A new report by Bromium titled Behind the Dark Net Black Mirror offers a detailed analysis of the dark net markets. The report has been carried out by Dr. Michael McGuire who will present his findings in full during the latest edition of the Infosecurity Europe 2019 conference.
McGuire’s report is the latest chapter of the Into the Web of Profit series, on which the researcher has been working with Bromium for the past couple of years. The latest chapter reveals a detailed account of the various threats originating on the dark net that are being deployed against the enterprise.
How was the research on the dark net carried out?
McGuire examined the “complex world” of the dark net and its platforms, and some of the findings were “truly shocking”.
“To really get to the bottom of what’s happening in the dark net, I examined more than 70,000 listings on dark net platforms, analyzing a number of factors – including what commodities are on sale, prices, attack vectors, patterns of trading, and more,” he wrote.
The extensive analysis requires access to dark net forums, and McGuire and his team obtained three memberships. They allowed them not only to observe and gather information but also to engage with vendors covertly, encouraging them to be quite outspoken about their arsenal of possibilities.
In addition, the research is also based on interviews and analysis from an expert global panel of law enforcement, governments, and cybersecurity experts.
During my presentation [at Infosecurity Europe 2019], I will be talking through what I encountered during my research; the variety of off-the-shelf tools that are being sold online, as well as the prevalence of targeted services for corporate espionage. I will also be outlining the conversations I had with criminal vendors who were offering services targeting FTSE 100 and Fortune 500 companies, the researcher explained.
The conclusion of the report is not that surprising. Anyone with time and motive can obtain access to a “tailormade marketplace to attack whenever and whoever they want”. It is highly alarming that it’s entirely possible to find highly targeted and sophisticated surveillance and hacking services in the blink of an eye.
There were also a number of bespoke services for specific industries, emphasizing how acute cybercriminals have become about the weak spots in organizations’ defences, the researcher shared.