News & AnalysisNewsletterSecurity

The Dark Web Continues to Bring Woes to Businesses

The Dark Web continues to be a platform for bad actors to share stolen credentials and discuss successful attacks, affecting an increasing number of businesses amid the pandemic.

dark web

Data breaches have become far too common in India, and several other countries, amid the pandemic and continues to haunt businesses. A fascinating area in the cyberspace for the bad guys to explore is the Dark Web. As is evident from a recent research report, which reveals that India is not only one of the most vulnerable areas to launch such an attack, but the country also ranks second as the most eager region in the world, after USA, to access the dark web.

In the vast realm of the internet, the dark web consists of an anonymous space in which criminal activities like drug dealing, arms trading, and bidding on users sensitive and private information occur daily. With most companies implementing work from home orders in the wake of COVID-19 restrictions, the risk of data breaches and stolen records increased dramatically since last year. Research has shown that 37% of employees working from home have faced an increase in potential phishing attack risks, due to the increased reliance on remote communication in co

In 2019, 25 million records were lost to the Dark Web including individual, medical and corporate records subjected to the increasing reach of data breaches. However, that’s nothing compared to the staggering 386 million stolen records that have been given to the Dark Web in 2020 already, where most reported threats include selling valuable personal data, using details to hack financial accounts, selling counterfeit and illegal items, and more.

Needless to say then, the dark web is increasingly becoming a ‘hotbed of criminal activity’, enabling people to anonymously view and buy illicit materials online via specific browsers, such as Tor to be accessed.

Let’s consider a few recent India-based examples. A week ago, it was reported that data of over 3 lakh Indian cryptocurrency users  were leaked on the dark web. The leaked data claims to include sensitive information of users of BuyUcoin, a leading Cryptocurrency exchange in the country, as revealed by cybersecurity researcher Rajshekhar Rajaharia.

In the first week of April 2020, when the world was reeling under the corona crisis, around 500,000 Zoom account passwords were stolen and were available for sale on the dark web. Later in 2020, popular online grocery vendor BigBasket too reported to have faced a data breach that affected the data of over 2 crore customers, whose email IDs, IP addresses and other personal information were compromised and put up for sale on the dark web. The list is in fact longer.

According to the research by Uswitch, over 1.5 million people across the world are searching for the dark web online.

Nick Baker, security and broadband expert, at Uswitch.com told CXOToday, “If our personal details are placed in the wrong hands and shared on the dark web, this can be pretty dangerous. Before we know it, thousands of hackers could have access to our bank details, private information and passwords. It goes to show that when spending time on the internet, users should be mindful of what they’re sharing, and where.”

The dark web is a corner of the internet that many of us know little about or perhaps have even heard of. Yet, this hidden part of the internet enables users to access another world of the web,” he said.

“On the dark web, searches are anonymous and aren’t tracked in the same way that ‘normal’ internet browsers track our searches. With items such as personal data, passports and IDs often found on the dark web, it’s an area of the web that is rife with illegal activity and certainly not something that we’d advise you go looking for,” explained Baker.

As per the report, people in America are revealed to have searched the most online, with 368,000 people using the keywords ‘dark web’ and specifically ‘how to access the dark web’ (14,800) in the past year. Following this, India’s combined dark web searches hit over 250,000 in the past year, with the UK coming in third place eager to learn more about it.

In Europe, excluding the UK, internet users in France are seeking out the dark web the most with 60,670 searches, followed by Italy (49,590), and Turkey (33,150). People often search using keywords both in English and their native language, as translated content online can be limited, the study finds.

dark-web

Out of the options available as far as dark page browsers are concerned, Tor has been revealed as the most searched for dark web browser in the world, with a curious 910,730 people actively looking for it. Waterfox comes in second at 52,220, and Whonix in third with 21,770 global average monthly searches, the report finds.

Tor is the clear leader of dark web browsers, as it’s not only the most searched for anonymity browser in America (165,000), but also in areas dominating the dark web such as India (90,500), and the UK (49,500).

According to Baker, “There are, however, several ways business users and consumers can avoid having your details hacked and shared on places like the dark web, which will allow you to search on the internet safely using the most popular browsers available.”

He highlighted some fundamental cyber hygiene to stay safe online:

  1. When making online payments, check the website is safe. Secure sites start with ‘https’, which means they have an SSL certificate (this enables websites to have a secure connection from the server to a browser). Look out for the padlock symbol in the search bar before you make a purchase.
  2. Ensure your virus software is up-to-date. If you don’t have adequate antivirus software, your details could be hacked without you realizing.
  3. Don’t overshare. Keep your passwords varied, using a range of characters in upper and lowercase, and include symbols. This makes your password stronger and less likely to be hacked.
  4. Don’t click on a link or open an attachment from anyone you don’t trust, whether that’s in an email, text, or on a website.
  5. Reduce the amount of personal information you share online. This could include your birthday, a pet’s name, or your address, as these details could be used for fraud.”

Rajarshi Dhar, Senior Industry Analyst, Digital Transformation Practice, Frost & Sullivan, said, “To prevent these and many more such attacks, it is important for enterprises to have a cybersecurity framework that leverages threat intelligence and can identify and respond to advanced threats thereby creating an improved security posture.”

Leave a Response

Sohini Bagchi
Sohini Bagchi is Editor at CXOToday, a published author and a storyteller. She can be reached at sohini.bagchi@trivone.com