In the cyber sphere, it is becoming more important that we monitor this world. We have a duty of care to protect our clients. We must understand all methods. Ignorance is no excuse.
Whether it is because you have a technological background, or YouTube led you down a peculiar road to Mystery Box Unravelling’s, the Dark Web is a topic of intrigue.
A quick google will tell you that it is ‘the part of the World Wide Web that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable’.
But, to delve into the true nature of the Dark Web, a solid understanding of the Internet is crucial.
Imagine you are a passenger on a railway network. The tracks are the Internet, and the stations act as websites. As a passenger on this network you have a ticket. When you reach your desired station (website), the website will know where you've come from. In short, websites correlate your origins. This is done via an IP address.
‘Ah! but I use a VPN’ you say. This, however, is just a handy cheat. By using a VPN, all you have really done is introduced another station, so that the ticket collector thinks that you have come from another location.
Now imagine you can go on the tracks without anybody knowing. You are invisible. Not only are you invisible, but you are also going to visit websites that are virtually invisible. This is what we call the Dark Web.
Unlike sites such as Google, Amazon or Bing, the Dark Web does not have a search engine. And the websites URL’s are composed of characters and numbers that are totally anonymous.
To access the Dark Web, you'll need a TOR browser. This is a web browser that anonymises your web traffic, so that your identity remains hidden. You can search for, and download this, on Google. If you look hard enough, and on the right forums, these sites are abundant. Then, simply type in your website, and you're good to go. Once on, you can cover your tracks by communicating with encrypted messages.
The Origins of the Dark Web
Also known as the Deepnet or Darknet, the Dark Web was created in the 1990s by the US Navy. Back in the day, the US needed a method for their operatives to communicate back to base over the Internet in a covert way.
But here's the problem. If you are the only one doing it, it's only a matter of time before you are spotted. To solve this dilemma, the US turned to the method of camouflage, and hid in plain sight. It is easier, for instance, to hide in Piccadilly Circus, amidst hundreds of people, then it is on an open field. The same principle works in the Dark Web. Once you open it up and let the masses in, it is easier to remain undetected.
But What Does this Mean Today?
What this means is that websites selling anything from information to drugs, guns and sex, are available.
Most people will not be affected by the Dark Web or think much of it. But what they don't realise is that perpetrators have now gone global. Which brings us to our next question.
Who Uses the Dark Web?
- Security agencies - all those guys with three letter acronyms working for the greater good.
- Then there are the organised crime groups such as drug dealers, arms dealers, and other general criminal activities.
- There are also hacking groups, trading information, selling ransomware, credit cards and so forth.
But, apart from acting as a marketplace, the Dark Web also acts as a communication for said parties. When you couple it with the anonymous payment of cryptocurrency, such as Bitcoin, you're in business. You have the means to communicate with likeminded individuals, you have customers ready to buy, and a payment mechanism. Which is the dream scenario for every freedom fighter, criminal, security agency, and general fruit-loop wanting to stay below the radar.
A Force for Good
It is worth noting that the Dark Web is often a force for good in that it can protect you from a prying government... think George Orwell Nineteen Eighty-Four. There are many legitimate, honest and innocent reasons as to why you would want to hide something from your government. Unfortunately, we don't all have the luxury of freedom of expression and thought.
How Does the Dark Web Impact business?
Many hacking groups are on the Dark Web for one purpose only, to extort money. To do this they will have information, teams, access to the latest vulnerabilities, ransomware and/or a list of soft clients. They will also have payment mechanisms, cryptocurrency and, just like any other business, will have suppliers and specialists.How Do you Protect Yourself?
Most security is built on the architecture of perimeter security. So, imagine a castle, with a moat, surrounded by high walls and defences. In the IT world, these walls are your firewalls, your IDS, IPS, AV and the like. Now imagine you sitting in this castle looking over the walls, towards the dark woods beyond. What if you could go out there and observe your attackers, hidden in the undergrowth? What if you set up listening stations, traps and decoys, to gather your own intelligence on cyber threats, and find out if they had any intelligence on you?
In cyber security, we call this threat intelligence. And, if you can customise and actively hunt against your own profile, monitor your own digital footprint on the Dark Web, understand what the plans are, then you will be equipped for what comes next. What matters here is that you are informed.
It is becoming more important that we monitor this world. We have a duty of care to protect our clients. We must understand their methods. Ignorance is no excuse.
To learn more about Si Consult’s Threat Intelligence Services, and how we can protect you and your business, contact us here.