Many words have been shared about the availability of questionable or outright illegal content through websites and forums hosted on the Dark Web. Many blogs have been written about the bust of the Dark Web site that has become a poster child for all that is bad about hidden services, “Silk Road.”
We know that narcotics, lethal weapons, contract killers, child exploitation material, hackers for hire and stolen identities are openly traded and shared, even indexed by search engines, by law enforcement and by the security community. We know that the problem is big and getting bigger so surely it is worth spending a few lines thinking about the “why” this is happening and reflecting on what could be done to clean up these darkest corners of the hidden Internet.
According to an investigation by the BBC paradoxically it is the fear of crime itself that is driving many to carry out their illegal activity online. Drug users are attracted to purchase and distribute through the Dark Web because it means they do not have to be on the streets looking for dealers, exposing themselves to potential violence, but can do it in anonymity without ever leaving the comfort of their homes. Not only that, but the virtual storefront means that they get to compare the prices and offers from various sources before making their choice. The same is true of course of other illegal purchases, and the sense of anonymity is compounded by the use of anonymous currencies such as that other poster-child, Bitcoin.
The drugs, guns and credit card numbers for which these underground forums are famed may not be high on the corporate risk register, as they mostly represent the “consumer” side of cybercrime. However the infrastructure exists as do the marketplaces, and the popularity and ease of use of TOR has never been greater. The Dark Web is real, it’s growing and enterprises would do well to begin taking the potential risks into account.
Cybercrime is increasingly going after businesses, big and small, in addition to the traditional consumer prey. An unregulated, anonymous Internet facilitated by transactions in nominally untraceable currencies is the perfect breeding ground for the exchange of information that could do serious harm on a corporate level. Counterfeit goods and pharmaceuticals are already traded, but how about a discount market dealing in samples, prototypes or faulty items? Think of the potential brand damage of sub-standard goods leaking into the public marketplace. Stolen data is already a stock in trade for Dark Web forums, and as more targeted attacks go after corporate treasure-troves of data, expect to see intellectual property, customer data, and source code out there too, hurting your company’s bottom line. In addition, traditional malware is already beginning to be “Dark Web enabled” using hidden services as C&C nodes, or as drop-zones for stolen information in an attempt to evade traditional network and end-point security technologies like URL filtering.
The Dark Web is in the ascendant, although we have seen some law enforcement successes against a few of the operators out there. These were mostly down to good old-fashioned detective work and OpSec failures by the miscreants.
I believe there will always be a place for free and anonymous access to information and communication in any fair society but it is time law enforcement, business and of course the security community started paying more attention to exactly what is being said in these darkest corners. We owe it to ourselves, to our information and to our society.
Please add your thoughts in the comments below or follow me on Twitter; @rik_ferguson.