The Dark Web is the World Wide Web content (a series of ‘darknets’) that requires specific software, configurations or authorisation to access. It forms a small part of the deep web, the part of the Web not indexed by web search engines.
The darknets which constitute the Dark Web include small, peer-to-peer networks, as well as large, popular networks like Tor, Freenet, I2P and Riffle operated by public organisations and individuals.
The Dark Web is well known for being a marketplace for illegal goods such as drugs and weapons. However, the research underpinning this report originated in a desire to know more about how it is used by fraudsters and cybercriminals to support, plan, execute and monetise attacks on companies.
Little has been published in this area, and yet, as was found during the course of the research, a very real problem exists. It is easy to access and increasingly becoming the source of tools and methods used by criminals to target organisations.
The Dark Web is large and complex. To provide a starting point the researchers selected the 50 most valuable UK brands and searched areas of the Dark Web called ‘Market Places’ for information about each brand.
The researchers quickly found discussions, and attempts to market services and products, intended to defraud or perpetrate cybercrime against 21 of the top 50 UK brands, as identified the 2017 brand directory league table. The researchers also identified discussions about a large number of other well-known brands. For ease of analysis, we have grouped our findings against the top 50 UK brands into four key types of organisations.
Out of the top 50 UK brands, we found eight banking and finance organisations that were affected.
Out of the top 50 UK brands, we found four retail and entertainment organisations that were affected.
Out of the top 50 UK brands, we found six telecommunications organisations that were affected.
Out of the top 50 UK brands, we found three energy and transport organisations that were affected.
Our research demonstrates that cyber criminals collaborate and trade online to obtain the information and tools necessary to defraud and commit crime. This happens on a significant scale with many of the UK's top brands affected.
This report, by exposing the nature and scale of what is happening, can help to raise awareness of the problem.Fraud and cybercrime are now the most commonly reported crime and no organisation can expect to be immune. Businesses can and should do much more. There are mechanisms available to allow more effective threat assessments.
The Dark Web requires expertise to search it effectively and discretely. Searching should be undertaken by trained experts used to working across the various Dark Web market places.
Crowe offers a low-cost subscription service for organisations interested in monitoring the Dark Web for emerging threats. It can be deployed quickly and provides a regular report of any discussions relevant to the organisation.
Our service is much more than is offered by automated Web crawlers. Searching is undertaken by humans, specially trained with an eye for detail and the intelligence to spot threats and points of interest.
For more information and a no obligation discussion please contact Jim Gee.
Whether it is cybercrime or business malpractice, we will explain what the latest threats are and what can be done to mitigate them. This national event is being held in four locations: London, Reading, Oldbury and Manchester.