Reading view

There are new articles available, click to refresh the page.

How the Internet of Things (IoT) became a dark web target – and what to do about it

✇CyberTalk - Dark web Archives
By: slandau

By Antoinette Hodes, Office of the CTO, Check Point Software Technologies.

The dark web has evolved into a clandestine marketplace where illicit activities flourish under the cloak of anonymity. Due to its restricted accessibility, the dark web exhibits a decentralized structure with minimal enforcement of security controls, making it a common marketplace for malicious activities.

The Internet of Things (IoT), with the interconnected nature of its devices, and its vulnerabilities, has become an attractive target for dark web-based cyber criminals. One weak link – i.e., a compromised IoT device – can jeopardize the entire network’s security. The financial repercussions of a breached device can be extensive, not just in terms of ransom demands, but also in terms of regulatory fines, loss of reputation and the cost of remediation.

With their interconnected nature and inherent vulnerabilities, IoT devices are attractive entry points for cyber criminals. They are highly desirable targets, since they often represent a single point of vulnerability that can impact numerous victims simultaneously.

Check Point Research found a sharp increase in cyber attacks targeting IoT devices, observing a trend across all regions and sectors. Europe experiences the highest number of incidents per week: on average, nearly 70 IoT attacks per organization.

WEF graphic

Gateways to the dark web

Based on research from PSAcertified, the average cost of a successful attack on an IoT device exceeds $330,000. Another analyst report reveals that 34% of enterprises that fell victim to a breach via IoT devices faced higher cumulative breach costs than those who fell victim to a cyber attack on non-IoT devices; the cost of which ranged between $5 million and $10 million.

Other examples of IoT-based attacks include botnet infections, turning devices into zombies so that they can participate in distributed denial-of-service (DDoS), ransomware and propagation attacks, as well as crypto-mining and exploitation of IoT devices as proxies for the dark web.

4% browsing, 90% confidentiality, 6% anonymity

The dark web relies on an arsenal of tools and associated services to facilitate illicit activities. Extensive research has revealed a thriving underground economy operating within the dark web. This economy is largely centered around services associated with IoT. In particular, there seems to be a huge demand for DDoS attacks that are orchestrated through IoT botnets: During the first half of 2023, Kaspersky identified over 700 advertisements for DDoS attack services across various dark web forums.

IoT devices themselves have become valuable assets in this underworld marketplace. On the dark web, the value of a compromised device is often greater than the retail price of the device itself. Upon examining one of the numerous Telegram channels used for trading dark web products and services, one can come across scam pages, tutorials covering various malicious activities, harmful configuration files with “how-to’s”, SSH crackers, and more. Essentially, a complete assortment of tools, from hacking resources to anonymization services, for the purpose of capitalizing on compromised devices can be found on the dark web. Furthermore, vast quantities of sensitive data are bought and sold there everyday.

AI’s dark capabilities

Adversarial machine learning can be used to attack, deceive and bypass machine learning systems. The combination of IoT and AI has driven dark web-originated attacks to unprecedented levels. This is what we are seeing:

  • Automated exploitation: AI algorithms automate the process of scanning for vulnerabilities and security flaws with subsequent exploitation methods. This opens doors to large-scale attacks with zero human interaction.
  • Adaptive attacks: With AI, attackers can now adjust their strategies in real-time by analyzing the responses and defenses encountered during an attack. This ability to adapt poses a significant challenge for traditional security measures in effectively detecting and mitigating IoT threats.
  • Behavioral analysis: AI-driven analytics enables the examination of IoT devices and user behavior, allowing for the identification of patterns, anomalies, and vulnerabilities. Malicious actors can utilize this capability to profile IoT devices, exploit their weaknesses, and evade detection from security systems.
  • Adversarial attacks: Adversarial attacks can be used to trick AI models and IoT devices into making incorrect or unintended decisions, potentially leading to security breaches. These attacks aim to exploit weaknesses in the system’s algorithms or vulnerabilities.

