When we say “Dark Web” a lot of security professionals imagine criminals buying drugs with cryptocurrency- but they don’t always realize the damage dark web activity poses directly to their organization. According to McAfee and the Center for Strategic and International Studies (CSIS), cyber crime impacts the global economy around $600 billion annually, and many of these cyber crimes are hatched on the Dark Web. Activity on Dark Web communities and marketplaces has increased, and the number of harmful Dark Web listings has risen by 20% since 2016.
The number of attacks in2019 and the impact they’ve had is unprecedented. Capital One suffered the largest hack of a financial institution in history, while Fortnite’s 250 million users were warned about a third-party software cheat that encrypted files on their computer and demanded payment for them to be unlocked. As 2019 is wrapping up, we’re taking a look at some of the Dark Web trends that will carry us into 2020.
The Increasing Rise of Amateur Threat Actors
With just a little effort, anyone can dive into the Dark Web by downloading a Tor browser and setting up a VPN account and a disposable operating system. Aspiring hackers, also known as script kiddies or green hats, are usually young adults between 16 and 25 years old. Once these green hats are on the Dark Web, there are a lot of forums sharing information on hacking, and marketplaces selling tutorials, scripts, and hacking tools. With these types of resources so easily obtainable, an amateur threat actor can cause serious damage after just a few months of practice.
From the Dark Web to Instant Messaging Apps
Cyber criminals gravitate to the Dark Web for its anonymity. For the same reason, many are now starting to use instant messaging apps such as Telegram, QQ, WeChat, and Discord. Others may use Threema or Jabber that offer a Tor redirection. These platforms provide features like end-to-end encryption and auto-deleted messages, which makes tracking more difficult. Messaging apps are also being used to place bids on marketplace orders and hosting chat groups known as ‘channels’ to send messages to an unlimited number of subscribers. Responses to group messages can be private encrypted conversations about illicit job offers, stolen documents, or hacking tools. The safer threat actors feel they can communicate, the more they’re likely to share these tools and cyber crime opportunities and the harder they’ll be to track.
The Law Will Not Outwit the Dark Web Forums
We also expect some of the same storylines in 2020 that we’ve seen in 2019. Forums and marketplaces will get shut down and new or reincarnated ones will appear. Two major Dark Web sites were shut down earlier this year in a joint effort by law enforcement agencies that include the German Federal Criminal Police, Finnish Customs, various U.S. federal agencies and other European forces. The Wall Street Market described as "The world's second-largest Dark Web market”, and Valhalla (also known as Silkkitie), one of the oldest and most well-known Tor trading sites, were both shut down in 2019. Other earlier notable shutdowns include AlphaBay, Hansa, and 8chan.
Seizure by international law enforcement agencies isn’t the only reason sites are closed down. Some marketplace administrators have been implementing exit scams. Most markets handle transactions using an escrow system, with buyers and sellers both depositing money in an escrow hosted by the market site. An exit scam is often times preceded by a claim from the admin that the site is experiencing technical difficulties with promises that the site will reopen soon. In reality, they steal all the funds from the escrow and shut down the marketplace for good.
Breaches Will Continue to Break New Scale Frontiers
CapitalOne wasn’t the only big corporation to get hit with a significant breach in 2019. Major players like WhatsApp and Quest Diagnostics were also compromised. Cyber criminals were able to install a surveillance tool on phones of WhatsApp users who simply answered a call through the app. A breach at Quest Diagnostics exposed personal data of nearly 11.9 million patients, including credit card information and social security numbers.
John Walker, Professor at Nottingham Trent University, expects we will continue to see "successful Hacks and Security Breaches still happening on a Global Scale". But attacks don’t just happen to the big guys; businesses of any size and in any industry are susceptible to a breach. Cyber criminals will continue to find ways to share and sell personal data, payment information, and other illegal wares. With cyber criminals dynamically changing their methods to avoid detection, organizations should look to protect themselves in 2020 by adopting automated cyber threat intelligence (CTI) that can prevent attacks on their organization and customer data.
Cyber security Resolutions For 2020
The stolen data market will continue to grow in 2020 despite law enforcement efforts to curb Dark Web data selling. The value and lure of corporate, personal, and payment data will keep threat actors busy finding new ways to hide their activities. The rise in sophistication and number of attacks increases the impact on businesses and the importance to take action. The growing threat intelligence market is evidence of this trend, as it is estimated to grow to $12.9 billion by 2023, according to researchers from Markets and Markets.
Organizations need to understand the urgency of monitoring what's lurking on the Dark Web for indicators of threats to their business and customers. An automated CTI platform can prevent major data breaches and financial losses. Organizations of any type and any size are prone to breaches originating from the Dark Web.
For Dark Web visibility in 2020, contact Sixgill today for a demo of the most advanced CTI platform currently available.