We often hear about the dark web in reference to the activities of cybercriminals, but this terminology is also confused or used as a synonym for the deep web, even if the two realities are different. Knowing the details can be useful to defend against threats lurking on the net.
The world of cybercriminals is the dark web.
In this virtual place cybercriminals meet to carry out all their activities, illicit trafficking, trading, development of malware. But precisely for this reason the dark web is also a resource for those involved in fighting cybercrime, because here they can find valuable information to implement defense strategies that play, or try to play, in ancient times. By now we know that the web known and snowed by all represents less than 1% of the whole internet. This other, lesser known part of the internet is the deep web. Inside we find the dark web. It is a series of internet pages that cannot be reached with normal navigation tools and are specially concealed as the contents are illegal. It deals with illegal drug or weapons trafficking or sensitive data stolen following a cyber attack and then put on sale through these channels, frequented precisely by cyber criminals or by those who hunt them down.
In this submerged universe, everything happens. But one area in particular has developed widely in recent years: cybercrime as a service. In fact, it is an evolution of cyber crime, which has gone from direct actions to the trading of tools to carry out direct actions. As has happened in many sectors, a real competence is no longer necessary, it is no longer necessary to know programming, but the will to commit a crime is enough. Others think about the rest. The really good ones who have seen their earnings grow by selling the codes created to an ever wider audience. Thus, real platforms have arisen from which to launch and manage cyber attacks, and from which to monitor the profits made. This system has mainly concerned ransomware attacks, they are ransomware as a service.
The business of personal data.
The huge amount of personal data stolen in recent attacks can be found for sale right on the dark web. A passport can be worth as much as 13 euros, a driving license can go up to 21 euros. While bank account data can be sold for up to 10% of its value. The data of a credit card are worth 16 euros while a PayPal account exceeds 400 euros. There were over a million data theft alerts this past year, an increase of more than 50% over the previous period. 70% of this data is available on the dark web, while less than 30% is found on the normal web. These are mostly passwords and access credentials, which when disclosed also highlight the lack of attention of users to computer security, with absolutely banal passwords. In times of pandemic then the Grenn Passes could not be missing, with a value that reaches 600 dollars each.
A hidden place, or not?
A safe and anonymous place therefore. Difficult for most people to reach and in which it is easy to remain anonymous. The owners of the websites here can easily hide their identity, even when they are spotted. In this way, even criminals can have a showcase to promote their activity, something that groups in particular do, while keeping their real identity hidden. Through a public site they can also threaten victims to make stolen data public if they do not comply with the payment of a ransom. This is a popular technique for convincing companies to pay for ransomware attacks.
Differences with the deep web.
This is the largest part of the internet, where there are documents not indexed in normal search engines and therefore reachable only with direct links. It is the largest portion of the web, but not necessarily dangerous. For safe navigation, however, it is also good to know its existence. Typically these are content that can be accessed through a security system, which can be simply a username and password. Deep web does not necessarily mean dark web, but it is, on the contrary, a very important part of the internet for everyone.