[This article is originally published in csoonline.com written by Darren Guccione - Uploaded by AIRS Member: Carol R. Venuti]

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

Dark web definition

The dark web is a part of the internet that isn't indexed by search engines. You've no doubt heard talk of the “dark web” as a hotbed of criminal activity — and it is. Researchers Daniel Moore and Thomas Rid of King's College in London classified the contents of 2,723 live dark web sites over a five-week period a couple of years ago and found that 57 percent host illicit material. 

You can buy credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. Buy login credentials to a $50,000 Bank of America account for $500. Get $3,000 in counterfeit $20 bills for $600. Buy seven prepaid debit cards, each with a $2,500 balance, for $500 (express shipping included). A “lifetime” Netflix premium account goes for $6. You can hire hackers to attack computers for you. You can buy usernames and passwords.

But not everything is illegal, the dark web also has a legitimate side. For example, you can join a chess club or BlackBook, a social network described as the “the Facebook of Tor.”

Note: This post contains links to dark web sites that can only be accessed with the Tor browser, which can be downloaded for free at https://www.torproject.org.   

Dark web browser

All of this activity, this vision of a bustling marketplace, might make you think that navigating the dark web is easy. It isn’t. The place is as messy and chaotic as you would expect when everyone is anonymous, and a substantial minority are out to scam others. 

Accessing the dark web requires the use of an anonymizing browser called Tor. The Tor browser routes your web page requests through a series of proxy servers operated by thousands of volunteers around the globe, rendering your IP address unidentifiable and untraceable. Tor works like magic, but the result is an experience that’s like the dark web itself: unpredictable, unreliable and maddeningly slow.

Dark web search engines exist, but even the best are challenged to keep up with the constantly shifting landscape. The experience is reminiscent of searching the web in the late 1990s. Even one of the best search engines, called Grams, returns results that are repetitive and often irrelevant to the query. Link lists like The Hidden Wiki are another option, but even indices also return a frustrating number of timed-out connections and 404 errors.

Dark web sites

Dark web sites look pretty much like any other site, but there are important differences. One is the naming structure. Instead of ending in .com or .co, dark web sites end in .onion. That’s “a special-use top level domain suffix designating an anonymous hidden service reachable via the Tor network,” according to Wikipedia. Browsers with the appropriate proxy can reach these sites, but others can’t.

Dark web sites also use a scrambled naming structure that creates URLs that are often impossible to remember. For example, a popular commerce site called Dream Market goes by the unintelligible address of “eajwlvm3z2lcca76.onion.”

Many dark websites are set up by scammers, who constantly move around to avoid the wrath of their victims. Even commerce sites that may have existed for a year or more can suddenly disappear if the owners decide to cash in and flee with the escrow money they’re holding on behalf of customers.

Law enforcement officials are getting better at finding and prosecuting owners of sites that sell illicit goods and services. In the summer of 2017, a team of cybercops from three countries successfully shut down AlphaBay, the dark web’s largest source of contraband, sending shudders throughout the network. But many merchants simply migrated elsewhere.

The anonymous nature of the Tor network also makes it especially vulnerable to distributed denial of service attacks (DDoS), said Patrick Tiquet, Director of Security & Architecture at Keeper Security, and the company’s resident expert on the topic. “Sites are constantly changing addresses to avoid DDoS, which makes for a very dynamic environment,” he said. As a result, “The quality of search varies widely, and a lot of material is outdated.”

Commerce on the dark web

The dark web has flourished thanks to bitcoin, the crypto-currency that enables two parties to conduct a trusted transaction without knowing each other’s identity. “Bitcoin has been a major factor in the growth of the dark web, and the dark web has been a big factor in the growth of bitcoin,” says Tiquet.

Nearly all dark web commerce sites conduct transactions in bitcoin or some variant, but that doesn’t mean it’s safe to do business there. The inherent anonymity of the place attracts scammers and thieves, but what do you expect when buying guns or drugs is your objective?

Dark web commerce sites have the same features as any e-retail operation, including ratings/reviews, shopping carts, and forums, but there are important differences. One is quality control. When both buyers and sellers are anonymous, the credibility of any rating system is dubious. Ratings are easily manipulated, and even sellers with long track records have been known to suddenly disappear with their customers’ crypto-coins, only to set up shop later under a different alias.

Most e-commerce providers offer some kind of escrow service that keeps customer funds on hold until the product has been delivered. However, in the event of a dispute don’t expect service with a smile. It’s pretty much up to the buyer and the seller to duke it out. Every communication is encrypted, so even the simplest transaction requires a PGP key.

Even completing a transaction is no guarantee that the goods will arrive. Many need to cross international borders, and customs officials are cracking down on suspicious packages. The dark web news site Deep.Dot.Web teems with stories of buyers who have been arrested or jailed for attempted purchases.

Is the dark web illegal?

We don’t want to leave you with the impression that everything on the dark web is nefarious or illegal. The Tor network began as an anonymous communications channel, and it still serves a valuable purpose in helping people communicate in environments that are hostile to free speech. “A lot of people use it in countries where there’s eavesdropping or where internet access is criminalized,” Tiquet said.

If you want to learn all about privacy protection or cryptocurrency, the dark web has plenty to offer. There are a variety of private and encrypted email services, instructions for installing an anonymous operating system and advanced tips for the privacy-conscious.

There’s also material that you wouldn’t be surprised to find on the public web, such as links to full-text editions of hard-to-find books, collections of political news from mainstream websites and a guide to the steam tunnels under the Virginia Tech campus. You can conduct discussions about current events anonymously on Intel Exchange. There are several whistleblower sites, including a dark web version of Wikileaks. Pirate Bay, a BitTorrent site that law enforcement officials have repeatedly shut down, is alive and well there. Even Facebook has a dark web presence.

