Understanding the Darknet and Its Impact on Cybersecurity

9
4742

The darknet is a very real concern for today’s businesses. In recent years, it has redefined the art of hacking and, in the process, dramatically expanded the threat landscape that organizations now face. So, what exactly is the darknet and why should you care?

WHAT IS THE DARKNET?

Not to be confused with the deep web, the dark web/darknet is a collection of thousands of websites that can’t be accessed via normal means and aren’t indexed by search engines like Google or Yahoo.

Simply put, the darknet is an overlay of networks that requires specific tools and software in order to gain   access. The history of the darknet predates the 1980s, and the term was originally used to describe computers on ARPANET that were hidden and programmed to receive messages but which did not respond to or acknowledge anything, thus remaining invisible, or in the dark. Since then, “darknet” has evolved into an umbrella term that describes the portions of the internet purposefully not open to public view or hidden networks whose architecture is superimposed on that of the internet.

[You may also like: Darknet: Attacker’s Operations Room]

Ironically, the darknet’s evolution can be traced somewhat to the U.S. military. The most common way to access the darknet is through tools such as the Tor network. The network routing capabilities that the Tor network uses were developed in the mid-1990s by mathematicians and computer scientists at the U.S. Naval Research Laboratory with the purpose of protecting U.S. intelligence communications online.

USE AND ACCESS

Uses of the darknet are nearly as wide and as diverse as the internet: everything from email and social media to hosting and sharing files, news websites and e-commerce. Accessing it requires specific software, configurations or authorization, often using nonstandard communication protocols and ports. Currently, two of the most popular ways to access the darknet are via two overlay networks. The first is the aforementioned Tor; the second is called I2P.

Tor, which stands for “onion router” or “onion routing,” is designed primarily to keep users anonymous. Just like the layers of an onion, data is stored within multiple layers of encryption. Each layer reveals the next relay until the final layer sends the data to its destination. Information is sent bidirectionally, so data is being sent back and forth via the same tunnel. On any given day, over one million users are active on the Tor network.

I2P, which stands for the Invisible Internet Project, is designed for user-to-user file sharing. It takes data and encapsulates it within multiple layers. Just like a clove of garlic, information is bunched together with other people’s information to prevent de-packing and inspection, and it sends that data via a unidirectional tunnel.

WHAT’S OUT THERE?

As mentioned previously, the darknet provides news, e-commerce sites, and email and hosting services. While many of the services are innocent and are simply alternatives to what can be found on the internet, a portion of the darknet is highly nefarious and tied to illicit activities due to its surreptitious nature. As a result, since the 1990s, cybercriminals have found a “digital home” on the darknet as a way to communicate, coordinate and, most recently, monetize the art of cyberattacks to a wide range of non-technical novices.

[You may also like: Darknet: A One-Stop Shop for Would-Be Criminals]

One of the most popular services are email services, which have seen a dramatic increase in recent years that parallels the increased popularity of ransomware. Cyberattackers will often use these email services to execute their campaigns to remain hidden from authorities.

Hosting services are yet another. Similar to the cloud computing environments that enterprises might use as part of their IT infrastructure, darknet hosting services are leveraged by cybercriminals and hackers to host websites or e-commerce marketplaces that sell distributed denial-of-service (DDoS) tools and services. These hosting services are typically very unstable as they can be “taken down” by law enforcement or vigilante hackers for political, ideological or moral reasons.

Forums also exist to allow hackers and criminals to have independent discussions for the purpose of knowledge exchanging, including organizing and coordinating DDoS campaigns (such as those planned by Anonymous) and/or exchanging cyberattack best practices. These forums come with a variety of technical options and languages and can be associated with particular threat actors/ groups, hacktivists, attack vectors, etc.

Lastly, just like the real internet, darknet search engines, like Candle and Torch, exist to allow users to easily locate and navigate these various forums, sites and e-commerce stores.

A DIGITAL STORE

Perhaps more than any other service usage, e-commerce sites on the darknet have exploded in popularity in recent years due to the rise of DDoS as a service and stresser services, resulting in huge profit margins for entrepreneurial hackers. Everything from DDoS attack tools and botnet rentals to “contracting” the services of a hacker are now available on the darknet.

