More than 60 Security Leaders joined a series of round tables to discuss this topic at IBM BusinessConnect, leading to some fascinating debate and a wakeup call for some!
IBM Security Services specialist, Martin Overton, hosted the roundtables with me, and we began with an introduction to the dark web. This led to questions from participants including ‘how is data monetised on the dark web?’, ‘how do we audit the dark web to see if our company’s data is on it?’, and ‘what if we find our own security staff conducting business on the dark web?’
It actually takes deep technical skills to log onto, and monitor, the dark web. It’s not as easy as cutting and pasting a URL. Dark web activity isn’t always criminal activity, and information found there isn’t always good information.
As the sessions continued, participants discussed two major challenges ‘how to set the tone at the top of the organisation that it’s worth our while to monitor the dark web’, and ‘how do we share information we find there – particularly if it’s relevant to other individuals or organisations with whom we do business’. Participants were also interested in understanding ‘why would a good guy enter the dark web?’ The answer to which was not only to ensure that your own organisation hasn’t been compromised, but also to assess what the hot commodities are in order to protect those assets on internal networks.
“The Onion Router” (Tor for short) was identified as the most common network for monitoring the dark web safely, as it utilises good cyber hygiene and avoids any comprising activity. However, the point was raised that monitoring does require time, resources, and a level of intensity, so it is vital for organisations to assess the value of the information they find.
With 3 groups of roughly 20 participants discussing the topic it’s not surprising that similar questions came up in each session, the main difference was in the industry specific questions that emerged. Security leaders from healthcare organisations were particularly curious about the value of heath data on the dark web. Insight into this topic identified that certain health data can in fact be more valuable than some financial records.
IBM’s 3Q 2015 X-Force Threat Intelligence Quarterly Report released in August, showed the growing dangers of cyber-attacks originating from the dark web through the use of the Tor network/browser. The report found that so far in 2015 more than 600,000 malicious events originated from Tor around the world. The United States lead with more than 150,000 malicious events, while countries including Romania, France, and Luxembourg, have each seen more than 50,000 malicious events originating from Tor thus far in 2015.
To find out more about Tor and other monitoring networks available visit The Deep, Dark Web research and intelligence report
To find out more about Security Leaders Day at BusinessConnect 2015 visit our Highlights Blog and view the Highlights video.