“More and more legitimate web companies are starting to have presences there,” Tiquet said. “It shows that they’re aware, they’re cutting edge and in the know.”

There’s also plenty of practical value for some organizations. Law enforcement agencies keep an ear to the ground on the dark web looking for stolen data from recent security breaches that might lead to a trail to the perpetrators. Many mainstream media organizations monitor whistleblower sites looking for news.

Staying on top of the hacker underground

Keeper’s Patrick Tiquet checks in regularly because it’s important for him to be on top of what’s happening in the hacker underground. “I use the dark web for situational awareness, threat analysis and keeping an eye on what’s going on,” he said will. “I want to know what information is available and have an external lens into the digital assets that are being monetized – this gives us insight on what hackers are targeting.”

If you find your own information on the dark web, there’s precious little you can do about it, but at least you’ll know you’ve been compromised. Bottom line: If you can tolerate the lousy performance, unpredictable availability, and occasional shock factor of the dark web, it’s worth a visit. Just don’t buy anything there.

 

Categorized in Deep Web

[This article is originally published in news.bitcoin.com written by Kai Sedgwick - Uploaded by AIRS Member: Robert Hensonw]

In this latest edition of our periodic deep web series, we bring news of Tor 8 – the most feature-rich onion browser yet. We also take a first look at a clearnet web browser that trawls the darknet, and cover the fallout from the Alphabay shutdown, whose repercussions rumble on to this day.

Tor 8 Looks Great

The Tor Project has released its latest and greatest browser yet. Tor 8 is a slick looking beast compared to the Tor browsers of yore, partially thanks to its incorporation of Firefox Quantum, which allows for better page rendering and other subtle tweaks. With Tor 8, there’s a new welcome screen to guide first-time users through the process of connecting to the deep web, and there are additional security protections built in. A Tor Circuit button can now be used to switch servers at random, further obfuscating users’ connection route.

The Tor Project

The Tor Circuit button in action

Tor 8 comes with HTTPS Everywhere and Noscript, and it is recommended that users enable these add-ons, as they’re critical in maximizing anonymity while browsing the web. While the Tor browser is best known as a tool for navigating the dark web, it can also be deployed as a privacy-friendly clearnet browser which minimizes cookies and other web trackers. Finally, the new improved Tor makes it easier to circumvent firewalls in countries where internet censorship is rife. Its development team explains:

For users where Tor is blocked, we have previously offered a handful of bridges in the browser to bypass censorship. But to receive additional bridges, you had to send an email or visit a website, which posed a set of problems. To simplify how you request bridges, we now have a new bridge configuration flow when you when you launch Tor. Now all you have to do is solve a captcha in Tor Launcher, and you’ll get a bridge IP. We hope this simplification will allow more people to bypass censorship and browse the internet freely and privately.

Deep Web Gets a Clearnet Search Engine

Searching the deep web has traditionally been harder than with its clearnet counterpart. The absence of a darknet Google is arguably part of its appeal, making onion sites accessible only to those who know what they’re looking for. It was this barrier to entry that ensured sites like Silk Road were accessible solely to technically adept users in bitcoin’s early days. The deep web has opened up significantly since then, giving up its secrets, and in the same week that Tor released its most user-friendly browser yet, it’s perhaps fitting that a clearnet search engine for the deep web should launch. Onionlandsearchengine.com is a simple but effective tool for generating deep web search results without needing to first connect to the deep web.

Deep Web Gets a Clearnet Search Engine

Onionland deep web search engine

US Government Authorized to Seize Alphabay Suspect’s Assets

Long after deep web marketplaces have been shut down, the fallout continues to make its mark in US courtrooms. Silk Road, Hansa, and Alphabay’s legal wranglings periodically make the news, despite the years elapsed since the sites were first seized. As evidence of this, consider the ruling by a recent US magistrate judge granting the federal government permission to seize and sell millions of dollars worth of assets associated with Alexandre Cazes. The reputed Alphabay ringleader had $8 million of assets on his driveway alone at the time of this arrest in a string of high performance sports cars. Including cryptocurrencies, his total net worth was eventually calculated at $23 million.

US Government Authorized to Seize Alphabay Suspects Assets

The US government’s application for Alphabay asset seizure

Among the showier items in Cazes’ collection was a Lamborghini Aventador LP700-4 worth almost $1 million with a license plate that read “Tor”. The late Alphabay boss certainly wasn’t subtle, but for all his sins, it is hard not to feel sorry for the 25-year-old who wound up dead in a Bangkok cell from suicide, another needless victim of the war on drugs.

Categorized in Deep Web

[This article is originally published in howtogeek.com written by CHRIS HOFFMAN - Uploaded by AIRS Member: Olivia Russell]

Experian and many other companies are pushing “dark web scans.” They promise to search the dark web for your personal information to see if criminals are selling it. Don’t waste your money.

What is the Dark Web?

The “dark web” consists of hidden websites that you can’t access without special software. These websites won’t appear when you use Google or another search engine, and you can’t even access them unless you go out of your way to use the appropriate tools.

For example, the Tor software can be used for anonymous browsing of the normal web, but it also hides special sites known as “.onion sites” or “Tor hidden services.” These websites use Tor to cloak their location, and you only access them through the Tor network.

