media. It should also include more intensive security training for IT staff.
- Outsource security: Consider outsourcing your security needs to specialists. They can take care of security in its entirety, protecting you from the worst of the darknet.
The darknet is a place where cybercriminals exchange intelligence and tools. We must do the same to counterbalance the darknet. By understanding how it operates and what cybercriminals need, we can close off their access points into our organization. The darknet is a scary place but we should discourage any further growth by using robust security to protect our staff and our data.