Contemporary movies are filled with high-stakes cybercrime, where a lovable criminal syndicate breaks into a company’s systems to help wreak havoc on the true villains of the film, all the while exposing the company’s dirty laundry. Naturally, this idea can be frightening for any business, whether or not they have any dirty laundry to air out—after all, nobody wants a ruined reputation—and is unfortunately less and less of a fantasy all the time.
This is directly due to the idea of a hacking gig economy, and how the Dark Web can be used to support it.
Before we get too far into the weeds as we discuss the Dark Web, let’s make sure we’re on the same page in terms of the “gig economy.” The gig economy basically describes the prevalence of people working in part-time positions on a temporary basis or as independent contractors, either as a means of supplementing their existing income or as their primary source of it. This environment has been supported in its growth by the capabilities of the Internet—particularly within the younger generations in urban areas.
This new economy has proved beneficial for both the members of the workforce that are a part of it, and the businesses that enlist their services. These businesses have a much larger pool of resources to draw upon without the long-term commitment of a full-time hire, while workers can more easily supplement their increasingly flexible lifestyle with this kind of work.
Of course, a lot of drawbacks have come with this new method of work as well, but that’s something we’ll have to get into later. For now, we just need to focus on the idea that more people are seeking out work opportunities in a less traditional format (as well as businesses increasingly seeking out people to fill these temporary roles) and are using the Internet as a means of doing so.
Unfortunately, this trend also includes cybercriminals, and those businesses who want to take advantage of their illicit services. These parties accomplish this by taking their intentions to the Dark Web.
Admittedly, the term “Dark Web” may not be familiar to everyone, so it may be helpful to look at how the Internet is functionally constructed. The Internet of today is made up of three distinct parts:
This last point is what allows the Dark Web to give cybercriminals the utility that it does as a means of selling their services to those seeking it out. By anonymizing all browsing and even hiding payments behind the encryption of cryptocurrencies, the Dark Web gives this illicit economy the perfect environment in which to thrive.
Let’s explore how such a transaction could take shape:
Let’s assume for a moment that you have a serious enemy, whether it's one of your competitors, an old employee who left on bad terms, or a former client with a serious grudge. What can this enemy of yours do?
If they have the knowledge of how to do so, someone seeking to hurt your company could access the Dark Web and seek out a hacker’s services on one of the many forums that the Dark Web hosts, offering some financial payout in exchange for your website being taken down. Maybe they’d offer a thousand dollars or so, and a hacker with some time could take them up on that offer.
This isn’t a hypothetical situation—Dark Web forums have seen more than eight million users send over 80 million messages seeking out the services of a hacker, with hackers using the forums to promote their own services. Generally speaking, these posts break down as follows:
As you might imagine, the number of people actively using these platforms leads to many very specific services available.
Of course, we should discuss how much a cybercriminal could potentially make, if only selling data that they have stolen. After hacking a database, a hacker could potentially sell its contents for $20,000—about a rate of $50 for about 1,000 entries.
Small-to-medium-sized businesses are under a somewhat ambiguous level of threat from the Dark Web, specifically where data theft and distribution are concerned. To many, the Dark Web remains a sort of computer horror story.
However, as the Dark Web comes more into the public consciousness, its already-considerable risks will only grow… and again, it isn’t as though it isn’t already being used to distribute stolen data, be it sensitive information or access credentials or what have you. There’s a non-zero chance that some of your data is already put up for sale on some Dark Web site.
To minimize this risk moving forward, there are a few safeguards that you need to adopt as a standard procedure:
If there’s a way that someone can use some vulnerability to access a business’ resources, whether they’re hosted online or on your network, they will. Ensuring that everything is reinforced against these threats will help to minimize the chance of their success.
A big part of avoiding phishing is for your team to be able to see it coming. Training your team members to identify and properly mitigate the threats that they will face—and they will face them at some point—will be crucial to protecting your business.
Finally, all the best practices that you expect your team to uphold all must remain in play, as hackers actively seek out companies with lacking security to target. Don’t give them the opportunity.
Kornerstone Technology Inc. is here to help. Reach out to us at 818-206-6383 to learn more.