 What is the Dark Web

There are legitimate uses for Tor hidden services. For example, Facebook offers a Tor .onion site at facebookcorewwwi.onion, which you can only access while connected to Tor. This allows people in countries where Facebook is blocked to access Facebook. The DuckDuckGo search engine is available at a Tor hidden service address, too. This could also help evade government censorship.

But the dark web is also used for criminal activities. If you’re going to sell databases of people’s credit card and social security numbers online, you want to hide your location so the authorities won’t swoop in. That’s why criminals often sell this data on the dark web. It’s the same reason why the infamous Silk Road website, an online black market for drugs and other illicit things, was only available through Tor.

They’re Not Scanning the Entire Dark Web

Let’s get one thing straight: These services are not scanning the entire dark web for your data. That’s just impossible.

There are 1,208,925,819,614,629,174,706,176 possible site addresses on the dark web, and that’s just counting Tor .onion sites. It wouldn’t be possible to check each one to see if they’re online and then also look for your data on them.

Even if these services were scanning the entirety of the public dark web—which they’re not—they wouldn’t be able to see the exclusive stuff anyway. That would be exchanged privately and not made public.

What Does a “Dark Web Scan” Do, Then?

No company that offers a “dark web scan” will tell you what they do, but we can certainly make an informed guess. These companies are gathering data dumps made public on popular websites on the dark web.

When we say “data dumps,” we’re referring to big databases of usernames and passwords—as well as other personal information, like social security numbers and credit card details—that are stolen from compromised websites and released online.

Rather than scanning the dark web, they’re scanning lists of leaked passwords and personal information—which, admittedly, are often found on the dark web. They’ll then inform you if your personal information is found on one of the lists they could get their hands on.

However, even if a dark web scan says you’re fine, you might not be—they’re only searching the publicly available leaks to which they have access. They can’t scan everything out there.

How to Monitor Data Breaches for Free

How to Monitor Data Breaches for Free

Behind all the “dark web scan” hype, there’s a somewhat useful service here. But, guess what: You can already do much of this for free.

Troy Hunt’s Have I Been Pwned? will tell you whether your email address or password appears in one of 322 (and counting) data dumps from websites. You can also have it notify you when your email address appears in a new data dump.

This service doesn’t scan to see if your social security number is included in any of these leaks, as dark web scans promise to do. But, if you’re just looking to see if your credentials have leaked, it’s a useful service.

As always, it’s a good idea to use unique passwords everywhere. That way, even if your email address and password from one website appear in a leak, criminals can’t just try that combination on other websites to gain access to your accounts. A password manager can remember all those unique passwords for you.

Face the Facts: Your Data Is Already Stolen

You might still be thinking a dark web scan could be useful. After all, it tells you whether your social security number appears in any data dumps. That’s useful, right?

Well, not necessarily. Look, you should probably assume that your social security number has already been compromised and criminals can access it if they like. That’s the harsh truth.

Huge breaches have been coming hard and fast. Equifax leaked 145.5 million social security numbers. Anthem leaked the information of 78.8 million people, including social security numbers. The United States Office of Personnel Management (OPM) leaked sensitive information on 21.5 million people, too—again, including social security numbers.

Those are just a few examples. There have been many other leaks over the years—a few million here, a few hundred thousand there. And that’s just the data breaches that have been publicly reported. Statistically speaking, most Americans have probably had their social security numbers leaked in at least one of these data breaches by now. The genie is out of the bottle.

Freeze Your Credit; It’s Free Now

Freeze Your Credit Its Free Now

If you’re concerned about someone abusing your social security number, we recommend freezing your credit reports. Credit freezes (and unfreezes) are now free across the entire USA.

When you freeze your credit, you’re preventing people from opening new credit in your name. Any lending institution won’t be able to pull your credit until you unfreeze it or provide a PIN. You can temporarily unfreeze your credit when you want to apply for credit—for example, when you’re applying for a credit card, car loan, or mortgage. But a criminal shouldn’t be able to apply for credit with your personal information if your credit reports are frozen.

We recommend just freezing your credit reports and skipping the dark web scan. Unlike a dark web scan, credit freezes are free. They also do something—even if your social security number is found in a dark web scan, all you can do is freeze your credit anyway. And criminals might get their hands on your social security number even if it doesn’t appear in a dark web scan.

Categorized in Deep Web

[This article is originally published in phys.org written by Frédéric Garlan - Uploaded by AIRS Member: Deborah Tannen] 

For years criminal websites shrouded in secrecy have thrived beyond the reach of traditional search engines, but a group of French engineers has found a way to navigate this dark web—a tool they don't want to fall into the wrong hands.

"We insist on this ability to say 'no'," Nicolas Hernandez, co-founder and CEO of Aleph Networks, says at the company's offices near Lyon, in the heart of France's Beaujolais wine country.

He said Aleph refused 30 to 40 percent of licensing requests for its "Google of the dark web," based on reviews by its ethics committee and input from its government clients.

Most web users never venture beyond the bounds of sites easily found and accessed with casual web surfing.

But people and sites seeking anonymity can hide behind layers of secrecy using easily available software like Tor or I2P.

These sites can't be found by searching: instead, users have to type in the exact URL string of often random characters.

In an authoritarian regime, a protest movement could use the secrecy to organize itself or connect with the outside world without fear of discovery.

But the dark web is also ideal for drug and weapon sales, people-smuggling and encrypted chat-room communications by terrorists.

When Aleph's co-founder Celine Haeri uses her software to search for "Glock", the Austrian pistol maker, several sites offering covert gun sales instantly pop up.

A search for Caesium 137, a radioactive element that could be used to create a "dirty" nuclear bomb, reveals 87 dark web sites, while another page explains how to make explosives or a homemade bazooka.

