New Dark Web Search Engine Can Strengthen Business Security

Uploaded on 2020-05-11 in TECHNOLOGY--Developments, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Dark Web has a sinister, foreboding, reputation for good reason. It can be used to infiltrate organisations and businesses and use their data and steal important corporate information. People also go to the Dark Web to anonymously buy illegal drugs, to watch child pornography, get credit card numbers, fake passports, Bitcoin Lottery Tickets, Fake College Degrees, weapons and also to find murderers for hire. 

If the Internet is an online world of towns and cities, then the dark web is the red-light district, the hideouts of criminals and all the other dark alleys and criminal enterprises that exist in the underground economy. Terrorists use the Dark Web to hide and organise. There are libraries of pirated books and music on the dark web.

The Dark Web is growing. Some analysts would say that it is more than just growing and that before long it will change the Internet as we know it. In November 2019, a Dark Web search engine called “Kilos” emerged from the depths of the cyber-criminal underground, ostensibly to play the role of new heavyweight champion of search engines for cyber-criminal marketplaces, forums, and illicit products. 

Yet the Dark Web is only a small part of the Deep Web, which is a massive portion of the Internet not indexed by normal web search engines. The Dark Web is essentially comprised of small peer-to-peer networks and larger and growing Dark Web networks like Tor, Freenet and I2P.

Cyfirma, a threat discovery and cyber intelligence startup, has brought out a report on the dark web marketplace, focusing on the changes in cyber criminals’ approach and attitude, in the times of the Covid-19 crisis. Kumar Ritesh, the CEO of Cyfirma, believes that the attacks will become more frequent and sophisticated as the pandemic continues.

A New Legitimate Dark Web Security Search Engine 

Now there is a Dark and Deep Web search tool that is legitimate and can be used by organisations and governments wanting to reduce their risk of cyber-attack. Canada's Echosec Systems has recently released Beacon, a security tool that's designed to analyse the Dark Web and help legitimate organisation comprehend and monitor how they are being hacked.

Beacon is a Dark Web search engine that allows users to search anonymously, without the need for a TOR browser, designed to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the Dark Web as easy as using a surface web search engine. The idea behind Beacon is that it can be used by a company to potentially head off, or at the very least mitigate, a potential disaster. 

Since the bulk of the data on the Dark Web is essentially unstructured, the Echosec team crawled the Dark Web, indexed its content and then built a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the Dark Web.

The CTO of Echosec, Michael Raypold uses  the story of Coca-Cola's attempt, some years ago to acquire a Chinese soft drink company. Unknown to Coca-Cola executives, the company's secret plans and negotiation tactics were not secret because Coca-Cola had been previously hacked. Beacon did not exist at that time, but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web, then Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. 

The goal of Beacon  is to enable companies to easily examine data on the dark web as a way of locating the potentially harmful information. This could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. 

While hackers and scammers have been leveraging the pandemic to push out malware and phishing emails as part of their cyber- attack campaigns to steal data from businesses and consumers, there seems to be an understanding amongst hacker groups to not ‘cross the line of humanity’ by selling fictitious vaccines. However, there is a group of hackers who have ignored this warning and are choosing to sell fake vaccines and making anywhere from US$ 99 to US$ 25000. 

According to Cyfirma these hackers are from North Korea and have got interest from buyers in Italy, Spain, France and the US. Payment is being made via bitcoin, few bitcoin accounts have collected to the tune of US$ 400K just in the last six days.

The obvious fallout of this malicious act is loss of money by the users but in order to get the vaccine, they have shared their personal identifiable information including health and social security details. Theft of personal information will also fetch additional financial gains for the hackers. Cyfirma predicts that personal information provided to buy fake vaccines could be used for the next wave of cyber-attacks.

Cyber Criminals Take Advantage Of Global Pandemic

The Covid-19 pandemic has enforced social distancing. Many employees are now working remotely in distributed operations. This increase in remote work arrangements, both temporarily and permanently, is creating significant growth in network access and traffic which provides more opportunities for threat actors to strike. Cyber criminals quickly recognised the opportunities the pandemic provided them. 

Cyber criminals are sending emails that resemble legitimate coronavirus-related notices in phishing attacks targeting anxious individuals expecting such communications. The attacks aim to get readers to click through on false links that promise coronavirus guidance. Covid-19 themed phishing campaigns using Word and PDF documents that include names like ‘coronavirus response’, ‘coronavirus practices,’ and ‘coronavirus safety.’

Attackers are also using images and names of entities like the UN, WHO, CDC, FDA, and commercial companies in targeted fraud and phishing campaigns embedded with malware that would infect corporate networks, these phishing attacks deploy social engineering tactics to steal data and assets.

Hackers were also spreading fake news to create further confusion. By investigating the dark web marketplace, Cyfirma uncovered illicit groups selling organic medicine claiming to cure and eradicate the Covid-19 virus (this is separate from fake vaccines). These discussions in the hackers’ communities were carried out in Mandarin, Japanese and English.

Hackers leveraging the Covid-19 pandemic are motivated by a combination of personal financial gain as well as political espionage to cause social upheavals. Threat actors in the world of cyber-crime are equipped with the tools, technology, expertise and financing to further both commercial and political agendas.  

In our hyper-connected digital world, cyber crime is a lucrative business, and we should expect attacks to be more frequent and more sophisticated as the pandemic continues to cast a shadow over the global economy.

Government agencies, large telecommunications, retail, transportation, healthcare, manufacturing, B2C and supply chain companies are within the radar of hacker groups. While all businesses are at risk of cyber-attacks, SMEs tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data.

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets and other sensitive data. 

Digital Shadows:       Express Computer:       Analytics India:      Hot Hardware:         Beacongainer:    

BCTE Technology:    CIO Applications:

You Might Also Read:

What’s On The Dark Web?:

 

 

 

 

 

« COVID-19 Tracing App Problems
Fake Messaging Affects Australian Virus Tracing App »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Cyber Security National Lab (CINI)

Cyber Security National Lab (CINI)

The Cyber Security National Lab brings together Italian academic excellence in Cyber Security research.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

DataArt

DataArt

DataArt is a global technology consultancy that designs, develops and supports unique software solutions. Areas of activity include software security testing.

Cylus

Cylus

Cylus, a global leader in rail cybersecurity, helps rail and metro companies avoid safety incidents and service disruptions caused by cyber-attacks.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.

Aura Information Security

Aura Information Security

Aura Information Security consists of a team of highly-skilled and renowned information security professionals spanning Australia and New Zealand.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.