fbpx
Question? Call Us 888-508-6004
Welcome to Tech Kahunas

What In The World Are The Darknet And Darkweb?

Andrew had just scaled his business with eight more employees and was optimistic about its potential. But he didn’t know that from the time he first acquired his new computers and updated his network that a cyber intruder had been waiting to encrypt and hold hostage his customer data.

Ajax700 looked at Andrew’s data as he sipped a Mountain Dew. He’d done this dozens of times with the same software he bought on the “darkweb.” It was 1:30 a.m. and he was just getting started.

When Andrew arrived at the office, he saw the crowd of employees outside waiting. Someone had locked the computers and they were all flashing the same message.

Most people don’t know what the darkweb is, let alone what it has. Google only indexes about 4% of the internet (about 57 billion webpages), called the “clearnet” or “surface web” by some users. The rest is comprised of unindexed computer resources like databases, private accounts and government networks—but some of this is the “darknet.” “Darkweb websites” run on darknets, which are encrypted overlay networks that run over the internet. You can only access darkweb websites with special software, configurations or permissions, and users operate on an anonymized series of connections using anonymized IP (internet protocol) addresses.

The DuckDuckGo search engine indexes some darkweb websites, but apps like the tOr (“the Onion router”) browser, Retroshare, I2P and Freenet allow access to darkweb markets. For example, users can access Alphabay, Outlaw Market and Dream Market with Tor.

And what is on the darkweb? Anything and everything is for sale (or free) from behind its firewalls and layers of encryption:

Data – stolen passwords (29 passwords for every US citizen), credit card information, voter registrations, driver’s licenses, client lists, IPs, social security numbers, PayPal, and false or stolen identities.
File sharing – legal or illegal.
Malware – viruses, spyware, adware, ransomware (extortion software), remote access Trojans (can control another computer), or other exploit tools that may not have patches yet.
Firewall policies and access credentials.
Professional hacking groups and services.
Botnets – anonymous computer armies (sometimes with “command and control” features that allow remote access and control of malware) that can be bought or rented.
Cryptocurrency services – many dark web sites use bitcoin and other cryptocurrencies because of their difficulty in being tracked.
Counterfeiting, financing and fraud tools.
eBay- or Craigslist-like sites where users can talk to sellers or leave reviews.
Cloned clearnet websites.
Crime-as-a-service.
Darkweb social media sites and forums
Hacked government materials.
Private conversations.
Hoaxes and unverified content.
Illegal porn, drugs, firearms and other weapons, assassins.
Messages and assistance from “political liberators.”

You don’t need to have any special knowledge to use darkweb markets which host malware and exploit tools. Ajax700 is a “script kiddie,” a hacker who doesn’t really know what he’s doing, but uses pre-built tools he bought on the darkweb websites to attack a user or organization. But it’s not just script kiddies who are the threat actors who can attack your organization. Ex-employees, competitors, suppliers, trusted insiders, customers, partners and corporate saboteurs, not to mention hacktivists, cyberterrorists and rogue governments, are among the malicious users out there. (Not all darkweb users are malicious. Government orgs and militaries, companies, free speech “hacktivists” and journalists who need privacy also use these types of sites and tools. Some of the original darkweb users were journalists and hacktivists who wanted to avoid censorship and to defend free speech rights and whistle blowing.)

Andrew first learned of the darkweb only after someone sold his customer and intellectual property to another cyber criminal. He could now lose customer confidence and trust–and perhaps be liable to a lawsuit over the leak of customer personally identifiable information (PII).

Why can’t authorities crack down on darkweb criminals? First of all, IPs (internet protocol addresses) and locations are anonymized on the darknet/darkweb. It’s also not easy to access or search and cybercrooks can change their websites’ addresses. (Don’t go to darkweb websites. Super-malware exists.)

At Tech Kahunas, we monitor the darkweb and alert you if we see your data on it. We will recommend you change your stolen passwords and cancel your credit cards.

We also look at everything from darkweb websites, blogs, private networks, chat rooms, and black market sales and forums. We can help you reduce your risk of losing your data in the first place.

Tech Kahunas knows the needs of SMBs and organizations.
We’ll stay on top of the threats.
We’ll watch your data.
We’ll review your risks.

We’ve got years of this.

Leave a comment

Your email address will not be published.

Peter Bondyark and J.C. Berry
Peter Bondyark and J.C. Berry
Facebook
Twitter
LinkedIn
Pinterest
Subscribe for security updates.
Latest posts
Follow us

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

hero-S326HRW-3.png
Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

hero-S326HRW-3.png
Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue
hero-S326HRW-3.png
Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue