Dark web ‘much bigger’ than most people understand

Police director talks Tor-based shopping and buying malware online

Dark web ‘much bigger’ than most people understand

Cyber

By Bethan Moorcraft

Poor digital hygiene is a fundamental problem thwarting organizations across the globe. It’s an issue cyber criminals will continue to exploit until the world builds more cyber resilience.

However, it’s hard for businesses to establish a resilient culture when understanding of cyber threats is still so limited, according to Europol’s executive director, Rob Wainwright.

In 2017, Europol worked in collaboration with the Federal Bureau of Investigation (FBI) to exterminate two of the biggest dark web marketplaces: AlphaBay and Hansa. Criminals were using these Tor-based marketplaces to sell around 350,000 different illicit commodities from firearms to illegal drugs.

The dark web is “much bigger than most people understand” and is a prime feeding ground for cybercriminals looking to purchase malware, or deal in data collected from unlawful breach activity, explained Wainwright.

There are Amazon-style shopping platforms with fully-serviced helplines and 24hr-delivery options for the ransomware bug that might have hit your business 30-seconds-ago without your knowledge.

“Ransomware is now the number one form of malware,” commented Wainwright. This year has seen a number of high-profile ransomware attacks, including WannaCry and NotPetya. In November, ride-hailing company Uber revealed it decided to pay a ransom of US$100,000 (CA$128,440) after hackers stole information about 57 million users and drivers worldwide.

But Wainwright announced he would not advise companies to pay a ransom to cyber criminals after a breach because “we never know if it will encourage them to come back for more” – but he acknowledged that every situation is different, and companies must act to reduce business disruption caused by an attack.   

Speaking at the 2017 CFC London Market Cyber Symposium, Wainwright also said the issue of cyber crime is only going to get more prevalent as the world tunes into the Internet of Things (IoT).

“If the future really relies on IoT, then [the companies producing these connected devices need to improve their] release now and patch later mentality,” he said. “At present, the security of these devices is low at best. IoT regulatory standards are certainly something we need to get to in the near future.”


Related stories:
How safe is the cloud for your business?
"No industry is immune" to cyberattacks

Keep up with the latest news and events

Join our mailing list, it’s free!