Zero-tolerance security

The convergence of IoT and AI brings numerous advantages, but it also presents fresh challenges. To enhance IoT security and device resilience while safeguarding sensitive data, across the entire IoT supply chain, organizations must implement comprehensive security measures based on zero-tolerance principles.

Factors such as data security, device security, secure communication, confidentiality, privacy, and other non-functional requirements like maintainability, reliability, usability and scalability highlight the critical need for security controls within IoT devices. Security controls should include elements like secure communication, access controls, encryption, software patches, device hardening, etc. As part of the security process, the focus should be on industry standards, such as “secure by design” and “secure by default”, along with the average number of IoT attacks per organization, as broken down by region every week.

Functional requirements, non-functional requirements

Collaborations and alliances within the industry are critical in developing standardized IoT security practices and establishing industry-wide security standards. By integrating dedicated IoT security, organizations can enhance their overall value proposition and ensure compliance with regulatory obligations.

In today’s cyber threat landscape, numerous geographic regions demand adherence to stringent security standards; both during product sales and while responding to Request for Information and Request for Proposal solicitations. IoT manufacturers with robust, ideally on-device security capabilities can showcase a distinct advantage, setting them apart from their competitors. Furthermore, incorporating dedicated IoT security controls enables seamless, scalable and efficient operations, reducing the need for emergency software updates.

IoT security plays a crucial role in enhancing the Overall Equipment Effectiveness (a measurement of manufacturing productivity, defined as availability x performance x quality), as well as facilitating early bug detection in IoT firmware before official release. Additionally, it demonstrates a solid commitment to prevention and security measures.

By prioritizing dedicated IoT security, we actively contribute to the establishment of secure and reliable IoT ecosystems, which serve to raise awareness, educate stakeholders, foster trust and cultivate long-term customer loyalty. Ultimately, they enhance credibility and reputation in the market. Ensuring IoT device security is essential in preventing IoT devices from falling into the hands of the dark web army.

This article was originally published via the World Economic Forum and has been reprinted with permission.

For more Cyber Talk insights from Antoinette Hodes, please click here. Lastly, to receive stellar cyber insights, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.

The post How the Internet of Things (IoT) became a dark web target – and what to do about it appeared first on CyberTalk.

Bitsight buys dark web security specialist Cybersixgill for $115M

✇TechCrunch - Dark Web
By: Ingrid Lunden
More consolidation is afoot in the world of cybersecurity. Bitsight, a cybersecurity startup last valued at $2.4 billion when ratings firm Moody’s took a stake in the business and became its largest shareholder in 2021, is acquiring Cybersixgill for $115 million. Boston-based Bitsight’s focus is cyber risk management. It works with enterprises to assess their […]

I visited the dark web, and all I got was…

✇TechCrunch - Dark Web
By: Haje Jan Kamps
PODCAST VO SCRIPT, [unpublished] Haje: The dark web is a lot of things; particularly user-friendly ain’t one of them. The other day, I got an amazing tip about ‘Dark Web Gift Shop,’ which tries to at least give you a little bit of a reward for your struggles. Haje: The founders say that: [AI generated voice]: […]

The IRS is sending four investigators across the world to fight cybercrime

✇TechCrunch - Dark Web
By: Lorenzo Franceschi-Bicchierai
The Internal Revenue Service (IRS) plans to send four agents who specialize in investigating cybercrime to Australia, Singapore, Colombia, and Germany starting this summer. These four new positions represent a significant increase in the IRS’s global efforts to fight cybercrimes, such as those involving cryptocurrency, decentralized finance and crypto laundering services. In the last several […]

What is the Dark Web?

✇McAfee
By: Jasdev Dhaliwal

The dark web. The name raises all kinds of questions. What is the dark web, really? Where is it? Can anyone use it?

Answering these questions can help you stay safer online.

