What to know about the underground Internet
By Maria Korolov
There’s more to the Internet than most people are aware of. In addition to the surface Web—the one that we know and love, with the cat GIFs and the shopping sites—there’s the mysterious digital netherworlds of the Deep Web and the Dark Web.
The Deep Web is the behind-the-scenes world of machine-to-machine communications and data stores not recognized by Internet search engines. In contrast, the Dark Web is also mostly invisible, but it’s certainly not benign. It is composed of private bulletin boards, password-protected forums and sites on the anonymous Tor network. It harbors digital gathering places for which you can’t easily set up a Google Alert.
Getting to Dark Web sites requires research, persistence and some technical skill and, often, recommendations from other members. It is useful to the people or groups that have something to hide, because it’s not only invisible but difficult to access for everyone else. That’s why many cybercriminals use it to sell or trade information and resources in digital anonymity.
The Dark Web is where cybercriminals share stolen information about payment cards. For that reason, a number of technology-savvy organizations, including the major credit card brands, monitor the Dark Web. Typically, card data sold there is stolen from retailers, from their e-commerce sites, or from other businesses.
If the occasional card number from a particular bank pops up for sale there, and is used for an unauthorized purchase, the merchant or credit card company will catch it, and the card will be cancelled and need to be reissued. But a large number of payment card numbers for sale on the Dark Web might mean a bank’s system has been hacked or a phishing campaign targeting that particular bank’s customers—possibly your bank’s customers—might be underway.
The Dark Web is also where criminals share online account credentials. Cybercriminals have plenty of options when it comes to stealing online passwords. Many major sites have been hacked. When they steal such credentials, the hackers try to use those same user names and passwords on other sites—including banking sites. (Of course, many people use the same passwords, or similar variations of them, for all their logins.)
But, as with payment card numbers, criminals sometimes go after individual banks more directly using the Dark Web, where phishing templates that mimic websites are exchanged and developed there. These activities aimed at particular institutions or companies can be spotted organizing on the Dark Web.
Knowing about an attack organizing before it happens can help a bank stop it before it does any damage.
Most banks don’t have the time or the resources for monitoring activity on the Dark Web. However, banks can piggyback on research by other firms by signing up for alerts and monitoring services or conducting forensic investigations.
These five companies offer Dark Web monitoring or investigation services:
The Dark Web, where criminals ply their trade, can be monitored for cybersecurity.
Maria Korolov is a technology writer in Massachusetts.