Arms smugglers find the dark web particularly useful

Arms smugglers find the dark web particularly useful

"Some even advertise the stars they've gotten for customer satisfaction," Hernandez said.

Uncharted territory

Over the past five years, Aleph has indexed 1.4 billion links and 450 million documents across some 140,000 dark web sites.

As of December, its software had also found 3.9 million stolen credit card numbers.

"Without a search engine, you can't have a comprehensive view" of all the hidden sites, Hernandez said.

He and a childhood friend began their adventure by putting their hacking skills to work for free-speech advocates or anti-child abuse campaigners while holding down day jobs as IT engineers.

Haeri, at the time a teacher, asked for their help in merging blogs by her colleagues opposed to a government reform of the education system.

The result became the basis of their mass data collection and indexing software, and the three created Aleph in 2012.

They initially raised 200,000 euros ($228,000) but had several close calls with bankruptcy before finding a keen client in the French military's weapon and technology procurement agency.

"They asked us for a demonstration two days after the Charlie Hebdo attack," Hernandez said, referring to the 2015 massacre of 12 people at the satirical magazine's Paris offices, later claimed by a branch of Al-Qaeda.

Terror atttacks in 2015 focused French authorities minds on the dark net

Terror attacks in 2015 focused French authorities' minds on the darknet

"They were particularly receptive to our pitch which basically said if you don't know the territory—which is the case with the dark web—you can't gain mastery of it," Haeri added.

Ethical risks

The ability to covertly navigate the dark web is a holy grail for security services trying to crack down on illicit trafficking and prevent terror attacks.

The US government's Defense Advanced Research Projects Agency (DARPA) has been working on a similar project, called Memex, for years.

Aleph plans to soon add artificial intelligence capabilities to its software, which would recognize images such as Kalashnikov rifles or child abuse victims, or alert businesses to potential copyright infringement.

Its revenues are expected to reach around 660,000 euros this year, a figure it hopes to double in 2019.

That has attracted the attention of investors as Aleph steps up efforts to add more private-sector buyers to its roster of government clients.

But as more people and businesses start using Aleph's search engine, the risk increases that criminal organizations or hostile governments will eventually gain access.

The challenge will be to grow while setting out clear guidelines for handling the thorny ethical questions.

But Hernandez insisted he would remain vigilant, comparing his role to that of the "Protectors of the City" in ancient Greek democracies.

Categorized in Deep Web

[This article is originally published in hothardware.com written by Rod Scher - Uploaded by AIRS Member: Jasper Solander] 

We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides but is difficult to unearth for the uninitiated.

Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.

Karl1 Karl Swannie is the CEO of Echosec, the company behind Beacon.

"Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec CTO Michael Raypold. "We’ve designed Beacon to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the dark web as easy as using a surface web search engine."

The idea behind Beacon is that it can be used by a company to potentially head off -- or at the very least mitigate -- a potential disaster. Since the bulk of the data on the dark web is essentially unstructured, the Echosec team crawled the dark web, indexed its content and then build a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the dark web.

beacongrabWith Beacon, dark web data can be searched by a variety of criteria. Specific types of data (credit cards, emails, etc.) can be searched for explicitly.

Keep in mind, of course, that not everything on the dark web is illegal.

Says Raypold, "The dark web is a place where you can source illegal or illicit materials because the inherent privacy and anonymity baked into platforms like the TOR network makes buying and selling these goods easier to achieve without repercussions. However, that isn’t to say everything on the dark web is illegal. News organization like the NYTimes and Pro Publica maintain Onion sites for their more privacy-conscious users and to help disseminate news that might otherwise be censored." Still, much of the dark web's content was acquired illegally and can be misused to spread misinformation, victimize vulnerable populations, execute social engineering exploits, or engage in various forms of identity theft.

We all know that information in the wrong hands can be dangerous. Raypold cites the story of Coca-Cola's attempt, some years back, to acquire a Chinese soft drink company. Unbeknownst to high-level Coca-Cola executives, the company's secret plans and negotiation tactics were in fact not secret at all, because Coca-Cola had been previously hacked, thanks to a phishing email opened by a Coca-Cola exec.

Beacon did not exist at that time (2009), but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web; if so, Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. (In the end, the acquisition fell through, most likely because Coca-Cola -- having lost control of its confidential information -- had also lost any leverage it might have had in the negotiations.)

The goal of Beacon, says Raypold, is to allow companies to easily examine data on the dark web as a way of locating the potentially harmful information that’s stored there: this could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. After all, if your data has been compromised, it's always better to know than not to know.
MikeMike Raypold is the CTO of Echosec, LTD.

"Beacon allows teams to more quickly identify and respond to information that can materially damage a company’s brand and consumer trust," says Raypold. "Being able to quickly identify a sensitive problem also means that you can start putting a solution in place and notify your customers before they find out through other means."



Of course, a security tool is but another weapon in the wrong hands, and weapons can be misused; it's one thing for a pen-tester or white-hat hacker to be in possession of systems that can locate or uncover data, but what about someone finding a way to misuse Beacon? While Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger.

"First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced," says Raypold. "If a potential customer cannot pass the use-case approval process, they do not get access to the system."

Beacon Black

Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.

"The checks built into the platform will outright prevent some searches from being run so that users never receive data that we perceive could be used with malicious intent. Furthermore, some of the vendors from whom we source data have asked us to prevent certain queries from being run, regardless of a customer's use case," says Raypold. (Naturally, the company publishes an "acceptable use" policy, which can be found here.)

