It’s common to hear about the deep and the dark web about cyber security. This was again the case in July with the closure of AlphaBay and Hansa, two of the biggest illegal sales platforms.
If the deep web, constituting the part of the internet that is not listed by search engines, and the dark web, which in turn brings together a multitude of private networks guaranteeing the anonymity of their users’ data, are not in essence illegal, they make life easier for many perpetrators of delinquent and criminal activity, or for individuals who wish to remain discreet. But it is also, provided you know how to access it and blend in, a privileged space for intelligence. If cyber security experts or law enforcement can invest in the darknet to uncover illegal businesses, traffic in personal data or bank cards.
Companies are very exposed today. Classically on the economic and social fronts, they must therefore keep a close eye on the image and reputation they convey through the media and social networks. The means of making a company vulnerable have continued to develop, particularly through cyberspace. Beyond the intrinsic threats to the digital infrastructures of companies that we think of, cyberspace is also a space for communication, exchange, expression and support for more “classic” threats which have somewhere “started their digital transition.” This is the reason why, in its mission of protection, the company must not neglect the risks in preparation in the depths of the web.
A new exploratory field for human intelligence, the deep web and the dark web can allow those responsible for the security and safety of companies, alongside actors trained in this, to thwart and prevent many risks. Three illustrations can attest to this.
Due diligence process: preventing crimes (insiders and others)
Sealing a partnership or a joint venture is not only an upheaval for a company, but also a risky operation. In this regard, a comprehensive due diligence or due diligence process is essential for decision makers. It covers the economic, commercial, industrial and financial environment and helps protect investors from risks that could threaten their economic activity, their heritage, intangible assets or even their reputation. This is crucial to ensuring the success and serenity in the short and long term of such an operation.
Indeed, if this process does not have to be secret because it is based on public information, it must remain discreet to avoid any slippage or any fraudulent use for purposes of personal enrichment. Monitoring the deep and the dark web can be very useful to assess the nature and level of information that can circulate on the operation and ensure that it is public order or on the contrary and more serious than they cover possible insider trading or other offenses. Having an intelligence action carried out in private forums or on exchange places can, for example, reveal the intentions of malicious employees who do not hesitate to resell access to valuable corporate information at their disposal, and to purely pecuniary purposes aim to abuse his client and launder the money using virtual currency. Hidden threats of this order are unfortunately multiple. Detecting them before that data is compromised and there is substantial damage to the business is typical of what surveillance in these placeholders can yield. You can learn how to access the dark web?
Reputation and image
Ensuring the competitiveness and growth of its business also involves reassuring its customers, suppliers and other partners about its ability to control its information assets, whether personal data of each other, secrets manufacturing or contractual data, or financial and / or commercial data that have not been made public.
Here too, collecting information in the deep and darknet on new cyber-attacks is invaluable in anticipating and providing decision support on the security measures to be provided, the communication operations to be carried out and the strategies to be implemented. There is no doubt that capturing exchanges between cyber criminals on the modus operandi or even on the nature of the targets they covet will allow technical teams as trades to fight back and set up the right safeguards.
If cyber criminals decide to operate on specific targets with the aim of damaging their reputation, chances are they will move towards attacks that are easy to relay, viral, easy to publicize, and with visible impacts so that publicity is maximum. This is the case for example with ransomware. The news demonstrated this a few weeks ago with Wannacry and NotPetya. They were disastrous both on a material level, with very substantial losses of heritage but also very destructive in terms of image. The social impacts remain to be known. Faced with the rapid growth of sophisticated and highly targeted campaigns, and the emergence of ransomware rental services offered on the deep and dark web (Ransomware-as-a-Service, etc.), it is therefore vital to have optimal visibility of these threats before they materialize. Then preventing the theft of information, a fortiori the personal information of customers and third parties, again requires rigorous monitoring of marketplaces and private forums, so as not to allow too much time to elapse between the theft and the possible sale of this data on the dark web through various dark web links. Indeed if the objective is still to damage the image of the company, a theft of personal data is ideal since companies are required by law to inform the authorities.
Also in these reserved spaces, it is the written or spoken opinions that deserve specific attention, especially when the activities of one’s company can occasionally lead to lively debates (Buildings, chemicals, etc.). Those in charge of security and safety have in fact every interest in following the political, committed and activist demands of the occupants of deep cyberspace, in order to detect any operation or manifestation that contravenes the company’s activities. To know is to be able to anticipate cyber or physical security measures such as for example, to strengthen the close protection of a manager who must speak in public on a project that is not unanimous, or a key framework that must travel to a risk area.
Physical security of managers
The previous point has given us a glimpse of it. Another area in which security managers are trying to increase their vigilance is cyber-security linked to their leaders, i.e. cyber threats which can have a physical impact on the leaders or key executives of the company.
Managers and key executives are required to travel, to frequent hotels and other public places, and they can lose or have their digital devices (mobile, PC, tablet) stolen, with all the sensitive data they contain.
It is a textbook case of convergence between cyber and reality. The theft of a mobile terminal or PC should trigger an immediate collection operation across the web to ensure that the data contained in the mobiles has not been extracted and then sold to the highest bidder on the black market. Worse, this surveillance must also ensure that this theft does not turn into blackmail or an operation to destabilize a manager or key executive, in the event of the latter being compromised. Such attacks can have consequences that endanger the life of the company, such as the withdrawal of orders, the loss of the competitive advantage, the loss of confidence of its partners and more or less immediate consequences on the vital forces of the company. You can also learn how to access deep web from phone?
Infiltrating these lower layers of the web requires time and real expertise from the community, trained professionals and strictly contractually supervised. Having information coming directly from the source of malicious activity is a real asset, available to businesses today.