In addition to conjuring up images of dark alleys, scary forests and evil beings that you would see in a horror flick, the dark web implies that there are two “webs.” You have one that everyone accesses daily for personal and professional use, and one in a mysterious underworld that you should avoid at all costs.
The fact is, there’s only one web. But there are websites that don’t show up on Google or Bing and can’t be accessed through Chrome or Microsoft Edge. This intentionally hidden collection of websites that operate outside the view of search engines and standard browsers is the dark web, which users access anonymously through Tor (The Onion Routing project) and other dark web networks. The dark web is a subset of the Deep Web, which is estimated to be 400 to 550 times larger than the web you know.
The dark web has always been the domain of cybercriminals who share hacking ideas and techniques. Law enforcement officers and researchers sometimes venture into the dark web to gain insights into illegal activity.
Buttoday’s dark web is a far more active environment, especially since the rise of ransomware. It has become a criminal marketplace where hackers go to buy and sell stolen data, credentials and trade secrets, as well as hacking tools. No technical knowledge is necessary. Just bring your money and you can get your hands on sophisticated hacking kits or pay someone to do the hacking for you.
Research from Positive Technologies found that demand for malware creation on the dark web is three times higher than the supply. The most popular types of malware available are cryptocurrency miners, hacking utilities, botnets, remote-access Trojans and ransomware. The most expensive malware used to target bank ATMs starts at $1,500, while targeted attacks against a specific organization cost in excess of $4,500.
Compromising a website and taking over a web application is a relatively low-cost service that can be done for $150. The top hacker-for-hire requests involve identifying website vulnerabilities and stealing email passwords. Hacking social networks and email accounts are the two most popular services offered.
The rise of dark web activity has given rise to dark web monitoring. Although modern security tools can prevent breaches and data theft from happening, every organization can be compromised. Also, these incidents sometimes take weeks or even months to detect and address. It’s important to monitor the dark web for new vulnerabilities and mentions of your organization’s name, employees and assets, as well as the software you use. This might require access to private forums and communities, which can be difficult to infiltrate.
Dark web monitoring allows you to see the same information as the criminals and can provide you with insights into future attacks. It allows you to identify patterns before they become trends, patch unknown vulnerabilities, focus security resources on the areas that need them most, and address user activity that could be putting your organization at risk.
Verteks can provide you with a dark web ID search and ongoing dark web monitoring to find out if account credentials, sensitive data and other valuable assets are on the dark web. To get started, call 877-VERTEKS or click hereto request a free dark web scan.