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets, and other sensitive data. White-hat hackers -- such as pen-testers -- could conceivably be a market as well, but the company feels that would be fairly uncommon. And if it did occur, it would simply be viewed as an example of contracted security experts acting on behalf of the ultimate corporate customer.

However, (and by whomever) Beacon is used, it looks as if the murky landscape of the dark web is no longer quite as dark as it once was.

Categorized in Deep Web

Source: This article was Published cnbc.com By Arjun Kharpal - Contributed by Member: Martin Grossner

  • The dark web is a hidden portion of the internet that can only be accessed using special software.
  • TOR, or The Onion Router, is a popular anonymous browsing network used to connect to the dark web.
  • While the dark web offers anonymity and a way to bypass internet censorship, it is commonly associated with illegal activities such as the buying and selling of drugs and other contraband.

The so-called dark web, a portion of the hidden internet, is usually associated with a host of illegal activities including the buying and selling of drugs, firearms, stolen financial data and other types of valuable information. The selling point? Total anonymity.

That may sound nefarious, but some experts argue that the dark web is also useful in circumventing internet censorship.

While most people spend their time online on what is known as the surface web — the portion of the World Wide Web that can be accessed with standard browsers and search engines — it has become relatively easy for anyone to access the dark web.

The dark web is a small subset of the deep web, which is part of the internet that is not found using search engines. That includes many websites that require users to log in with a username and password, and the deep web is estimated to be about 400 to 500 times larger than the common internet. The dark web is relatively smaller — it is made up of a series of encrypted networks that is able to hide users' identities and locations and can only be accessed with special software.

The most popular of those networks is called TOR, or The Onion Router, which was developed initially for government use before it was made available to the general public.

"When people typically refer to the dark web, a lot of the time they're referring to a portion of the internet that's accessible using an anonymous browsing network called TOR," Charles Carmakal, a vice president at cybersecurity firm FireEye, told CNBC's "Beyond the Valley" podcast.

One of the primary functions of the TOR network is that it allows users to access ".onion" pages, which are specially encrypted for maximum privacy.

Carmakal explained that TOR also lets users connect to normal websites anonymously so that their internet service providers cannot tell what they're browsing. Similarly, the websites will not be able to pinpoint the location of the users browsing their pages.

On the TOR browser, the connection requests are re-routed several times before reaching their destination. For example, if a user in Singapore is trying to connect to a website in London, that request on a TOR browser could be routed from Singapore to New York to Sydney to Capetown to, finally, London.

According to Carmakal, a service like TOR is a useful tool for many users to bypass state censorship and crackdowns on the internet. With it, he said, they can communicate with the free world without any repercussions. The service is also used by journalists and law enforcement, he said.

Still, the term dark web today is commonly associated with illegal activities. In recent years, a number of high-profile marketplaces on the dark web were taken down for selling drugs and other contraband, including Silk Road, AlphaBay and Hansa.

Law enforcement agencies around the world have been working hard to take down communities on the dark web that criminals use, according to James Chappell, co-founder of a London-based threat intelligence company Digital Shadows.

Hansa, for instance, was taken down by the Dutch national police last year after authorities seized control of the marketplace. In a press release, the officials said they had collected around 10,000 addresses of buyers on the marketplace and passed them onto Europol, the European Union's law enforcement body.

"It was very interesting to see the effect this had. Initially, we thought that lots of websites would come back online, just replacing Hansa as soon as it was taken down," Chappell told, "Beyond the Valley." Instead, a lot of the users moved away from TOR and onto message-based services like Discord and Telegram, he said.

Categorized in Deep Web

 Source: This article was Published smallbusiness.co.uk By Ben Lobel - Contributed by Member: Clara Johnson

Criminals are looking for small businesses' data to sell on the dark web. Here, we look at how to be vigilant.

Most small businesses don’t give two hoots about the ‘dark web’, the part of the World Wide Web that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.

As far as many are concerned, the dark web is a murky place where dodgy criminals congregate to buy and sell things like weapons and drugs. It feels like a world apart from everyday business.

In today’s world, though, that’s a dangerous mindset to have. The truth is that, while criminals have been using the dark web for years to sell illegal items, they’re also using it more and more these days to sell something more valuable — stolen and leaked corporate data.

Today, every business has a wealth of valuable data, whether it’s employees’ personal details, corporate credit cards or sensitive client information. Criminals want to get their hands on that, so they can then sell it on the dark web to make some easy money. And it’s not just the criminals who want your data.

‘Hacktivists’ will happily steal from you and post your data online for free just to win kudos or because they want to damage your company reputation. Ex-employees can copy data to a USB or email it to themselves at home and then either deliberately leak it or suffer a breach themselves. And ‘script kiddies’ run automated scans to find vulnerable websites and servers for easy pickings.

The easiest victims to pick on are the small ones

And it’s not just the big firms who are targets. Small businesses are equally at risk, if not more so because they often lack the cybersecurity resources to deal with the problem. And every industry is equally at risk. The truth is that passwords, corporate credit cards, employee personal details, client information and so on are equally valuable whether they come from a big company or small, in manufacturing or in retail. The opportunistic nature of cybercrime makes the perpetrators blind to industry or size — and once perpetrators get hold of your data, they can wreak havoc with it. With corporate credit cards, criminals can buy what they want. With employee personal details, they can target victims with phishing attacks and fraud, and with client information, they can blackmail you.

