“A Deep Dive on the Dark Web”
We’ve all heard the term “the dark web”, usually in some scary, abstract way. Many of us probably assume the dark
web has nothing to do with us– but what we don’t know actually can hurt us. So what is the dark web? Darren Guccione writes that “The dark web is part of the internet that isn’t visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.” If you’re confused about what all that means, stick around! It’s important to understand what the dark web is and how we can remain safe while using the internet in our daily lives.
A Deep Dive on the Dark Web
A key aspect of the dark web remaining secret is that it lives in the unindexed corners of the internet. This means that searching Google won’t pull up any dark websites. This keeps the activity private and can essentially restrict access to those who know where to find it. There’s no such thing as SEO on the dark web. Instead, it’s a place where anyone can build anything– and though there are legitimate uses for the dark web– it’s a place that has spawned a lot of modern criminal activity.
But the dark web didn’t start out as a hotbed for modern-day criminals. In fact, the browser TOR, used most often to access the dark web, was actually developed by the US Navy. “The U.S. Naval Research Laboratory funded a project called The Onion Router (TOR). TOR offered intelligence sources a way to communicate easily and safely, especially in hostile areas where personal safety is key.” With the invention of blockchain and cryptocurrency, the dark web could host untraceable payments that eventually created the perfect storm for illegal activities to flourish.
The Impact of Cyber Crime
Just how big is the market for cybercrime? Well, conservative estimates put the financial incentive for online criminals at over $1.5 trillion dollars a year. And while you might not engage in illegal markets, cybercriminals have a huge incentive to attack organizations and individuals within them to gain IP, trade secrets, and data.
Obviously, this represents a clear danger to legitimate businesses, who often find themselves under attack by cybercriminals. To combat this, employees are being constantly trained on how to avoid phishing and other ransomware attacks. Some of us may be tired of constant reminders or training about avoiding scammers. So understanding just how close we are to the dark web and the impact it could have on our businesses could be important, and help keep teams motivated to remain constantly vigilant.
Understanding Cyberattacks from the Dark Web
In the MIT Sloan Management Review, cybercrime scholars explain the way that cybercriminals on the dark web have created a dangerous supply chain.
“The dark web serves as […] a value system. That system includes a comprehensive cyberattack supply chain, which enables hackers and other providers to develop and sell the products and services needed to mount attacks at scale. Understanding how it works provides new, more effective avenues for combating attacks to companies, security service providers, and the defense community at large.”
What this means is that the cybercrime industry is like a normal industry, in that it functions under a series of compounding steps in the value chain. This means that it’s often impossible to stay well ahead defensively. Just as legitimate businesses are constantly innovating, so are cybercriminals, who have developed complex and secret chains of criminal activity.
Deloitte reports that “the average business will invest between 6% and 14% of its annual IT budget in cybersecurity.” But the consequences of cyber attacks can impact more than just one annual budget. The
Preventing Cyber Attacks
Here are some tips recommended by MIT scholars for maintaining cybersecurity within your company.
- Stay on top of dark web trends. As we talked about before, the value chain for cybercrimes creates an ever more connected criminal network. Understanding the way that these criminal activities are linked can help insightful security professionals to flag one issue, which may be a part of a larger attack.
- Remain on the offense. When attacks occur, there’s an obvious (and well deserved) attention to cyber security. But by understanding the value-chain of attackers, security professionals can play offense and disrupt the organization of cybercriminals. MIT Professors write, “Understanding that attacks are created by combining services reveals new avenues for undermining them. For example, defenders can flood the cyberattack ecosystem with deceptive services, making the dark web less attractive for cybercriminals seeking to purchase services.”
- Make an interconnected defensive system. “Cyberattack defense cannot be relegated to law enforcement agencies alone. Instead, it requires an ecosystem aimed at combating cybercrime that includes many actors — individuals, corporations, software and hardware providers, cybersecurity solution providers, infrastructure operators, financial systems, and governments — working together.” Building this framework into
The dark web is a complicated and unsearchable place that has created a hotbed of criminal activity. This activity occurs through a value chain of interconnected activities that extend the reach and innovation of criminals. Organizations can work towards staying ahead of these attacks by investing properly in understanding and fighting against these threats.