The shocking truth of the Deep Web

Author: Martin Voelk
April 7, 2015

The Deep Web / Dark Web was originally invented to help individuals and regime critics to voice their opinion and overcome government surveillance of communication. It also helped journalists to report the truth in countries which are heavily censored. However over the years it become a playground for Cyber criminals from all over the world.

We conduct a lot of Cyber Intelligence work as part of our services to businesses where we look specifically for Intel concerning their business interests. We think we have seen it all, but even we get surprised what we sometimes find on the Dark Web.

  • Hacked online stores where criminals share the Admin credentials
  • Corrupt employees who work for retailers and sell customer details along with their credit cards
  • Auctions for access to email accounts of business owners and high ranking managers in business
  • The trade of 0day exploits (vulnerabilities and exploits) to issues unknown to the public yet
  • Training courses for Cyber Criminals

The list goes on and on.

The most shocking discoveries are, in our own opinion, corrupt and fraudulent employees selling customer data. This is very hard to tackle. The company they work for may be PCI compliant, may have the greatest perimeter defenses, may encrypt all stored data. Yet their customer data is exposed by a corrupt employee. People with legitimate access to customer or other confidential information who sell this information to Cyber Criminals on the dark web.

The industry needs a shift in mindset. All the big companies like Cisco, Juniper, Fortinet, Symantec etc. are concerned about is selling more of their hardware and software. Yes, of course IT Security / Logical Security is improved with their products, but what about the human aspect? The human is the easiest way into a company by employing social engineering techniques, but the fraudulent employee is also not stopped by Firewalls when doing screenshots of confidential information and uploading those to their USBs or putting those on dropbox. Screenshots are just JPGs and not detected as threats as such. This is what many Security Policies seem to fail to address these days.


Comments are closed.