Expose the dark web
with cyber security savvy
Keith Barthold
President and CEO, DKB Innovative
Every 39 seconds there is a hacker attack, affecting 1 in 3 Americans.
61% of US small businesses experienced a cyberattack in 2017.
$7.35 million is the average cost of a data breach in the United States.
978,000 new malware threats emerge daily.
81% of hacking-related incidents leverage either stolen or weak passwords.
91% of breaches could have been easily avoided with existing technology.
s if this news isn’t
alarming enough,
a new player
is taking more
prisoners in today’s
vastly growing
and more intense
cybersecurity and
data protection
war. It’s called the dark web, and, as
its name suggests, it’s more deceptive,
complex and dangerous than anything
we’ve ever seen online. It is home
to the world’s largest online black
market, where human organs, human
beings, illegal drugs, guns, stolen
credit cards, and even private health
information is sold.
That’s right. Underneath the internet
you use every day lurks a network of
sites that you won’t find using Google,
Bing or Yahoo, and it’s home to that
suspicious portion of the worldwide
web that is unseen, unindexed and
unknown to most. For those in health
care, where personal information and
financial data need to be as secure and
safe as possible, the consequences for
breaches and data theft not only mean
fines and corporate reputation loss,
but also major lawsuits and threats to
company survival.
WHAT IS THE DARK WEB?
The dark web isn’t just an intriguing
conversation topic or the latest online
scare tactic. It’s real, it’s gaining strength,
and it’s not going away. Essentially a
collection of web sites accessible through
a special web browser where the users
can maintain complete anonymity, it’s
an increasingly vast environment for
illicit activity, including an illegal trade
marketplace for compromised data and
credentials, particularly passwords, as
well as credit card data, hacked login and
subscription credentials, and software
that helps you access the data in other
people’s computers.
Compared to the surface web (think
Amazon, Yahoo and Google), which
most of us access through standard web
browsers and which includes only about
4 percent of the total web online content,
the dark web requires that users access
it through special software such as TOR,
which stands for The Onion Router (see
box), or I2P. The dark web (also called
the darknet), is a subset of the infinitely
larger deep web, which constitutes 96
percent of internet data. (Deep web sites
include the databases for NASA, the US
Patent Office, and private databases
such as Westlaw.) Not only is the activity
largely invisible and purposefully
hidden, it’s often illegal.
Probably the most publicized dark
26 Dallas Medical Journal November 2018
web arrest involved the Silk Road, an
online black market primarily known
for trafficking illegal drugs. In October
2013, the FBI shut down the web site,
which had 12,000 listings for everything
from marijuana and heroin to digital
goods (malicious software and pirated
media), forgeries (fake passports and
Social Security numbers), and services
such as computer hacking. The owner of
the site was sentenced to life in prison,
having received more than $13 million in
commissions from sales.
How does it work?
A primary objective of those
perpetrators manipulating the dark
web is to compromise user credentials.
Because 81 percent of people use
the same passwords across multiple
website accounts, statistically it’s likely
that a password found on the dark web
associated with a personal email address
also is in use for the company. This
creates a severe vulnerability because
passwords often are the primary security
control to protect access to email, data
and systems.
Chances are that you have the same
user name and passwords across various
accounts. You may have the same user
name and password (typically your
email address and password) for your
Facebook and Gmail accounts and maybe
We’ve all heard startling statistics like these:
A