Cybersecurity
RansomwareWhy You Need to Worry About the Dark Web and What You Can Do
The dark web is a hotbed for cybercrime. Learn about dark web service offerings, stolen data for purchase, and how to protect your business from falling victim.
By
Spanning Cloud Apps
5 minute read
If cybercrime was a state, it would be the third-largest economy in the world after the U.S. and China, according to the World Economic Forum. Cybersecurity Ventures expects the damage from cybercrime to rise up to a whopping $10.5 trillion by 2025. With cybercrime becoming a growing concern in the business world and elsewhere, one term that is often associated with it is “dark web.” Let’s see what the dark web is and how it differs from the web you are using now.
The internet is a massive network that contains millions of websites, servers and databases that run round the clock. It is loosely classified into three regions based on data accessibility. The open web or surface web, such as this webpage, is part of the internet that can be accessed with traditional browsers like Google Chrome, Internet Explorer and Firefox. However, the surface web is just the tip of the iceberg and accounts only for approximately 4% of the internet. The remaining 96% of data is not indexed by conventional search engines and remains hidden from the public beneath the water. This region, called the deep web, is so large that it’s impossible to find out how many websites are active at any point in time. Everything from email and social networking accounts to financial and other private information that requires authentications falls under this deep web.
While the terms deep web and dark web are often used interchangeably, they are not the same. The dark web is an area within the deep web that has been made anonymous through various encryption and routing techniques and is accessible only through specialized web browsers like The Onion Router (TOR). Going by the iceberg analogy, it is the bottom tip of the submerged iceberg. While the dark web is at times used for legitimate purposes like whistleblowing, its anonymous nature makes it a hotbed for criminal activities.
The dark web has many marketplaces that are being used as a platform for illicit activities like drug trafficking, weapon trading and hacking services. For instance, Hydra Market, a Russian-language dark web marketplace, was the world’s largest dark web marketplace with 17 million customers and an annual turnover of $1 billion until its seizure and shutdown in 2022. The fall of Hydra has subsequently led to the emergence of many new dark web markets, like the Russian Market, Genesis Market and 2easy. In particular, these dark web markets pose a significant threat to the business world since stolen credentials and data are some of the primary commodities being traded.
as-a-Service offerings
as-a-Service offerings have become a critical enabler of success for modern enterprises. The pay-as-you-go cloud computing model delivers the agility, flexibility and scalability that enterprises seek in the current digital economy. However, it’s not all sunshine and roses. The as-a-Service model is largely being leveraged in the dark web today, contributing to the rapid expansion of the cyberthreat landscape.
Ransomware-as-a-Service (RaaS) is a swiftly emerging business model that allows even novice cybercriminals who lack the skill to develop their own ransomware variant to launch an attack quickly and affordably. While this business model enables the malware authors to scale their earnings from their software with less personal risk, it allows wannabe hackers with little technical knowledge to launch sophisticated attacks. RaaS kits are widely advertised in the dark web just like their legitimate counterparts are promoted on the surface web, drastically expanding the accessibility and potential reach of ransomware.
Similarly, Phishing-as-a-Service (PhaaS) is another as-a-Service business model prominent in the dark web. Through PhaaS kits, cybercriminals sell the knowledge and tools necessary for a successful phishing attack. Earlier, creating a successful phishing campaign required a broad set of skills, but now anyone can avail services from cybercriminals to cook up all the elements of a phishing campaign, such as website hosting, credential parsing and spoofing emails.
Various other kits are also being commercialized in the dark web marketplaces. For example, a Remote Access Trojan/Tool (RAT) is one of the cheapest cyberattack tools available on the dark web, allowing an attacker to gain complete remote access to a device. They can be purchased at a price as low as $5. Password cracking packs and Distributed Denial of Service (DDoS) attack kits are some other available tools that enable anyone to launch a cyberattack at a meager cost.
Stolen data is cheap to buy
In fact, one doesn’t have to carry out a cyberattack to get hold of data today because stolen data is so easy and cheap to buy on the dark web. Dark Web Price Index 2022 states that cybercriminals can acquire online banking login information and credit card details for as little as $50 in different dark web marketplaces, websites and forums. Anyone can also easily get their hands on business-critical data, enabling them to perpetrate digital fraud quickly. Dark Reading estimates that over 24 billion password credentials circulated in the dark web in 2022.
Secure your users and data with Spanning
Data is the lifeline of your business. As the amount of data created and stored increases, so does the importance of its protection. However, according to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element. That means negligence or ignorance from one of your employees can put all your data — and business — at stake.
That’s where Spanning Backup can be your lifesaver. Spanning Backup is a purpose-built SaaS backup solution that can automate and simplify your backup and recovery. Interestingly, Spanning Backup for Microsoft 365 and Google Workspace offers integrated dark web monitoring that alerts administrators of compromised or stolen employee credentials, empowering them to proactively secure user accounts before a malicious activity occurs. Administrators can leverage Spanning’s audit reporting and search capabilities to determine whether data loss has occurred and restore any corrupted data in just a few clicks. It thus significantly reduces the risk of account takeover (ATO) attacks, protecting your business from a significant data loss incident and potential financial and competitive impacts.
Download the eBook to learn more about how Spanning can help you keep your SaaS data secure and readily available.