The story of the dark web is a complicated one. It’s a small and highly anonymous portion of the internet. As a result, it has a reputation for harboring criminal activity. We often mention the dark web in our blogs, typically when the conversation turns to identity theft, data breaches, and stolen personal info. Rightfully so. Plenty of cybercrime can be traced right back to the dark web.

Yet cybercriminals didn’t create the dark web. And they’re far from the only people who use it. News outlets like the BBC and the New York Times have a presence there, as does the U.S. Central Intelligence Agency (CIA). Journalists, activists, and everyday citizens use it as well, often to work around oppressive censorship. Even Facebook is there, providing people access to the social media site in regions where it’s blocked.

Anonymity reigns on the dark web. It was designed to work that way. With that, it’s home to a mixed bag of activity, legitimate and illicit alike. Yet that anonymity doesn’t stop us from putting a face onto the dark web — from understanding what it is, where it is, and what happens there.

That starts with a look at the internet and the two primary layers that make it up.

The layers of the internet: The surface web and the deep web 

If you visualize the internet as an ocean, you’ll find it populated with websites and collections of data at all depths. Yet, the typical internet user only has access to the first few feet, a layer of the internet known as the surface web.

The sights you’ll see within the surface web will look familiar. It’s all the blogs, shops, social media sites, and so on that you visit regularly. And it’s easy to get to. You only need to fire up your browser and go. All the sites are public-facing. With a quick search, you can find them.

In all, the surface web contains any destination you can reach through search. To put it more precisely, the surface web accounts for areas of the internet that search engines can “crawl” and index for search. Estimates vary, yet the surface web accounts for roughly 4 to 5% of the internet.

Now, enter the deep web, the next 95% of the internet that is not searchable. Yet, that’s not to say that you don’t travel down into its depths from time to time. In fact, you likely do it daily. Any time you go through a paywall or use a password to access internet content, you’re entering the deep web. The content found there is hidden from search. Examples include logging into your bank account, accessing medical records through your healthcare provider, or using corporate web pages as part of your workday. Even streaming a show can involve a trip to the deep web. None of that content is searchable.

As such, the overwhelming majority of activity within the deep web is legitimate. So while this layer of the internet runs deep, it isn’t necessarily dark. The dark web is something altogether different.

What is the dark web? 

The dark web lives within the deep web. Like the other depths of the deep web, it’s not searchable from the surface web. The people behind the sites and repositories on the dark web keep themselves anonymous. And the reasons vary. Some of them are entirely legitimate, others questionable, and several are outright illegal in nature.

Its origins go back to the 1990s when the U.S. Department of Defense developed the dark web as a means of sending anonymous and encrypted communications. That story might sound familiar. It’s quite like the origin story for the broader internet. That had its roots in the Department of Defense as well. So, just as the broader internet eventually became available to the public, so too did the dark web.

Getting there calls for a special browser because the protocols for the dark web differ from the surface web. Moreover, these browsers strip web traffic of identifiable info, encrypt it, and send it through a series of server jumps. The browsing traffic will appear to go through a server in one country, then a different server in another, and then another.

These steps make it highly difficult to identify the person using the browser. On the flip side, it also makes it difficult to identify the people hosting the sites and services on the dark web.

Without question, privacy is everything on the dark web. For good and for bad.

Legitimate uses of the dark web 

While the notion of the dark web typically gets raised in the context of cybercrime and other illegal activity, it has legitimate uses. Some of these use cases include:

Circumventing censorship  

Well-regarded news outlets such as the BBC and Pro Publica maintain a presence on the dark web to ensure that anyone can access their reporting. This includes people in nations and regions where certain news sources are censored.

Private communication 

For the particularly privacy-conscious, the dark web hosts several resources for encrypted communication. That includes email clients, internet chat, and even social media sites.

