Network-assessment

Accessing the darknet is not something an ordinary internet user is keen on doing. While one wrong click on the clearnet likely won’t cause much harm, this same action on the darknet can land users in some truly deplorable environments—and potentially in real hot water. Because it is composed on unindexed web pages accessible only through the Tor network, it contains information and images—dear god, the images—relating to all sorts of cybercrime and illegal activities. To make matters worse, some corporate actors are also using the darknet to find useful (and often sketchy) information for their covert business purposes. 

Also known as data mining, such firms are looking to outmaneuver and outsmart the competition through the use of certain information they are finding on the darknet. IBM has attested to the reality of this information-gathering technique but also warns about the riskiness of such behavior. “Dark web intelligence is critical to security decision-making at any level. It is possible to collect exploits, vulnerabilities and other indicators of compromise, as well as insight into the techniques, tactics, and procedures [TTPs] that criminals use for distinct knowledge about the tools and malware threat actors favor,” explained Dave McMillen, Senior Analyst for IBM’s IRIS (Incident Response and Intelligence Services) team.

It is a cost vs. benefit action, whether an organization will allow itself to deal with dodgy dark web actors in order to reach their secret goals. “Employing dark web monitoring solutions that allow the use of focused filters to identify key phrases, such as your brand and product names, that may contain information that can negatively affect your organization is a good start in your effort to glean useful intelligence from the dark web,” added McMillen.

Companies and their representatives, who are using this form of darknet data extraction should take great care with their methods, as leaking any found information could prove harmful to an organization once published. But if they do decide to dip their toes in the darknet, they need to remember these risks:

Release of confidential corporate information

Organizations heading onto the darknet need to make sure any employee conducting this business is using a separate computer with an isolated network connection. The PC should not be connected to the corporate network where information about the company’s internal operation is stored. The organization’s identity should not be mentioned and must be protected from the possibility of identification through fake messages and the like. 

Confirmation of existence

Building on the advice above, a company engaging on the dark web should remain anonymous. This can be safely done by limiting the access of the designated employee/representative to only release disposable information, which can no longer hurt the company if it is accidentally released.

Information counter gathering by competitors

There is nothing stopping competitors from also using the dark web for the very same purposes, so it is important to remain hidden from the eyes of others while there. Otherwise, it is possible to stumble across someone in the same industry while navigating the dark halls of the unseen web. 

Storage device exposure

The employee or company representative that will do the data mining on the darknet should use an isolated computer, where any USB flash drives used there will never be inserted into the main corporate PC. The IT team needs to make sure that the PC used for these purposes is air-gapped from the corporate network.

Accidental release of personal information

The PC being employed for such explorations should not include any personal information. In the event that darknet-based malware infects the company PC, it cannot steal any data or hold it for ransom. An efficient User Account Management is also required, as an employee with dark web access inside the organization should have their access revoked immediately once gone from the organization.

Counterintelligence

Connected to the 3rd entry in this list. Competitors want to gain intelligence information the same way. The market advantage is gained if the intelligence gathered is more than the competitor possesses. This is where innovative new products and services become the frontline business of any company.

Share this article

Network-assessment

Seasoned writer with a demonstrated history working in areas of information security, digital rights, and education. Skilled in content curation, research, curriculum development, editing, and history. Strong media, marketing, and communications professional with an MA in Education and a BA in from the University of California, Berkeley. Find her on Twitter: @jennjeffers3

Post a comment