Cybercriminals Using ‘Invisible Net’ to Launch Attacks
Large corporates are becoming a lucrative target for the burgeoning dark net underworld.
Recent research suggests that cyber-thieves are creating an “invisible internet” to prevent police from monitoring cyber-crime deals being carried out on the darknet.
Researchers have stated that Criminals are now using “gated” chat forums, invitation-only communities, encrypted apps and chatrooms instead of trading on marketplaces.
Subsequently, this could make it more challenging for law enforcement agencies to recognise and trace attacks. Researchers have also documented a large increase in attacks aimed at big companies in a study where undercover researchers were embedded into a wide variety of forums on the darknet.
The darknet is not accessible to search engines like Google and requires a special browser to visit- most notably, the Tor browser.
Dr Mike McGuire, a criminologist from the University of Surrey, who led the project, told BBC News that successful police infiltration of darknet marketplaces, as well as raids that saw many of them closed down, have encouraged criminal hackers to adopt more secure ways of communicating.
“It’s not as vibrant as it once was because they know the feds are listening and that they will take down markets,” he said.
Dr McGuire outlined that while criminal gangs were still active on those publicly accessible marketplaces, any conversations about targets and tactics were instantly moved to secure apps such as Telegram, separate forums and chat rooms.
“It’s becoming like an invisible internet,” he added. “That’s going to be worrying for law enforcement.”
- UK Tech Sector Creates One Unicorn Company Every Month
- Microsoft Discreetly Deletes Huge Facial Recognition Database
- Drone Survey Reveal the Extent of Arctic Coast Erosion
During the study, researchers posed as customers and quizzed hackers about the cost of a wide variety of cyber-attacks. They enquired about market rates for tailored malware attacks, phishing campaigns, industrial espionage and insider information.
Remote logins for corporate networks were estimated between $2-$30 (£1.50-£24), a targeted attack on a company would cost approximately $4,500 and a targeted attack on individual came in at around $2,000. Meanwhile, phishing kits were estimated at $40, fake Amazon receipts and invoices would cost up to $52 and espionage and insider trading were priced between $1,000 and $15,000.
Co-founder of security firm Bromium, Ian Pratt, who sponsored the research, highlights that the cyber-crime economy that had emerged on the darknet was a mirror image of the legitimate industry.
He explains that the cyber-crime economy was diverse and sophisticated and that hackers could gain access to almost any network they desired.
Mr Pratt says: “It’s not hard to get into corporate networks”. He adds that the most successful method of winning access was via a well-crafted phishing campaign which gives hackers “instant deep access”. Subsequently, hackers could then build on to either get at saleable data or to thoroughly compromise a target.
He also emphasises that adverts and listings for attacks on enterprises has grown by 20% since 2016. This data suggests that corporates are becoming a lucrative target. Dr McGuire states that the advancing nature of the darknet underworld should encourage police to change the way they tackle cyber-crime.
“Law enforcement have a very focused and narrow perception and take down particular groups. But by taking out specific groups they are not making much of a dent in it.”
If one group disappeared or was broken up by police another would just move to fill in the gap, he added.
“It’s like cutting the head off a hydra.”