New Dark Web Search Engine Can Strengthen Business Security

Uploaded on 2020-05-11 in TECHNOLOGY--Developments, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Dark Web has a sinister, foreboding, reputation for good reason. It can be used to infiltrate organisations and businesses and use their data and steal important corporate information. People also go to the Dark Web to anonymously buy illegal drugs, to watch child pornography, get credit card numbers, fake passports, Bitcoin Lottery Tickets, Fake College Degrees, weapons and also to find murderers for hire. 

If the Internet is an online world of towns and cities, then the dark web is the red-light district, the hideouts of criminals and all the other dark alleys and criminal enterprises that exist in the underground economy. Terrorists use the Dark Web to hide and organise. There are libraries of pirated books and music on the dark web.

The Dark Web is growing. Some analysts would say that it is more than just growing and that before long it will change the Internet as we know it. In November 2019, a Dark Web search engine called “Kilos” emerged from the depths of the cyber-criminal underground, ostensibly to play the role of new heavyweight champion of search engines for cyber-criminal marketplaces, forums, and illicit products. 

Yet the Dark Web is only a small part of the Deep Web, which is a massive portion of the Internet not indexed by normal web search engines. The Dark Web is essentially comprised of small peer-to-peer networks and larger and growing Dark Web networks like Tor, Freenet and I2P.

Cyfirma, a threat discovery and cyber intelligence startup, has brought out a report on the dark web marketplace, focusing on the changes in cyber criminals’ approach and attitude, in the times of the Covid-19 crisis. Kumar Ritesh, the CEO of Cyfirma, believes that the attacks will become more frequent and sophisticated as the pandemic continues.

A New Legitimate Dark Web Security Search Engine 

Now there is a Dark and Deep Web search tool that is legitimate and can be used by organisations and governments wanting to reduce their risk of cyber-attack. Canada's Echosec Systems has recently released Beacon, a security tool that's designed to analyse the Dark Web and help legitimate organisation comprehend and monitor how they are being hacked.

Beacon is a Dark Web search engine that allows users to search anonymously, without the need for a TOR browser, designed to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the Dark Web as easy as using a surface web search engine. The idea behind Beacon is that it can be used by a company to potentially head off, or at the very least mitigate, a potential disaster. 

Since the bulk of the data on the Dark Web is essentially unstructured, the Echosec team crawled the Dark Web, indexed its content and then built a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the Dark Web.

The CTO of Echosec, Michael Raypold uses  the story of Coca-Cola's attempt, some years ago to acquire a Chinese soft drink company. Unknown to Coca-Cola executives, the company's secret plans and negotiation tactics were not secret because Coca-Cola had been previously hacked. Beacon did not exist at that time, but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web, then Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. 

The goal of Beacon  is to enable companies to easily examine data on the dark web as a way of locating the potentially harmful information. This could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. 

While hackers and scammers have been leveraging the pandemic to push out malware and phishing emails as part of their cyber- attack campaigns to steal data from businesses and consumers, there seems to be an understanding amongst hacker groups to not ‘cross the line of humanity’ by selling fictitious vaccines. However, there is a group of hackers who have ignored this warning and are choosing to sell fake vaccines and making anywhere from US$ 99 to US$ 25000. 

According to Cyfirma these hackers are from North Korea and have got interest from buyers in Italy, Spain, France and the US. Payment is being made via bitcoin, few bitcoin accounts have collected to the tune of US$ 400K just in the last six days.

The obvious fallout of this malicious act is loss of money by the users but in order to get the vaccine, they have shared their personal identifiable information including health and social security details. Theft of personal information will also fetch additional financial gains for the hackers. Cyfirma predicts that personal information provided to buy fake vaccines could be used for the next wave of cyber-attacks.

Cyber Criminals Take Advantage Of Global Pandemic

The Covid-19 pandemic has enforced social distancing. Many employees are now working remotely in distributed operations. This increase in remote work arrangements, both temporarily and permanently, is creating significant growth in network access and traffic which provides more opportunities for threat actors to strike. Cyber criminals quickly recognised the opportunities the pandemic provided them. 

Cyber criminals are sending emails that resemble legitimate coronavirus-related notices in phishing attacks targeting anxious individuals expecting such communications. The attacks aim to get readers to click through on false links that promise coronavirus guidance. Covid-19 themed phishing campaigns using Word and PDF documents that include names like ‘coronavirus response’, ‘coronavirus practices,’ and ‘coronavirus safety.’

Attackers are also using images and names of entities like the UN, WHO, CDC, FDA, and commercial companies in targeted fraud and phishing campaigns embedded with malware that would infect corporate networks, these phishing attacks deploy social engineering tactics to steal data and assets.

Hackers were also spreading fake news to create further confusion. By investigating the dark web marketplace, Cyfirma uncovered illicit groups selling organic medicine claiming to cure and eradicate the Covid-19 virus (this is separate from fake vaccines). These discussions in the hackers’ communities were carried out in Mandarin, Japanese and English.

Hackers leveraging the Covid-19 pandemic are motivated by a combination of personal financial gain as well as political espionage to cause social upheavals. Threat actors in the world of cyber-crime are equipped with the tools, technology, expertise and financing to further both commercial and political agendas.  

In our hyper-connected digital world, cyber crime is a lucrative business, and we should expect attacks to be more frequent and more sophisticated as the pandemic continues to cast a shadow over the global economy.

Government agencies, large telecommunications, retail, transportation, healthcare, manufacturing, B2C and supply chain companies are within the radar of hacker groups. While all businesses are at risk of cyber-attacks, SMEs tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data.

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets and other sensitive data. 

Digital Shadows:       Express Computer:       Analytics India:      Hot Hardware:         Beacongainer:    

BCTE Technology:    CIO Applications:

You Might Also Read:

What’s On The Dark Web?:

 

 

 

 

 

« COVID-19 Tracing App Problems
Fake Messaging Affects Australian Virus Tracing App »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

jobsDB.com

jobsDB.com

jobsDB Singapore is a search engine for jobs throughout Singapore.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

DeVry University - Cyber Security Degree

DeVry University - Cyber Security Degree

Explore the dynamic world of data protection with a hybrid or online cyber security degree specialization with DeVry's IT & Networking Bachelor's Degree.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

Somerville

Somerville

Somerville are a full service IT partner with over 40 years experience delivering exceptional service and value to our customers.

Olympix

Olympix

Dev-first Web3 security that starts at the source. Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Glasstrail

Glasstrail

Glasstrail are single-minded about helping organisations gather intelligence and manage vulnerabilities in their attack surface before adversaries exploit them.