Thanks to crime shows, almost everyone has heard of the “Dark Web.” But what exactly is it? How does it impact your organization, and what threats does it present to the security of your data?
The dark web
The dark web – or darknet – is a subsection of the internet that can be accessed only through special browsers, such as Tor, short for The Onion Router, or I2P (Invisible Internet Project).
While you may automatically associate the dark web with criminal activities – the term does sound sinister, and, indeed, the dark web is frequently used for illegal content and transactions – it is also used by journalists, political dissidents, and anyone else who wants to protect their privacy. In fact, many major organizations like Facebook and the CIA allow access to their sites through the Tor protocol. In a way, it is an organization’s declaration of its strict commitment to users’ privacy.
So what makes the dark web so private? The sites on the network encrypt their content. A browser like Tor encrypts its user traffic and bounces a user’s IP address through numerous nodes. This makes it very difficult – often impossible – to track down users.
As opposed to the regular websites which end in .com, .io, .gov, etc., those accessible through Tor end in .onion.
The dark web vs the deep web
Don’t confuse the dark web with the deep web. The deep web refers to all non-indexed sites. For example, your Gmail account is on the deep web. Since it is not indexed, other users can’t find it by searching for it on a web browser. Other examples of pages on the deep web are memberships pages, sites hosting personal records, intranets, etc. The deep web accounts for at least 90% of all content on the internet, with some researchers suggesting that the number is as high as 99%.
The dark web is a tiny subsection of the deep web, accounting for only around 0.01% of the deep web.
The websites that you find through a regular browser, be it Google, Bing, or Yahoo, are indexed sites and a part of the “surface” or “clear” web.
The danger of the dark web
While the dark web is not necessarily synonymous with criminal activities, it is often utilized for such purposes. Drug and arms sales, sex trafficking, child pornography, contract killings – these are just a few examples of the types of transactions and content conducted and hosted on the dark web.
Cryptocurrency has further expanded the size of the dark web. Bitcoin, for example, became the go-to payment method for drug networks. In 2019, it was estimated that $1 billion was spent on criminal activities on the dark web in Bitcoin, a 300% increase from 2012.
The main challenge law enforcement agencies face when combating the dark web sites that facilitate illegal transactions is that, once one is shut down, other ones pop up almost instantly.
The threats of the dark web to your organization
One of the most common types of illegal activity on the dark web is the sale of data. What kind of data? Anything that organizations store in their database and that could be used to scam, blackmail, or otherwise damage people and organizations. E-mail addresses, medical records, bank account information, passwords, intelligence reports, research data – the list is long.
This data is packaged and sold on the dark web. It’s often not particularly expensive either. A cloned credit card with a PIN costs between $15 and $35. A hacked social media account goes for anywhere between $50 and $75. A stolen banking account info for accounts that have a minimum of $2,000 costs around $65.
Your data, if hacked, can end up on one of the many dark web marketplaces, posing a threat to both your organization, and its users and employees.
Furthermore, if hackers identify vulnerabilities in your system and gain access to your data, your organization can become the target of cyberattacks – man-in-the-middle (MitM) attacks, IP spoofing, replays, phishing attacks, etc.
How you can protect your organization from the threats of the dark web
You have to be proactive. Assume the better-safe-than-sorry approach to managing your organization’s cybersecurity. Below is a list of security measures that you can and should implement to protect your organization. However, educating your employees should be your first line of defense. For example, explain that, while it is certainly easier to use the same password to access dozens of different accounts, this strategy makes them highly vulnerable to hacking attacks. Educate them on the various types of social engineering, (link to social engineering article) and walk them through the ways of spotting and dealing with such cyberattack attempts. Only 7% of organizations conduct monthly cybersecurity awareness training sessions. Most – 44% – do it once or twice a year. This is not nearly sufficient to eliminate – or, at least, minimize – the threat of a successful attack due to human error.
- Use a dark web monitoring solution. Regularly check whether your organization’s credentials are spotted anywhere on the dark web.
- Always opt for multiple layers of security. Double verification is increasingly popular. Implement a multi-layered security system for accessing account information.
- Invest in a top-of-the-line malware protection solution. Cybersecurity is the one area where you shouldn’t try to cut corners. Once you’ve selected and implemented an anti-malware software, make sure to keep it up to date.
- Develop a cybersecurity breach protocol. If your organization does fall victim to a cyberattack, you must have a plan of action in place that could be followed immediately to mitigate the damage. This requires both developing the protocol and training those in charge of executing it.
The dark web, though not inherently dangerous, can present real threats to your organization. The anonymity of users and the wide adoption of cryptocurrency provide a fertile ground for the rise of hacking attacks that identify and exploit organizations’ and individuals’ digital vulnerabilities.
Taking a proactive approach to safeguarding your organization and its data will allow you to minimize the risk of a successful security breach and its consequent damages.