Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
A reality television show that takes place on the dark web probably wouldn’t get picked up by any major television network. Fortunately, one Secureworks researcher gave the world a taste of what raw, unscripted moments look like on the underground forums.
For the past six months, Rebecca Taylor, threat intelligence knowledge manager of Secureworks’ counter threat unit, has been taking the phrase “keep your friends close and your enemies closer” literally as she monitored what goes on within the internet’s underbelly.
Like many, Taylor envisioned the dark web to be “murky” and “cruel” environments filled with “consistently malicious” individuals. However, to her surprise, she soon learned that underground forums often serve as a “safe space” for malicious actors.
“It’s their version of a coffee shop for chats and conversations with like-minded people,” Taylor said during a live presentation at Secureworks’ annual Global Threat Intelligence Summit.
There’s some good in this world. In the past few months, Taylor said she learned that the dark web is visited by “actual people” with distinct characteristics as opposed to “faceless threat group,” and that these guests aren’t free of morals. In one example, she recalled the flak one dark web user received for attempting to use the forum to sell access to a hospital.
“There were calls for the posts to be removed, calls for this type of access to not be allowed to be sold in forums, and even calls to ban the individual,” Taylor said.
Along with a belief system, Taylor said that there are also rules that need to be followed in the criminal underground.
“There are moderators across all of these platforms that make sure folks are following the rules,” Taylor said, recalling a time when a user was banned from a Russian forum for breaching the forum’s rule prohibiting any activities that would inflict harm against the country.
Shop ’til you drop. But don’t get too swooned. While some adversaries may have good heart, the dark web is still a security nightmare thanks to the breadth of stolen data present. Taylor said that Secureworks’ human intelligence team identified more than seven million (7,706,093) stealer logs on the underground forums in August.
“It really is a malicious shoppers’ paradise,” Taylor said.
Taylor’s biggest takeaway from her time getting up close and personal with the dark web? Don’t skimp on multi-factor authentication.
“It really can be the barrier between the threat actor getting full access to your system,” she said.
She also stressed the importance of user awareness and warned against low-hanging fruit.
“Please don’t use your corporate email addresses to sign up to external things such as social media platforms,” she said.