Interview: Sophos reveals the criminal underbelly of the dark web
The dark web may be something that most of us have heard of as a murky underworld for cybercriminals, but also where most internet users dare not tread. What is the dark web, how is it used and what implications does it have for cybersecurity?
We got the inside word from Chet Wisniewski, principal research scientist at Sophos. He focuses on research about the evolution of online threats. He also analyses how businesses use standard cyber defence practices and how they can be improved to be effective.
What is the dark web?
The dark web is a layman's term referring to a privacy focused overlay network on the internet known as TOR or The Onion Router. The idea is from US Naval research in the 1990's and allows for secure and anonymous communication with no inherent ability to identify neither the sender nor recipient of messages.
What are cybercriminals selling on the dark web, and how do they get that information?
They are selling anything and everything. Weapons, drugs, malware, books, pornography, credit cards, identities and more. The sources are diverse, but often when talking about credit cards, identities and passwords it is acquired through the use of malware on victim computers or through overtly hacking into insecure databases on the internet.
Who are criminals selling that information to, and what are the buyers doing with it?
Other criminals? Hard to know how much commerce occurs and with whom, as it is not usually disclosed.
Recently we saw two major dark web marketplaces, AlphaBay and Hansa, shut down by authorities. Where are the cybercriminals heading and does this mean we’re any safer? Criminality abhors a vacuum. It is a bit like playing Whack-a-Mole at the carnival... You bop one monster on the head and instantaneously another pops up on the other side of the board. While Alpha and Hansa were dominant, there are many more willing to take their place. The demand for accounts on The Dream Market was so high when AlphaBay went down that it created a Denial of Service (DoS) outage.
How is the dark web impacting cybersecurity as a whole?
It is enabling unskilled, but morally misguided individuals to get involved in the illicit profits of online crime with a simple search and a few dollars. You can buy any information, malware or services to acquire victims using Bitcoins and a bit of self-guided learning of jargon and techniques.
Would victims ever find out that their details are compromised if those credentials are never used?
Most victims only discover their information has been stolen when something bad happens or when they get a letter from a company acknowledging that their information has been stolen in a hack. It is almost impossible to identify your data as it is bought, sold and ripped off.
What advice would you give to people to make sure their details stay off the dark web?
Only share real details about your life when you have to. You have no obligation to join another service nor to share with them your real postal code, birth date or anything else. You need to be honest with your government, financial institutions and some other regulated entities, but the rest of the time consider adopting some alternate personalities.
When possible use long, unique passwords for each website, take advantage of multi-factor authentication when it is available and choose whom you trust your information with based on their track record of honesty and keeping others' information safe.