Whistleblowing 

Anonymous tips are a part of national security, law enforcement, and journalism as well. The private nature of the dark web confers an added degree of anonymity to tipsters.

The dark web isn’t a place everyday internet users will need, or even want, to go. It’s far more complicated than the surface web—and going in without taking several security measures can make the trip a risky one.

The dark web as a marketplace for cybercrime 

This is where the rubber meets the road from an online protection standpoint. The dark web is also a marketplace for hackers and bad actors. In several ways — as a place to buy or rent malware, a repository for stolen info, and a place to communicate and coordinate attacks.

For starters, the dark web is populated with dark marketplaces. And difficult-to-trace cryptocurrency is the coin of the realm. With dark web stores stocked with ready-made malware kits, bad actors can launch attacks with little technical expertise. Others have done the work for them.

Cybercrime groups of all sizes prop up these shops, which they also use to rent out other services for attacks. For example, a small-time bad actor could easily lease a botnet to wage an attack that slows a targeted website to a crawl. Some cybercrime groups will provide hackers who can run attacks on someone else’s behalf, creating a mercenary “hacker for hire” gig economy.

Likewise, info stolen from a data breach can end up in dark web marketplaces as well. The personal info posted in these marketplaces can range anywhere from emails and passwords to in-depth info like tax ID numbers, health info, and driver’s license numbers.

Some of it goes up for sale. Some of it gets dumped there for free. With the right info in hand, cybercriminals can commit acts of identity theft. That includes claiming unemployment benefits and tax refunds in someone else’s name. In extreme cases, it can lead to bad actors outright impersonating their victims, racking up debts and criminal records along the way.

In all, if it’s hackable and has value, it’s likely for sale on the dark web.

Protect yourself from hackers and bad actors on the dark web 

With all this shady activity on the dark web, you might wonder how you can protect yourself. In fact, you can take several steps to help prevent your info from finding its way there. And you also can take other steps if your info, unfortunately, ends up on the dark web.

Installing online protection software is the first step. Online protection software can help prevent many of the attacks that bad actors can buy on the dark web. It protects against ransomware, adware, spyware, and all manner of malware, whether it’s pre-existing or entirely new.

Yet today’s online protection goes far beyond antivirus. Comprehensive protection like ours protects your privacy and identity as well. It can keep tabs on your identity and credit, create strong passwords, and clean up your personal info online.

Monitor your identity:

An identity monitoring service can actively scan the dark web for personal info like your date of birth, email addresses, credit card numbers, personal identification numbers, and much more. In the event you fall victim to identity theft, our identity theft coverage and restoration can provide up to $1 million in coverage to cover the costs. Plus, it provides the services of a recovery expert with limited power of attorney to help you repair the damage done.

Keep an eye on your credit:

If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up at once. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud. Moreover, they have customer support teams that can help you file a claim if needed.

Given all the accounts you likely have a credit monitoring service can help. McAfee’s credit monitoring service can help you keep an eye on changes to your credit score, report, and accounts with prompt notifications and provide guidance so you can tackle identity theft.

Create strong, unique passwords:

With the high number of accounts you need to protect, creating strong, unique passwords for each one can get time consuming. Further, updating them regularly can become a time-consuming task. That’s where a password manager comes in.

A password manager does the work of creating strong, unique passwords for your accounts. These will take the form of a string of random numbers, letters, and characters. They will not be memorable, but the manager does the memorizing for you. You only need to remember a single password to access the tools of your manager.

Close old, risky accounts:

The more online accounts you keep, the greater the exposure you have to data breaches. Each account will have varying degrees of personal and financial info linked to it. And that means each one carries a varying degree of risk if it gets breached. Moreover, some sites and services protect data better than others, which adds another dimension of risk. Closing old and particularly risky accounts can decrease the risk of your personal and financial info winding up in the hands of an identity thief.