Jeremy Hendy, CEO of cyber intelligence solutions company RepKnight, says he sees thousands upon thousands of dark web dumps every day of client login details (yes, with passwords). And most of the organisations to whom the data belongs have no idea these sales are happening because the dark web is, well, hidden. ‘The relatively low risk of getting caught (because the dark web affords strong anonymity) combined with the chance to make a lot of money (or at least show off) makes the dark web an incredibly attractive place for cybercriminals,’ Hendy says.

So, what can we do about it? First, we need to change the way we think about cybersecurity.

How AI and Big Data Impact the Structure of the Financial Industry

Protecting your network is a poor way to protect your data, Hendy says. ‘Protect your network, and your data’s safe, right? Wrong. Protecting your network is a poor way to protect your data.

‘Consider it from a parenting point of view. To protect your children (your data), you can install video cameras to the outside of your house and build a big fence around the perimeter of your property to deter kidnappers from getting in (expensive and complex).

‘But what about those times when your children need to leave your property, which will happen pretty much every day? Once your children have left the safety of the house, your house’s protection is useless.’

The same goes for data, he adds. The nature of modern business dictates that your data no longer live within the perimeter of your network protection. It has already flown the nest and has scattered into the online stratosphere through email and collaboration with third-party partners and suppliers.

“Even with the strongest network security, you’re still at risk of having a cybercriminal gain access to your network”

Hendy says that RepKnight recently did an audit of its own data and quickly found that there were around 35 partners, systems and places that were storing the data — all outside of its own network. ‘And we’re a small company, so imagine how that’s going to be magnified for larger organisations.’

Once that data leaves your network, its safety is well and truly out of your control. ‘But unlike children, once your data has left your perimeter it is at risk of being duplicated and leaked, so even if your data does return to the safety of your network, a copy will almost certainly exist elsewhere,’ Hendy says.

Even with the strongest network security, you’re still at risk of having a cybercriminal gain access to your network without your knowledge through the use of ‘compromised credentials’.

‘These kinds of attacks are on the rise because so many people use the same password across various accounts like banking, social media, online shopping and much more.

‘If one of those third parties suffers a breach, chances are they’ve unwittingly handed over the login credentials to your company network, giving criminals the chance to snoop around undetected and steal whatever they want. By the time you find out — which is usually after 450 days after the breach first happened — it’s too late to do anything about it.’

How to combat the threat of the dark web and protect your data

  • Change the focus from network protection to data protection — with an acceptance that your data has already ‘left the building’.
  • Weigh up your options. For most companies, combatting the threat of the dark web is not something that you can do manually. Not only is it hidden, it’s dangerous (rife with malware and phishing sites — there’s no honor amongst thieves) and horrifying (you’ll see things you wish you could un-see and perhaps earn yourself a surprise visit from law enforcement agencies). The dark web is definitely ‘not safe for work’.
  • Consider advanced, automated monitoring software that continuously looks for your data in places where it shouldn’t end up — like dark web marketplaces and bin and dump sites. If the monitoring system finds something it believes to be yours, it should tell you immediately, alerting you to a potential breach you might not even know about yet.
  • Be aware that data monitoring is like tracking your children through GPS. If they go missing, you’ll at least be able to see where they end up. So, if you can track your data in this way, you can do something about it when things go wrong. And so, with today’s technology, there’s no reason for the dark web to remain a hidden threat to small businesses.

Categorized in Search Engine

 Source: This article was Published securityintelligence.com By Jasmine Henry - Contributed by Member: Deborah Tannen

The dark component of the deep web is the primary highway for the exchange and commerce among cybercriminal groups. In fact, very few cybercriminals work alone. Eighty percent of cybercrime is linked to criminal collectives, and stolen data-shaped goods surface rapidly on darknet forums and marketplaces following cybersecurity incidents with data loss.

Adapting to these trends is essential. Organizations with the ability to extract threat intelligence from data-mining these elusive online sources can achieve a significant security advantage.

Deep Web and Darknet: What’s the Difference?

The part of the web accessible through search engines and used for everyday activities is known among researchers as the surface web. Anything beyond that is defined as the deep web. While estimates vary, some researchers project there is 90 percent more deep websites than surface ones, according to TechCabal. In the deep web are unindexed websites that are not accessible to everyday Internet users. Some restrict access, others are routed through many layers of anonymity to conceal their operators’ identity.

Darknet websites and technologies are a subset of the deep web classification, which consists of sites intentionally hidden and generally only accessible through technologies like The Onion Router (Tor), a software that facilitates anonymous communication, or peer-to-peer (P2P) browsers. This hidden web is closely associated with anonymity and (in some cases) criminal activity supported by open exchange and collaboration between threat actors.

How to Draw Dark Threat Intelligence

“Dark web intelligence is critical to security decision-making at any level,” said Dave McMillen, senior analyst with X-Force IRIS at IBM X-Force Incident Response and Intelligence Services (IRIS). “It is possible to collect exploits, vulnerabilities and other indicators of compromise, as well as insight into the techniques, tactics, and procedures [TTPs] that criminals use for distinct knowledge about the tools and malware threat actors favor.”

When this real-time threat data is filtered through sufficient context and separated from false positives, it becomes actionable intelligence. McMillen believes there are several ways organizations can benefit from dark-sourced intelligence. These benefits include understanding emerging threat trends to develop mitigation techniques proactively. Dark-source intelligence could also help with identifying criminal motivations and collusion before attacks. It could even aid in attributing risks and attacks to specific criminal groups.

How to Identify Darknet Security Risks

For expert threat researchers like McMillen, patterns of deep web activity can reveal an attack in progress, planned attacks, threat trends or other types of risks. Signs of a threat can emerge quickly, as financially-driven hackers try to turn stolen data into profit within hours or minutes of gaining entry to an organization’s network.

