New Dark Web Search Engine Can Strengthen Business Security

Uploaded on 2020-05-11 in TECHNOLOGY--Developments, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Dark Web has a sinister, foreboding, reputation for good reason. It can be used to infiltrate organisations and businesses and use their data and steal important corporate information. People also go to the Dark Web to anonymously buy illegal drugs, to watch child pornography, get credit card numbers, fake passports, Bitcoin Lottery Tickets, Fake College Degrees, weapons and also to find murderers for hire. 

If the Internet is an online world of towns and cities, then the dark web is the red-light district, the hideouts of criminals and all the other dark alleys and criminal enterprises that exist in the underground economy. Terrorists use the Dark Web to hide and organise. There are libraries of pirated books and music on the dark web.

The Dark Web is growing. Some analysts would say that it is more than just growing and that before long it will change the Internet as we know it. In November 2019, a Dark Web search engine called “Kilos” emerged from the depths of the cyber-criminal underground, ostensibly to play the role of new heavyweight champion of search engines for cyber-criminal marketplaces, forums, and illicit products. 

Yet the Dark Web is only a small part of the Deep Web, which is a massive portion of the Internet not indexed by normal web search engines. The Dark Web is essentially comprised of small peer-to-peer networks and larger and growing Dark Web networks like Tor, Freenet and I2P.

Cyfirma, a threat discovery and cyber intelligence startup, has brought out a report on the dark web marketplace, focusing on the changes in cyber criminals’ approach and attitude, in the times of the Covid-19 crisis. Kumar Ritesh, the CEO of Cyfirma, believes that the attacks will become more frequent and sophisticated as the pandemic continues.

A New Legitimate Dark Web Security Search Engine 

Now there is a Dark and Deep Web search tool that is legitimate and can be used by organisations and governments wanting to reduce their risk of cyber-attack. Canada's Echosec Systems has recently released Beacon, a security tool that's designed to analyse the Dark Web and help legitimate organisation comprehend and monitor how they are being hacked.

Beacon is a Dark Web search engine that allows users to search anonymously, without the need for a TOR browser, designed to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the Dark Web as easy as using a surface web search engine. The idea behind Beacon is that it can be used by a company to potentially head off, or at the very least mitigate, a potential disaster. 

Since the bulk of the data on the Dark Web is essentially unstructured, the Echosec team crawled the Dark Web, indexed its content and then built a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the Dark Web.

The CTO of Echosec, Michael Raypold uses  the story of Coca-Cola's attempt, some years ago to acquire a Chinese soft drink company. Unknown to Coca-Cola executives, the company's secret plans and negotiation tactics were not secret because Coca-Cola had been previously hacked. Beacon did not exist at that time, but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web, then Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. 

The goal of Beacon  is to enable companies to easily examine data on the dark web as a way of locating the potentially harmful information. This could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. 

While hackers and scammers have been leveraging the pandemic to push out malware and phishing emails as part of their cyber- attack campaigns to steal data from businesses and consumers, there seems to be an understanding amongst hacker groups to not ‘cross the line of humanity’ by selling fictitious vaccines. However, there is a group of hackers who have ignored this warning and are choosing to sell fake vaccines and making anywhere from US$ 99 to US$ 25000. 

According to Cyfirma these hackers are from North Korea and have got interest from buyers in Italy, Spain, France and the US. Payment is being made via bitcoin, few bitcoin accounts have collected to the tune of US$ 400K just in the last six days.

The obvious fallout of this malicious act is loss of money by the users but in order to get the vaccine, they have shared their personal identifiable information including health and social security details. Theft of personal information will also fetch additional financial gains for the hackers. Cyfirma predicts that personal information provided to buy fake vaccines could be used for the next wave of cyber-attacks.

Cyber Criminals Take Advantage Of Global Pandemic

The Covid-19 pandemic has enforced social distancing. Many employees are now working remotely in distributed operations. This increase in remote work arrangements, both temporarily and permanently, is creating significant growth in network access and traffic which provides more opportunities for threat actors to strike. Cyber criminals quickly recognised the opportunities the pandemic provided them. 

Cyber criminals are sending emails that resemble legitimate coronavirus-related notices in phishing attacks targeting anxious individuals expecting such communications. The attacks aim to get readers to click through on false links that promise coronavirus guidance. Covid-19 themed phishing campaigns using Word and PDF documents that include names like ‘coronavirus response’, ‘coronavirus practices,’ and ‘coronavirus safety.’

Attackers are also using images and names of entities like the UN, WHO, CDC, FDA, and commercial companies in targeted fraud and phishing campaigns embedded with malware that would infect corporate networks, these phishing attacks deploy social engineering tactics to steal data and assets.

Hackers were also spreading fake news to create further confusion. By investigating the dark web marketplace, Cyfirma uncovered illicit groups selling organic medicine claiming to cure and eradicate the Covid-19 virus (this is separate from fake vaccines). These discussions in the hackers’ communities were carried out in Mandarin, Japanese and English.

Hackers leveraging the Covid-19 pandemic are motivated by a combination of personal financial gain as well as political espionage to cause social upheavals. Threat actors in the world of cyber-crime are equipped with the tools, technology, expertise and financing to further both commercial and political agendas.  

In our hyper-connected digital world, cyber crime is a lucrative business, and we should expect attacks to be more frequent and more sophisticated as the pandemic continues to cast a shadow over the global economy.

Government agencies, large telecommunications, retail, transportation, healthcare, manufacturing, B2C and supply chain companies are within the radar of hacker groups. While all businesses are at risk of cyber-attacks, SMEs tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data.

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets and other sensitive data. 

Digital Shadows:       Express Computer:       Analytics India:      Hot Hardware:         Beacongainer:    

BCTE Technology:    CIO Applications:

You Might Also Read:

What’s On The Dark Web?:

 

 

 

 

 

« COVID-19 Tracing App Problems
Fake Messaging Affects Australian Virus Tracing App »

Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

General Dynamics Information Technology

General Dynamics Information Technology

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

maCERT

maCERT

maCERT is the national Computer Emergency Response Team for Morocco.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

FFRI

FFRI

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.