With security and savings in mind, McAfee created Online Account Cleanup. It finds and requests the deletion of unused accounts and protects your personal data from data breaches as a result. Monthly scans across your online accounts show a risk level for each account and help you decide which ones to delete.

Use two-factor authentication:

Two-factor authentication is an extra layer of defense on top of your username and password. It adds a one-time-use code to access your login procedure, typically sent to your smartphone by text or call. Together, that makes it tougher for a crook to hack your account if they get hold of your username and password. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up is more than worth the big boost in protection you’ll get.

Protect yourself from cybercriminals on the dark web 

The “dark” in the dark web stands for anonymity. And with anonymity, all kinds of activity follow. Good and bad.

From a security standpoint, the dark web is a haven for all manner of cybercriminals. Understanding how they use the dark web can help you protect yourself from their activities. You have tools for prevention, and you have resources available if your info ends up there or leads to identity theft.

By putting a face on the dark web, you put a face on cybercrime and can help reduce the risk of it happening to you.

The post What is the Dark Web? appeared first on McAfee Blog.

Russians Offered Ready-made Crypto Exchange Accounts Amid Restrictions

✇Bitcoin News - Darknet Archives
By: Lubomir Tassev
Russians Offered Ready-made Crypto Exchange Accounts Amid Restrictions

Russian crypto traders have been looking to obtain unrestricted accounts for global exchanges as their access to such platforms is limited. Over the past year, the offering of such accounts on the dark web has increased significantly, cybersecurity experts told the Russian press.

Supply of Crypto Exchange Accounts for Russian Users Doubles in a Year of Sanctions

More and more ready-to-use accounts for cryptocurrency exchanges are being sold to Russian residents. While this is not a new phenomenon — such accounts are often employed by fraudsters and money launderers — the current growth in supply has been attributed to the restrictions imposed by the trading platforms on customers from Russia, as a result of compliance with sanctions over the war in Ukraine.

Russian residents have been buying these accounts despite the dangers, including the risk that whoever created them could maintain access after the sale, the Kommersant reported. But they are inexpensive and offers on darknet markets have doubled since early 2022, Nikolay Chursin from the Positive Technologies information security threat analysis group told the business daily.

According to Peter Mareichev, an analyst at Kaspersky Digital Footprint Intelligence, the number of new ads for ready-made and verified wallets on various exchanges reached 400 in December. Proposals to prepare fake documents for passing know-your-customer procedures also rose, the newspaper revealed in an earlier article last month.

Simple login data, username and password, is typically priced at around $50, Chursin added. And for a fully set up account, including the documents with which it was registered, a buyer would have to pay an average of $300. Dmitry Bogachev from digital threat analysis firm Jet Infosystems explained that the price depends on factors such as the country and date of registration as well as the activity history. Older accounts are more expensive.

Sergey Mendeleev, CEO of defi banking platform Indefibank, pointed out that there are two categories of buyers — Russians that have no other choice as they need an account for everyday work and those who use these accounts for criminal purposes. Igor Sergienko, director of development at cybersecurity services provider RTK-Solar, is convinced that demand is largely due to crypto exchanges blocking Russian accounts or withdrawals to Russian bank cards in recent months.

Major crypto service providers, including leading digital asset exchanges, have complied with financial restrictions introduced by the West in response to Russia’s invasion of Ukraine. Last year, the world’s largest crypto trading platform, Binance, indicated that, while restricting sanctioned individuals and entities, it was not banning all Russians.

However, since the end of 2022, a number of Russian users of Binance have complained about having their accounts blocked without explanation, as reported by Forklog. Many experienced problems for weeks, including suspended withdrawals amid prolonged checks, affected customers said. The company told the crypto news outlet that the blocking of users from Eastern Europe and the Commonwealth of Independent States was related to the case with the seized crypto exchange Bitzlato.

Do you think the restrictions will push more Russians towards buying ready-made accounts for cryptocurrency exchanges? Share your thoughts on the subject in the comments section below.

❌