[You may also like: The Cost of a DDoS Attack on the Darknet]

The result? These e-commerce sites and their products have commoditized cyberattacks in addition to making them available to a wide range of non-technical users. Often times, these services come with intuitive, GUI-based interfaces that make setting up and launching attacks quick and simple.

Examples abound, but one example of DDoS as a service is PutinStresser. PutinStresser illustrates the ease of access that these services have reached and provides potential buyers with various payment options, discovery tools, a variety of attack vectors and even chat-based customer support. Botnet rental services are also available — their growth paralleling the growth and use of botnets since 2016. A perfect example of a botnet service that is available on the darknet is the JenX botnet, which was discovered in 2018.

Prices for these tools are as diverse as the attack vectors that buyers can purchase and range from as low as $100 to several thousand dollars. Prices are typically based on various factors, such as the number of attack vectors included within the service, the size of the attack (Gbps/Tbps) and the demand.

[You may also like: 5 Ways Malware Defeats Cyber Defenses & What You Can Do About It]

Malware and ransomware are equally popular. The notorious WannaCry global ransomware campaign had its C2C servers hosted on the darknet. In addition, just like their botnet and DDoS brethren, malware and ransomware have their own “pay for play” services which dramatically simplify the process of launching a ransomware campaign. Numerous ransomware services exist that allow a user to simply  specify the ransom amount and add notes/ letters, and then the user is provided a simple executable to send to victims.

Lastly, an array of services is available allowing nearly anyone with access to the darknet (and the ability to convert money to bitcoin for payment) to contract hackers for their work. Services include hacking emails, hacking social media accounts and designing malicious software.

Many of these services revolve around the education vertical. The act of educational institutions moving their teaching tools and testing to online networks has bred a new generation of students willing to purchase the services of hackers to change grades and launch DDoS attacks on schools’ networks to postpone tests.

Read “The Trust Factor: Cybersecurity’s Role in Sustaining Business Momentum” to learn more.

Download Now

9 COMMENTS

  1. GSM/gprs/hsdpa/LTE Android 8.0+ handsets are all end to end encryption but I disagree, they must be end to end decrypted encryption! Im not qualified to comment on Apple devices! To combat the dark web, attack every aspect of onion and garlic routing at point of decryption! Use 128-EEA zuc

  2. GSM/gprs/hsdpa/LTE Android 8.0+ handsets are all end to end encryption but I disagree, they must be end to end decrypted encryption! Not sure about Apple devices! To combat the dark web, attack every aspect of onion and garlic routing at point of decryption! Upgrade the gsm 128-EEA zuc spec!

  3. In this blog, great posts and a very good article are the most useful users to find the best product to help this article. If you buying the best mobile phone online you also visit the website Shoopdeal.com one of the best and popular comparisons sites if you want to compare especially mobile phones. This site also provides comparing prices, price drop alerts, and best deals and coupons offer on various mobile phones.

  4. One of the sites that provides typically the best internet
    gambling online game services in Philippines is Promosbobet.
    On-line bookie sites that provides direct access coming from home via the internet network and will be a good alternative to increase bettors’
    income without having to shell out a lot associated with capital.

    Imagine, together with only relatively cost-effective capital, members can play probably the
    most fascinating betting games of which members want these
    kinds of as soccer gambling, online casino, or even real cash online slots, and naturally get the particular financial benefits
    that will members need. Everything a member is capable of just by becoming the member
    of the best and many trusted online bookie site Promosbobet.

    The Biggest Online Gambling Promotional
    Bettors can acquire various types associated with benefits by becoming a member of the
    Promosbobet betting site. This web site always provides amazing
    promotions for new customers and loyal customers who have picked Promosbobet as a new
    betting partner regarding years.

    Deposit Bonus – the 1st bonus that the member could possibly get
    by simply becoming a associate of Promosbobet is when the member
    makes a deposit having a minimum associated with IDR 100, 000 only!

    Bettors can get bonuses as high as almost 2 , 000, 000 rupiah.

    Winning Added bonus – just by simply playing online soccer gambling that an individual want
    or taking pleasure in the fun plus challenges of capturing fish games, an individual have a possiblity to
    win a successful bonus of upward to 50%.

    Procuring and Rebate Reward – by dealing with Sbobet
    and Maxbet, Mabosbet gives an individual the possibility to obtain an immediate five per cent cashback and 74% rebate!

LEAVE A REPLY

Please enter your comment!
Please enter your name here