The Dark Web is a bit like the wild, wild west, uncontrolled and cutthroat, and it is a 100% unrestricted free enterprise. There are no regulators or arbiters of decency. It can be unsavoury and dangerous, as well as innovative and useful.
Dark Web is Here to Stay
As we all know the Dark Web is a part of the Internet that is not accessible with popular browsers and requires specific software, configurations or authorization to access. It’s an “insiders-only” kind of place. If you don’t know where it is; you won’t find it.
There are two main arguments for believing it is permanent.
- Every day, there are more products and services, and consequently, money; exchanged on the Dark Web. As a result, more people are drawn into it and want to use it. As long as there is money to be made, there will be people who want to use it. Like the basic foundation of capitalism: Supply and Demand. As long as there is a demand, there will be a supply. There is also the added attraction that what happens on the Dark Web is unregulated and therefore, untaxed.
- Some of the infrastructure enabling the Dark Web, specifically the relay network that provides the anonymity was invented by the United States Naval Research Laboratory to protect the identity of the US intelligence officers abroad. The infrastructure is still used and partially owned by governmental organizations.
What’s Good About It
- It enables people to post information and communicate freely. For example, a citizen of a repressive regime can expose information about regime’s misconduct or connect with other people who are concerned about repression. An example is events that precipitated the “Arab Spring”.
- It facilitates the exchange of goods and services. The Dark Web is becoming more and more commerce savvy. Mirroring the Amazon style of online services; there are even seller ratings and sellers with return policies, etc.
Dark Web Threats – The Ugly
The Dark Web serves as a marketplace, a sort of open-air bazaar for threat intelligence about companies, and as an information resource on new attack vectors.
- Threat intelligence is posted, such as weaknesses in a company’s defences. Sometimes accounts of successful attacks are published even before the company’s IT organization has discovered the breach.
- Company employees’ credentials and customer data are offered, which can be used to breach an organization and steal sensitive information. Threat actors capture millions of credentials and offer them for sale. This is a growing trend that is becoming ever more profitable.
- Information on accessing specific corporate assets and details of phishing campaigns and other exploits using employee emails are shared.
- New attack techniques, exploiting such opportunities as the Zero-day vulnerabilities, are shared so they may be applied against other organizations’ defences.
- The Dark Web serves as a distributed threat and attack research and development laboratory manned by clandestine actors.
Fighting Back
The first step is accepting reality. Accept that the Dark Web is here to stay and adjust your corporate behaviour accordingly. You cannot stop it. You cannot avoid it. You must adapt to it.
The most effective course of action is to build the infrastructure or subscribe to services, such as Layer 8 Security’s Compromised Account Monitoring Service (CAMS) which offers:
- Provides notification when data about your company is published or exchanged on the Dark Web
- Provides information about unknown vulnerabilities that affect your infrastructure when they are detected on the Dark Web and fix all identified vulnerabilities immediately
- Provides a report of compromised employee credentials so they may be changed or blocked immediately
- Provides Actionable Intelligence that your corporation can use to harden its defenses
- Establish an employee training program that will educate on:
- Proper password management
- Recognition of phishing exploits
- Proper email management and malware risks
- Safe online practices