Our i3 Analysts explore the Deep and Dark Web daily when they are trying to gain more information for their Advanced Investigations. To the common person this can seem like a scary and untouchable place to navigate but to our analysts it's just another day at the office or remote office.
What is the Deep Web?
The Deep Web is the part of the internet which is not indexed by search engines, or is otherwise behind sign-in screens, and as a result is not accessible unless you explicitly know where and how to find it. Limited examples include a corporate email inbox, social media posts which require sign-in to view, or websites which require membership to enter.
What is the Dark Web?
The Dark Web is a subset of the Deep Web, which further requires a specialized web browser for access. Although it is not entirely made up of criminal or illicit content, there is a high concentration of such activity on the Dark Web.
Why are people scared of the Deep and Dark Web?
The Deep and Dark Web have an air of mystery and the unknown, which are compounded by the Dark Web’s reputation for being a source of criminal activity. Its reputation as the home of hackers make the computer-security-conscious particularly wary of it. While Deep Web and Dark Web are not interchangeable terms, people do use one to mean the other, causing the Dark Web’s reputation to amplify concern for the Deep Web’s own challenges.
How does information get on the DDW?
Information gets on the DDW through people. Information transmitted to trusted- or perceived-trusted sources on the internet is vulnerable to hacking or other interception. Dedicated criminals also for example set up campaigns (such as phishing) to steal credentials, Personally Identifiable Information (PII), and information from accounts which can be exploited with that information. This information is valuable to other criminals, and is sold and traded on websites catering to this activity.
What information is on the DDW and what’s the motive behind it?
All kinds of information are available on the DDW. Some of it is innocuous, like social media or board game clubs. Some of it is criminal. Drugs, stolen credentials or PII, hack-for-hire, and child pornography are part of the Dark Web criminal ecosystem. Money is a key motive for any criminal transaction.
As a company why should I be concerned if my information is on the DDW? And how can I prevent it?
A company should be concerned about any information that is in places it cannot see, and in places that it cannot control. In particular, PII for executives and individuals with access to sensitive parts of the business is a key vulnerability not just against the integrity of the company, but to the physical safety of those people as well. The same is true for credentials and other sensitive business-related information.
Ensuring cybersecurity education for employees, such as how to spot and report phish as well as password hygiene, helps prevent a company’s infrastructure from being exploited. These are important reactive fundamentals. Understanding how threat actors see your company’s Digital Footprint is likewise key to building a proactive strategy around securing your company’s digital assets.
How can RiskIQ navigate on the DDW “safely” for me?
RiskIQ operates a number of tools to find targeted information on Deep and Dark Web sources. Our collection on your behalf ensures you are never exposed to the Dark Web, providing you with an additional layer of safety even as we alert you to relevant and sensitive content such as PII and leaked credentials.
As the internet becomes increasingly integral to the success of businesses, their digital presence expands. Companies must not only manage the websites, mobile apps, and social media accounts representing their organization in an official capacity, but also establish means to identify third-party impersonation and fraud across web, mobile, and social attack vectors. While the infrastructure needed to execute cyber attacks against an organization or its customers must be detected and mitigated on the open web, dark web monitoring can be highly informative to discovering cyber attacker tactics and methods.
The Deep & Dark Web Module for External Threats allows customers to proactively discover new cyber threats to their organizations across multiple channels to ensure that they have a holistic view of their digital presence. In addition to our product suite, RiskIQ offers a range of services and immediate support from our Incident Investigation and Intelligence (i3) team for a deeper dive with a more customized solution including automated identification of vulnerabilities and exposures on the open web and dark web.
To learn more about how you can utilize i3 Services or External Threats modules to defend your organization from digital threats, get in touch with one of our sales representatives today.