A police sting on the German-Danish border in January 2021 resulted in the arrest of a 34-year-old Australian who is accused of running one of the world’s largest illegal online marketplaces.
DarkMarket, as it was dubbed, was a dark web marketplace with half a million users and 2400 vendors selling everything from drugs to fake passports and stolen credit card information. The website was worth an estimated $220 million in Bitcoin and Monero coins.
While the takedown of DarkMarket was noteworthy, the fact remains that its alleged operator, “Julian K,” is one of the few dark web “powerhouses” to have been apprehended.
Cybercriminals operate with complete impunity on the dark web, according to Tom Kellermann, who leads VMware’s cybersecurity strategy in the United States.
Kellermann also serves on the US Secret Service’s newly formed cyber investigations advisory board, which is assisting the agency in modernising its operations to combat financial crime.
“Despite the fact that cybercrime is law enforcement’s top concern worldwide, just 2% of online bank heists result in a successful prosecution, and the average theft is worth at US$6 million [A$8 million],” Kellermann said.
“If you rob a bank in the United States at gunpoint, you have a 97 percent chance of being apprehended, and on average, you’ll steal roughly US$10,000 [A$13,600],” he claims, citing Secret Service numbers.
What is the dark web?
The dark web is the internet’s version of a black market. Because it is purposefully hidden and requires a specialised browser to access, most people will never see or interact with it.
TOR, often known as “The Onion Router,” is the most commonly used browser. Accessing the TOR network is not banned in Australia or New Zealand, but accessing its forums is.
“It’s the same as if you were attempting to buy or sell anything illegally in the real world. “The same rules apply to you,” says Josh Lemon, a trained instructor at the SANS Institute, a cybersecurity and training centre.
Cybercriminals can establish webpages on the dark web that aren’t indexed (or searched) by normal search engines like Google.
Virtual private networks (VPNs) and other anonymizing technologies are also used to obscure information about users, such as their geographic location.
Cryptocurrencies are used to make payments on the dark web, and illegally obtained products are frequently delivered by gig worker delivery services, which are more difficult to track than the postal service.
Consider the internet ecosystem as an iceberg. The “world wide web” that we are familiar with is only the visible portion of the iceberg (the top 5%).
The “deep web,” which accounts for over 90% of the world’s websites, is located beneath the water. The “black web,” which makes up between 5% and 10% of the iceberg, lies beneath the deep web.
It is common to use the phrases “deep web” and “black web” interchangeably, although this is inaccurate. The only thing they have in common is that neither of their websites are searchable.
Much of the content on the huge deep web, on the other hand, is genuine and legal.
When we do online banking, utilise a private social media account, access a work intranet, or access our medical information, we use the deep web — in other words, the deep web is any website that requires access through a specialised channel.
Some users like the deep web’s privacy and the fact that their browsing history aren’t tracked.
The New York Times’ website is hosted on the deep web, allowing users in countries where internet access is highly banned to read its content.
The dark web‘s value is astounding, especially given its small size. Annually, it is estimated to be worth between US$1 trillion (A$1.3 trillion) and US$2 trillion (A$2.7 trillion).
Prosperous time at the time of the pandemic
The dark web was created in the 1990s as part of a research project by the US Navy, which was looking for a way to send classified data over the internet.
Researchers from the Massachusetts Institute of Technology (MIT) opened the dark web to non-military users a decade later. The invention of bitcoin aided the growth of the dark web by providing an additional layer of anonymity to transactions.
According to Israeli cyber intelligence firm Sixgill, the number of dark web forum members increased by 44% during the first wave of widespread lockdowns in 2020 for COVID-19.
There were various reasons for this, the most important of which was that the lockdowns made street crime more difficult to carry out.
The broad shift to working from home undermined organisations’ cybersecurity standards, producing a perfect cyberstorm, just as many crooks brought their operations online for the first time.
Cybercriminals on the dark web target businesses by stealing confidential information and selling it.
According to Dr Campbell Wilson, a senior lecturer and associate dean at Monash University’s Faculty of Information Technology, who directed a besieged crawl of the dark web in the year of 2017 with authorisation from the Australian Federal Police, stolen corporate data versions for 7.5 percent of the illegal content on the dark web.
Login credentials are one of the most common types of corporate data acquired and sold on the dark web.
“Often, the organisation is unaware that something has been stolen until something goes wrong inside the organisation or until law enforcement officers notify them,” says Clarence Chan, PwC Malaysia’s digital trust and cybersecurity director.
Organizations must employ the assistance of a specialist third party to determine if they have been compromised – or are in imminent danger of becoming so. This is due to the fact that access to dark web forums is limited to those who have passed a vetting process.
“You may need to hack another organisation and offer evidence, or you may need to create malware and post it to the forum for everyone to see.That will provide you with sufficient status to be admitted,” Lemon explains.
“We conduct searches through what is known as a ‘threat intelligence platform,’ which has access to some of these dark web sources,” Chan explains. We try to figure out if a company’s information has been compromised and if that information is already for sale.”
He uses the example of a firm whose data was recently auctioned off. PwC received a warning from an intelligence threat platform to which it subscribes and was able to promptly notify the corporation.
“Cybercriminals may only provide a sliver of the data set to entice a purchase.Sometimes it’s a ruse, and they don’t have the data at all, or only a part of it.”