In July this year, it was discovered that Medicare card details were being sold for less than $30 each on the dark web. The Australian Federal Police confirmed it was investigating a data breach of the Federal Government website, which potentially made the private Medicare numbers of every Australian citizen available for purchase.
The implications are massive. It means that Governments and private enterprises alike are equally vulnerable. Hackers are continually finding new ways to exploit security systems and retrieve valuable data – often with a single purpose; to sell it on the dark web.
What is the dark web?
Put simply, there are three parts of the Web; the surface web, the deep web and the dark web. Most of us only ever use the surface web – the section of the internet accessible through search bots like Google. But the surface web is often referred to as the tip of the internet iceberg, because below it is a much larger part of the Web, the ‘deep web’ which is inaccessible to search bots.
Within this deep web is another section, known as the ‘dark web’. This small section of the deep web is deliberately hidden and only accessible using services like Tor ("The Onion Router") and I2P ("Invisible Internet Project”). This shady sub-section of the deep web provides anonymity to drug dealers, terrorists and other criminals. Illegal activity is not only rife, but profitable - Carnegie Mellon University estimates that the biggest marketplaces on the dark web make over $500,000 each day.
What does the dark web mean for business?
Data breaches have been on the rise for some time. In 2014 Yahoo! experienced the biggest data beach to date, exposing 3 billion user accounts. Just this year, Equifax, the US credit monitoring agency, admitted the personal data of 143 million US customers had been compromised.
The recent Medicare scandal has proven no business is safe and nothing is off limits. Governments and private enterprise alike need to tighten security and do their best to eliminate vulnerabilities. Because when businesses come under attack, it can cause irrevocable damage – not only to their image, but to their customer and client relationships.
How to protect your business
Security experts are starting to understand that a more proactive approach must be taken when it comes to scanning the dark web for cyber threats. Threat monitoring can uncover, for example, if cybercriminals are planning an attack, so the organisation can pre-empt a breach and take immediate action to protect their digital identities and servers.
However, monitoring the dark web is an enormous task. It requires a global team of cyber experts to analyse massive volumes of data and linguists who can impersonate cybercriminals to gain their trust. For most businesses, the best solution is to hire a skilled threat analyst who has specific experience making contact with cybercriminals in the dark web.
Problems closer to home
According to Avivah Litan, VP distinguished analyst at Gartner, one of the biggest threats of the dark web is dissatisfied employees. A report by RedOwl and InSights, claims that the active recruitment of insiders in the dark web is growing fast, with insider outreach going up nearly 50 per cent from 2015 to 2016.
The report says the dark web has created a market for employees to monetise insider access. That cybercriminals are using the dark web to find and engage insiders to help them get malware into organisations and trigger it. So, while it’s important to ensure you have experienced cyber analysts monitoring the dark web, it’s also essential that internal security policies are in place and rigidly enforced.
Dark web checklist Many organisations already have cybersecurity policies in place, but with the growing number of data breaches, it’s time to ramp up security:
- Hire highly-skilled threat analysts - The dark web requires a people-centric approach. Skilled threat analysts need to go undercover, taking time to gain the trust of cybercriminals and continually monitor the marketplace
- Use the power of big data - Undercover agents look for coded mentions of your brand and data using specialist crawlers
- Make sure you have “dark data request for information (RFI)” know-how - Posing as buyers, undercover agents know how to question criminals without raising suspicion to discover if the data is legitimate and analyse the risk to your company
- Use ethical hackers - So-called “white hats” can help you test your systems, identify flaws and fix them
- Exploit Artificial Intelligence (AI) - AI is increasingly being used to spot cyber threats over time and identify shared characteristics within groups of threats. Combining human intelligence with AI’s pattern recognition creates a very strong detection system
The Medicare website breach was alarming. It demonstrated that even the most well protected organisations are still vulnerable to attack. It has shown us that there’s no room for complacency when it comes to cyber defence. The threat of the dark web is real, and every organisation holding on to valuable data needs to take every possible measure to protect it. Because the minute you let down your defences, you’re leaving yourself wide open for attack.
Kevin Griffen is the Managing Director, Australasia for Orange Business Services. He is a member of the Orange Leadership Team Asia Pacific and his experience spans 30 years in the Communications and IT Industry.