One of the most important factors to try and comprehend when discussing new topics such as The Dark Web and Cyber Crime is the extraordinary pace of change. Today, changes happen faster and more frequently than ever, predominantly because there are so many people working in the technology industry and have access to a vast array of tools and programming techniques. These new actors have the skills and creativity to test traditional IT Security and surpass efforts to shut down bad or malicious practices.
Last week we attended the Cyber Security Summit in London, which was extremely eye-opening to the new lengths criminals will go in order to achieve their goals. This includes their ability to circumvent known security techniques, halt security research to uncover their methods or even to use strange methods that allow attacks to affect large numbers of people.
The Dark Web
The Dark Web is used to describe the technique of purposefully hiding the identity of an individual sharing or seeking information. The most popular (or well-known) of these techniques comes in the form of a web anonymistation software tool called Tor.
The U.S. Navy created Tor in 2002 as a smokescreen to protect people who live in countries without freedom-of-speech protections from being tracked when they connect to the Internet. Tor is used by political dissidents, whistleblowers, human rights advocates, and journalists. Research by also points to high percentages of illegal activity on the network.
With Tor’s services, people can also use public-facing Internet services such as Facebook without being tracked by any organization except the host. They can also use Tor to create and run hidden online marketplaces (for example to sell illicit drugs). The Dark Web is less of a place and more like an Internet overlay, designed to protect the identity of individuals, enabling users to view hidden services and allowing people to talk and transfer files in a surveillance-resistant fashion
Over the past five years there has been a global effort, led by the FBI, to shut down illegal Dark Web sites. The main reason for this is that more and more young people – especially teenagers – are getting caught up in the Dark Web and are breaking the boundaries. In the past where theft may have involved a small crime such as stealing from local shops, today small crime for them might be getting caught up in drug trafficking, fraud and malware, all of which carry extremely harsh sentencing.
Unfortunately the Dark Web is becoming more resilient though the use of AI.
Recently a Police Officer was browsing the Dark Web, looking to purchase a block of credit cards to try an catch the individual involved. The site detected, through an algorithm, that it was not a normal purchase due to what it was and how he was purchasing it. As such it blocked his access completely, showing the screen below:
The ability to halt Police Enforcement is a real issue which could potentially make the Dark Web a far more dangerous place. Algorithms and AI are certainly part of this story; developing counter-insurgence protection and constantly pushing the boundaries of what’s possible
New Malware Attacks
A Metropolitan Police Cyber-crime and Security Expert led a fascinating talk on a new wave of hyper intelligent malware attacks, showing that some of the criminals were extremely young. This seems to be a common trend which is often not considered in this area.
2018, so far, has already been a record year for ransomware, showing a 300% increase – most likely because of copy-cats in the industry. A number of highly visible Ransomware attacks have been shown to generate press attention and prestige among the hacker community. A number of Youtube videos show real-time ‘Crypto’ing’ of people they deem to be ‘scammers’ which seems to be driving the idea that this version is cybercrime is democratised and acceptable, even though it carries harsh penalties if they are caught.
Companies too are giving into demands which are driving creation of better and more robust versions of Malware. Today a remarkable 55% of companies pay up, which has not been helped by the introduction of the GDPR – something which has made companies extremely frightened about their data getting deleted or released. The cost of their data can now be used to generate much higher sums because of the bigger threat of fines.
Astonishingly – 65% of large businesses reported breaches in the last year, but in many cases the reason they were willing to pay was not because of the money, but because of their loss of reputation. It has been proven that companies which get infected and lose data (or cannot provide services) lose the trust and business of their customers.
The tactics and methods used to capitalise on this are also becoming more refined and intelligent. One technique seen recently, for instance, was to implant a large number of print servers with viruses. The hacker then waited until they got hold of a number of files and database servers and then deployed at multiple locations and multiple companies at the same time when they were ready. This is called a payload technique and means antivirus software is not able to build immunity fast enough (by assigning a signature to the code) to halt the attack and stop the damage.
Other emerging methods include using a variety of techniques to thoroughly compromise an IT system, seeking out and deleting backups and creating backdoors for future attacks. All of this adds up to a large number of unknowns for companies and far greater risk in the future.
When considering reputational damage, it may be wise to take note of Benjamin Franklin: “It takes many good deeds to build a good reputation, and only one bad one to lose it.”
The point here is that prevention is becoming significantly better than a cure, and that companies may soon not be able to survive a single attack – their networks may be so thoroughly compromised that they cannot hope to meet regulatory or compliance standards unless they buy entirely new equipment or spend thousands of pounds on tools to refresh it all, in which time they may well have gone out of business.
The Dark Web and New Generation Malware are, by far, the biggest threats to two of our most important assets – our children and our business communities integrity. Very scary stuff, but still – preparation is key.
If you haven’t yet – train your staff and invest wisely in tools that ensure you are not a victim of this new set of threats.