Member Insights by Astute Technology Management
The threat of cyber attack is growing, disproportionately effecting small and mid sized businesses. According to Verizon’s 2018 Data Breach Investigations Report, small businesses are now 58% of all malware attack victims, while the Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses report found that cyber attacks affect 61% of SMBs in 2017, up from 55% in 2016.
What many business people might not understand is the role that the dark web plays in driving these threats. By providing criminals a safe place to exchange information and access the resources they need, the dark web helps perpetuate and spread many of the most dangerous threats sweeping the Internet, leading to direct financial damage on businesses in Ohio and elsewhere.
The Deep and Dark Parts of the Internet
What is the dark web? It’s a portion of the world wide web that runs on a different set of technology than the “clear” or regular web does. Accessing the dark web requires special software, most often the Tor browser, which uses encrypted connections and complex routing mechanisms to obscure the user’s IP addresses. This gives users of the dark web almost complete anonymity.
Don’t get the dark web confused with the “deep web” though, the concepts are quite different. The deep web refers to portions of the regular Internet that are, for a variety of reasons, unsearchable with regular engines like Google. While the deep web implies obscurity, the content there is not malicious. In fact, 96% of the web’s content is technically part of the deep web.
The Dark Web, Purpose-Built to Conduct Cybercrime
The anonymity of the dark web enables cybercriminals to sell a range of elicit goods and services with impunity. This includes stolen bank account information, credit card information, forged real-estate documents, social security numbers, and much more. Often, these materials can even be searched with narrowed parameters, such as “credit cards in Ohio,” allowing hackers to launch highly targeted attacks.
Here are the dark web products helping to propel cybercrime:
CaaS – Crime as a Service Kits
A malicious interpretation of the popular “as-a-service” cloud computing application, elite hackers have started developing and selling “crime-as-a-service” packages on the dark web. These provide amateur hackers everything they need to launch a sophisticated cyberattack using newly developed malware.
Crime-as-a-service kits have dramatically lowered the barrier of entry for cyber criminals, enabling novice hackers to purchase high-powered malware, like the SamSam ransomware that shuttered Colorado’s Department of Transportation last year, for around $1,000 per month. Basic credential stealing malware kits can be as low as just $13.
Distributed Denial of Service Attacks (DDoS)
DDoS attacks flood your computer network with access and resource requests, overwhelming their ability to process incoming data and eventually forcing them to shut down. A tried and true hacking method, the DDoS attack has just celebrated its twentieth birthday, and during that time has been responsible for an enormous variety of high-profile cyberattacks, like this one that flooded six major US banks with 60/Gbps of Internet traffic.
Just like the CaaS kits, the dark web has played a key role in making DDoS attacks easier and more frequent. In recent years, as access to criminal resources in the developing world has increased on the dark web, the cost of DDoS attacks has plummeted from about $100/hour in 2016 to just a fraction of that a year later.
Remote Desktop Protocol (RDP) Attacks
The Remote Desktop Protocol is a feature built into Microsoft operating systems that allows two servers to connect or communicate with each other. Aside from its core functionality, RDP offers other features like compressed video streaming and clipboard sharing, which has made it a popular tool for network administrators.
In recent years hackers have been selling access to compromised RDP systems for as little as $3 per credential, out of specialized shops on the dark web. These RDP credentials can be used to launch a wide range of attacks, including implanting costly ransomware in your network.
To learn more about how the dark web facilitates cybercrime, we recommend reading Deloitte’s report, Black Market Ecosystem: Estimating the Cost of Pwnership. It’s an in-depth exploration of how the dark web drives cybercrime and a valuable resource for businesses that are passionate about cyber defense.
Cybercriminals Are Born on the Dark Web
The scale of the cybercrime on the dark web is another important feature. Many of the largest dark web markets now have hundreds of thousands, even millions of registered users. With access to a huge variety of tools and resources, amateur hackers now experience a “gateway drug” type effect, in which they start by downloading a hacked Netflix account, then slowly progress onto more nefarious crimes as they realize how easy and profitable it can be.
To counteract this trend, it’s very important that each business — no matter their size — start to take cybersecurity seriously. At the very least, this means ensuring that your staff is employing password best practices uniformly across your network, and that multi-factor authentication is enabled on all your critical systems.
The next priority would be a comprehensive approach to training your employees. Studies have consistently demonstrated that employees are the weak link in the majority of cybersecurity incidents. Preparing employees to counteract the threats emanating from the dark web is an excellent place to begin improving the defenses at your company.
Ohio’s Trusted Cybersecurity Partner
The scarcity and high cost of cybersecurity talent makes ensuring robust cybersecurity difficult, which is why most organizations look for a partner to help them build and manage their security protections.
If you’re a business in Ohio that’s looking for a cybersecurity partner to help keep you safe, Astute Technology Management is happy to help. For over 20 years, we’ve been helping businesses in the Columbus and Cincinnati areas with every aspect of their cybersecurity, from the early assessment and analysis phases, through to proactive network security monitoring and maintenance. Astute Technology Management recently partnered with ID Agent to provide Dark Web Monitoring as a value added service to all our MSP clients and as an a la carte option. This service has proven invaluable in protecting small to medium sized businesses in Central and Southern Ohio from cybercrime. The service monitors business and personal email for breach activity and sale-ability on the dark web.