The average time it takes to identify a cybersecurity incident discovery is 197 days, according to the 2018 Cost of a Data Breach Study from the Ponemon Institute, sponsored by IBM. Companies who contain a breach within 30 days have an advantage over their less-responsive peers, saving an average of $1 million in containment costs.

“Employing dark web monitoring solutions that allow the use of focused filters to identify key phrases, such as your brand and product names, that may contain information that can negatively affect your organization is a good start in your effort to glean useful intelligence from the dark web,” McMillen said.

The collected data should then be alerted and routed through a human analysis process to provide actionable insights. Context-rich threat intelligence can reveal many different forms of risk.

1. Organization or Industry Discussion

Among the key risk factors and threats are mentions of an organization’s name in forum posts, paste sites, channels or chatrooms. Contextual analysis can determine whether threat actors are planning an attack or actively possess stolen data. Other high-risk discussions can surround niche industries or verticals, or information on compromising highly-specific technologies employed by an organization.

2. Personally Identifiable Information (PII) Exchange

When a breach has occurred, the sale of PII, personal health data, financial data or other sensitive information can be indicative of the aftermath of an attack. A single data record can sell for up to $20, according to Recorded Future. This data is generally stolen en-masse from large organizations — such as credit agencies and banks — so a few thousand credit card numbers can turn a huge profit.

Unsurprisingly, 76 percent of breaches are financially motivated, according to the 2018 Data Breach Investigations Report from Verizon.

3. Credential Exchange

Lost or stolen credentials were the most common threat action employed in 2017, contributing to 22 percent of data breaches, according to the Verizon report. While the presence of usernames and passwords on paste sites or marketplaces can indicate a data breach, contextual analysis is required to determine whether this is a recent compromise or recycled data from a prior incident.

In May 2018, threat intelligence company 4iQ uncovered a massive floating database of identity information, including over 1.4 billion unencrypted credentials.

“The breach is almost two times larger than the previous largest credential exposure,” Julio Casal, founder of 4iQ, told Information Age.

4. Information Recon

Social engineering tactics are employed in 52 percent of attacks, according to a February 2018 report from security company F-Secure. Collusion around information recon can surface in both open and closed-forum exchanges between individual threat actors and collectives.

5. Phishing Attack Coordination

As phishing and whaling attacks become more sophisticated, deep web threat intelligence can reveal popular TTPs and risks. Coordination around information recon is common. Threat actors can now purchase increasingly complex phishing-as-a-service software kits and if defenders are familiar with them, they can better educate users and put the right controls in place.

dir=”ltr”>Although malicious insiders cause fewer breaches than simple human error, the darknet is an established hub for criminal collectives to recruit employees with network credentials for a sophisticated attack. Dark Reading tracked nearly twice as many references to insider recruitment on darknet forums in 2016 as in 2015.

7. Trade Secrets and Sensitive Asset Discussions

Trade secrets and competitive intelligence are another lucrative aspect of threat actor commerce that can signal risks to researchers. In one recent incident reported by CNBC in July 2018, a likely Russian cybercriminal sold access to a law firm’s network and sensitive assets for $3,500. Having had that information ahead of time could have saved the victim time, money, and reputational damage.

What Are the Challenges to Deriving Value From Dark Sources?

While there is clear strategic and tactical value to darknet threat intelligence, significant challenges can arise on the road to deep web threat hunting and data-mining. For instance, it’s not ideal to equip security operations center (SOC) analysts with a Tor browser. The potential volume of false positives based on the sheer size of the hidden web necessitates a more effective approach.

“The dark web is fragmented and multi-layered,” McMillen said.

When researchers discover a credible source, it generally requires hours to vet intelligence and perform a complete analysis. Darknet commerce has also grown increasingly mercurial and decentralized as law enforcement tracks criminal TTPs as they emerge. Security leaders who can overcome these barriers have the potential to significantly improve security strategy in response to emerging threat trends and risk factors.

The 2018 Artificial Intelligence (AI) in Cyber-Security Study from the Ponemon Institute, sponsored by IBM Security, discovered that artificial intelligence (AI ) could provide deeper security and increased productivity at lower costs. Sixty-nine percent of respondents stated that the most significant benefit of AI was the ability to increase speed in analyzing threats.

As leaders consider how to deepen adoption of dark threat intelligence, it’s valuable to understand that not all intelligence sources can adequately capture the full scope of threat actor exchange on this vast, fast-morphing plane. Relying on stagnant, outdated or fully automated technologies may fail to mitigate important risks. The best mode of protection is one which combines the intelligence of skilled human researchers and AI to turn raw data into actionable intelligence effectively.

Categorized in Deep Web

Source: This article was Published techrepublic.com By Alison DeNisco Rayome - Contributed by Member:James Gill

Worried about cybersecurity? Here are 10 activities that take place on the Dark Web that organizations should watch out for.

In the wake of seemingly constant high profile breaches, organizations are taking precautions to protect against cyber attacks, including raising security budgets and educating employees. However, the cost of a breach can be enough to significantly harm a company's finances and reputation: The average total cost of a data breach is $3.86 million, according to a recent Ponemon Institute report.

The ongoing risk of attack has led some organizations to seek new ways to proactively monitor the Dark Web for lost or stolen data, according to a Wednesday report from Terbium Labs.

1. Doxing of a company VIP

Dark Web and clear websites like Pastebin are a dumping ground for personal, financial, and technical information with malicious intent, the report said. There is often a motivation behind these posts, such as political beliefs, hacktivism, vigilantism, or vandalism. For example, the executive of a wealth management firm was included in a large-scale dox as the result of their political contributions, the report noted.

