Dark Web Investigations/Monitoring
What is the Dark Web?
To understand what the Dark Web is it has to be put into context with the web overall.
Surface Web: anything that can be indexed by a typical search engine like Google, Bing or Yahoo.
Deep Web: anything that a Surface Web can’t find. Examples of Deep Web content can be found at any time – whenever you navigate away from Google and do a search directly in a website, examples government databases, libraries. Google search can’t find the pages behind these website search boxes. Most often not illicit material.
The Dark Web is a small section of the Deep Web that has been intentionally hidden and cannot be accessed through standard web browsers.
It is an ‘underground’ medium which allows for the distribution of harmful information as well as for the browsing and purchasing of illegal goods and services, practically untraceable by law enforcement.
Some of these goods and services have been illegally captured and put on the Dark Web for sale by hackers who have infiltrated a company/organisations network. Once an organisation’s network has been breached, the intruder can exploit the company by identifying and extracting valuable and sensitive information, such as customer account details, banking details, passports and so on.
Furthermore, Dark Web forums are often utilised as an arena in which hackers can expose and discuss vulnerabilities identified in an organisation’s system that can be exploited. This information is then sold anonymously to buyers all across the world who cannot be easily traced by law enforcement.
Given the lack of accountability, more and more buyers are purchasing illegal goods, meaning more and more sellers are infiltrating business networks to exploit them for this sellable information. This creates a harrowing threat for all organisations, one that could have catastrophic financial and reputational consequences.
How relevant is it to you?
The consequences of not taking the threat of the Dark Web seriously are significant; successful exploitation and distribution of material across the Dark Web can result in the demise of a business, as a result of financial or reputational damage. Despite the majority of internet users avoiding the Dark Web, it is not exclusively criminals who use this platform. Many of its users are people with innocent intentions and curious minds who do not share the same ‘low- profile’ approach as criminals wanting to hide Dark Web activity and remain inconspicuous. As such, businesses exploited on the Dark Web are vulnerable to exposure on the open web, particularly if they are a large, recognisable company such as entertainment or communication platforms; would you really want to sign up and provide personal details to a company who you know to be exploited on the Dark Web? Any material on the Dark Web that incorporates even just a company’s logo on these marketplaces and forums immediately portrays the company as vulnerable or a target and can severely damage the company’s reputation
Knowing a company has to some extent or another been exploited on the Dark Web can severely damage consumer confidence and B2B relationships. Failing to be proactive in protecting the organisation’s position can have very real consequences in terms of reputation and as a consequence will have damaging financial consequences. Not taking action can lead to:
- Legal or Regulatory fees/fines
- Damage to customer loyalty and the acquisition of new customers
- Competitors can acquire lost customers
- Ruined reputation
- Viral media coverage
- Company considered unsecure and easily targetable – may hinder future funding and support deals, sponsorships, partnerships…