The dark web has made a black market gig economy where cybercriminals thrive, and the targets are unsuspecting people, corporations and governments alike. Ntirety CEO Emil Sayegh makes the case for how a comprehensive security posture can mitigate risks and keep organizations from being caught off guard.
Dark Web Of Cybersecurity Concerns Rising With Gig Economy
Economic conditions combined with opportunity and technological advancements have set the foundation for the gig economy. Freelance, temporary, and flexible jobs are a noticeable component of our modern economy and so, employer names like Upwork, Uber, Lyft, Fiverr, and many others are as common as traditional jobs now. In technology specifically, we always had freelance developers as well.
Those same economic factors, however, have created a little-known gig-economy for technological skills that include cyber hacking and cybercrime.
Amongst our modern technological landscape, cybersecurity skills are in demand, and we are suffering from a real cybersecurity talent drought with a forecast of 3.5 million cybersecurity jobs unfilled by 2025. The technology employment market is faced with a continual need for personnel and skills to fill its operational needs. Cybersecurity professionals could find themselves fully or fractionally employed in many situations at many organizations. Some of that employment includes what is called “white hat” or ethical hacking – hackers that exploit, test, and report on vulnerabilities of an organization. With the right mix of cybersecurity and continued vigilance, organizations can leverage these kinds of services towards continually improving their cybersecurity posture.
The Underground: Cybercriminal Buyers and Sellers
On the dark web however, any semblance of ethical boundaries goes completely out the window. The dark web is a thriving, active underground network of information exchange that is in no way static and isn’t indexed by search engines, or visible to the casual users. Cybercriminal activities are often traced back to these dark web origins and much of the activity takes place in an underground marketplace that is built around cybercriminal mischief. Much like the gig economy itself, factors such as inflation, world events, social unrest, and opportunity are pushing skilled and opportunistic actors into this market.
The Wild West of Buyers and Sellers
This global cyber underground marketplace features unique wares and services and is driven by buyers and sellers of all types. You won’t find physical buildings, walls, or phone numbers to call. On any given day, you will find open conversations about targets, tactics, and conversations about cyber hacking expertise. Both buyers and sellers need to beware. Buyers need to beware that they are dealing with criminals, and sellers need to beware because the dark web is also frequented by undercover law enforcement and foreign intelligence agencies. Payments are made with trades of information, hacking tools, and difficult to track cryptocurrency. It is about as open as it can be and untraceable as can be, which makes it very attractive for upstarts, would-be buyers, and those looking to make some cash.
A Dark, Dark Market
Dark market operations have grown to become a central component for many upstart international cyber threat operations. Hack wares are becoming more proactive in nature than ever, bolstering a market that is destined to boom in terms of products and services sold, and products and services bought.
Available black hat services available on the dark web include:
- Hack a website – Looking to buy a hack of a site or web services? This might set you back a couple of hundred US dollars. Need those admin credentials or data? Double that amount.
- Target a phone or computer – Looking to get to a specific computer or smartphone? A little phishing, payloaded files, or even ransomware will get the job done. Available for any platform.
- Target a person – This attack incurs perhaps the most effort and prices vary accordingly. However, you can buy a whole lot of trouble for the target of your choice. Services rendered can result in legal problems, reputation problems, or financial compromise for said victim. A recent example of this type of targeting, is the latest rumored high profile compromise alleged to be a hack by underground 4chan users into the iCloud account of Hunter Biden.
- Records manipulation – Need something changed? Social engineering and technological compromise could be your ticket. Official school transcripts, address verification, and any number of records can be changed as requested.
- Email hacks – There are many ways to get into your average email account, meaning you can buy this service along with the choice of quietly spying on an account, simple access, or creating copies of all the data inside of a mailbox’s contents. The infamous hack in 2016 of then presidential candidate Hillary Clinton’s emails may have cost her the presidency.
- DDoS attacks – A Distributed Denial-of-Service (DDoS) attack is a type of cyber-attack in which hackers render a network of computers unavailable to the users by flooding the targeted system with requests. You can typically choose to pay for targeted DDoS attacks in one-hour time increments, for as long as you want. Countless options abound as you can just name your target, begin and end dates, and level of attack bandwidth.
- Social attacks – You can buy a hijack of a targeted social account for the right price. Hackers have been doing this one for years, with high-profile hacks against major corporations on properties like Twitter, Facebook, and more.
Cyberweapons for Sale
You can also buy, trade, and sell data – including military-made cyberweapons that are available on the dark web. In fact, the market was already going in this direction when the United Arab Emirates was exposed targeting human rights activist Ahmed Mansoor in 2016. The virtually impossible-to-detect iPhone spyware tool they used was called Pegasus, made by an Israeli group known as the NSO Group. The Pegasus spyware is classified as a weapon by Israel and any export of the technology must be approved by the government. It is only approved to be sold to governments, and not private enterprises but invariably falls in the wrong hands. Reports of this spyware potentially implicated it in a number of attacks across the world targeting human rights activists and journalists such as murdered Saudi dissident Jamal Khashoggi. Pegasus is the iOS variant for Apple devices while the Android variant is called “Chrysaor.” It is similar in nature to the original Trojan viruses that were used to spy on computers, except this spreads via text messages and targets mobile devices. Back in 2014, a group known as Hacking Team, based out of Italy, was also found selling specific spyware to other country’s intelligence agencies. Each of these incidents involved hackers for hire, custom tools, and nation-state entities.
The Unprepared Will Fall
With illicit activities on the rise, an inevitable logical outcome is that many more unprepared organizations will face cyber disasters. In the face of yet another growing threat condition, the case for comprehensive security systems only become stronger by the day. Continuous monitoring, detection, and recovery are components of the comprehensive security solution where so many organizations will fall short.
We cannot stop this scary underground surge, but with a comprehensive security posture, we can wield the tools to detect, mitigate, slow down, and even stop these attacks in their tracks.
This article was originally published in Forbes, please follow me on LinkedIn.