2. Full PANs, BINs, and payment cards for sale

The economy for payment cards on the Dark Web is strong, with a single card costing between $5 and $20. Sellers update markets with new cards regularly—sometimes even daily, the report said. And business and platinum cards will net criminals a higher price than average cards.

3. Guides for opening fraudulent accounts

On the Dark Web, you can find guides for sale that contain detailed, step-by-step instructions on how to exploit or defraud an organization, the report said. The guide serves two purposes: Criminals learn how to break into a company's systems and processes, and the company's brand name is promoted to criminals as a result of the listing. For example, when a major US bank changed security policies, criminals updated guides with techniques to get around those changes.

4. Proprietary source code

A leak of source code can allow competing companies to steal intellectual property, and also allow hackers to review the code for potential vulnerabilities to be exploited, according to the report. Leaks of source code from tech giants will make the news, but source code from others is regularly leaked on sites like Github and Pastebin, as developers seek advice and input from others, the report noted.

5. Dump of a database

Third-party breaches can put organizations at risk by revealing employee credentials that can unlock other accounts or provide information for phishing attacks. For example, if criminals can post an internal database, it reveals private contracts or partnerships between organizations and employee locations.

6. Template to impersonate a customer account

The Dark Web is full of account templates that allow hackers to pose as customers of financial institutions, telecommunications companies, and other service providers, the report noted. These templates are then used to solicit loans, open accounts, or as part of a broader scheme for identity theft or fraud.

7. Connections between employees and illicit content

Posts doxing individuals who engage in illegal activities on the Dark Web, such as child exploitation, can draw undue negative attention to their employers or affiliated organizations. For example, one post listed the full contact information for a tech company that accidentally provided tech support to a child exploitation site.

8. W2s and tax-fraud documents

Each year before tax season, there is a rush of Dark Web activity to gather compromised identity information and file fraudulent tax returns before the actual taxpayer can do so, the report said. This tax fraud is enabled by the sale of W2s and other tax fraud-specific documents, which can be tied back to the employers where those documents came from originally.

9. Secure access and specialty passes

While most of the materials on the Dark Web are for generalized personal information, vendors sometimes offer special access materials, ranging from amusement park tickets to military IDs. For example, one Dark Web market offered physical press passes designed to help cybercriminals pass as journalists at events, the report found.

10. Inexpert Dark Web searching

Despite the need to keep tabs on Dark Web activity, security vendors can accidentally expose an organization to harm by searching for information related to the company on the Dark Web. For example, one vendor searched for a CISO's name so many times on a now-defunct Dark Web search engine that the name made it to the front page of the site under "trending," the report noted.

Categorized in Deep Web

 Source: This article was published prweb.com - Contributed by Member: Barbara Larson

An NYC area IT consultant and MSP reviews the dangers of the dark web and how to stay safe online in a new article from eMazzanti Technologies.

The informative article first clarifies common misconceptions about the dark web then lists steps to protect personal data and business assets. Readers are urged to work with data security professionals to achieve the best results.

“Understanding the dark web is helpful in protecting valuable business data,”

stated Jennifer Mazzanti, CEO, eMazzanti Technologies. “Modern cyber-security technology and best practices are designed to keep sensitive information from falling into the hands of the bad actors lurking there.”

Dark Web vs. Deep Web

“Contrary to some reports, the dark web does not include over 90 percent of the internet. This common misconception arises from confusion between two related terms. In reality, the internet includes several layers.”

“Deep web – Also known as the invisible web, this is by far the largest layer of the internet, with over 90 percent of all internet content. The bulk of this information involves perfectly legal content that is not indexed by the standard search engines. Your medical records, banking information and other member-only websites live here.”

“Dark web – Sites on the dark web are accessible only with special software that allows users to communicate and transact business anonymously. While this creates a haven for criminals, it also serves a legitimate purpose for whistleblowers, activists, and victims who need to remain anonymous.”

Identity Theft and the Dark Web

“If the dark web includes only about three percent of the internet, do I need to be concerned? Yes. Remember Equifax and Target? Whenever a website experiences a data breach involving personally identifiable information, that information will almost certainly appear for sale on the dark web, likely within hours.”

Navigate the Web with Expert Guides

Business leaders should keep in mind that a breach of company systems means not only data loss but also potentially a loss of reputation. To guard critical data, employ multi-layer security. For merchants, if EMV chip technology not already been implemented for point of sale (POS) systems, they should do that now.

As with any potentially dangerous territory, the internet is a much safer place when working with an experienced guide. The experts at eMazzanti build strategies to keep personal and business data safe. Whether implementing secure cloud solutions or tapping into eMazzanti’s considerable retail security expertise, business leaders can count on getting the protection they need.

About eMazzanti Technologies

eMazzanti’s team of trained, certified IT experts rapidly deliver retail and payment technology, digital marketing services, cloud and mobile solutions, multi-site implementations, 24×7 outsourced network management, remote monitoring and support to increase productivity, data security and revenue growth for clients ranging from law firms to high-end global retailers.

eMazzanti has made the Inc. 5000 list eight years running, is a 2015, 2013 and 2012 Microsoft Partner of the Year, 2016 NJ Business of the Year, 5X WatchGuard Partner of the Year and one of the TOP 200 U.S. Microsoft Partners! Contact: 1-866-362-9926, info(at)emazzanti.net or http://www.emazzanti.net Twitter: @emazzanti Facebook: Facebook.com/emazzantitechnologies.

Categorized in Deep Web
Page 2 of 9

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now