Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 19, 2023Severity Medium Analysis Summary CVE-2022-42436 IBM MQ Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. Impact Indicators Of Compromise […]March 19, 2023Severity Medium Analysis Summary CVE-2023-0027 Rockwell Automation Modbus TCP AOI Server could allow a remote attacker to obtain sensitive information. By sending a malformed message, an […]March 17, 2023Severity High Analysis Summary CVE-2023-27984 CVSS:7.8 Schneider Electric IGSS could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 19, 2023Severity Medium Analysis Summary CVE-2022-42436 IBM MQ Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. Impact Indicators Of Compromise […]March 19, 2023Severity Medium Analysis Summary CVE-2023-0027 Rockwell Automation Modbus TCP AOI Server could allow a remote attacker to obtain sensitive information. By sending a malformed message, an […]March 17, 2023Severity High Analysis Summary CVE-2023-27984 CVSS:7.8 Schneider Electric IGSS could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Latest Favorite Platform for Zero-Day Exploits: Microsoft Office
August 21, 2018
Rewterz Threat Advisory – CVE -2018-11776 Apache Struts Remote Code Execution Vulnerability
August 23, 2018
THE SURFACE WEB
The billions of accessible websites on the internet today seem to be overwhelming for a common man. What’s more surprising is that these surface websites are about 7-10% of the entire internet. They make up the surface web. The bulk of the internet is hidden in what’s called the deep web, or in more depth, the dark web.
The visible World Wide Web with its billions of publicly accessible websites are those which appear on the search engines when searched through some keywords. These are accessed through web crawler, the meta search engine responsible for merging, interlinking and ranking search results of searching platforms on the surface web. It keeps track of all the websites and links to their webpages, found on the surface web and ranks them according to their content, hence organizing them into an index.
UNDERSTANDING THE DEEP WEB
One step deeper into the ocean of internet lies the deep web. Websites on the deep web prevent indexing by search engines. Web crawlers are not allowed to access these websites or gather public links from them. These sites are either intentionally made inaccessible or are hidden due to their nature. Several methods are used to prevent their indexing. The linking of their webpages on surface websites or search engines is disabled by the owners, so they cannot be found through search engines. Access to them can also be denied technically, limiting access using captcha. These websites require a user to log in for accessing any page.
For example, large amount of content on PasteBin or GitHub with no links connecting to the source of information, are only accessed through specific search tools. Some other portals created for only specific people and accessed by their credentials only, are also examples of the deep web.
DEEPER INTO THE DEEP WEB; FINDING THE DARK WEB
Just like the ocean hides mysteries in its depth, the internet hides hideous tales in the depths of the dark web. The dark web is entirely a mystery with every user being anonymous.
Coming to the actual definition, the Dark Web or Dark nets are highly encrypted networks built on top of the internet and can only be accessed by specialized software. The websites on the Dark web cannot be accessed by common people surfing the surface web.
These unindexed sites are called dark because all of their users are anonymous. This dark web is the most popular platform for supporting illegal activities.
The most well-known example of illegal activity in the dark web is that of the creation of Silk Road by Ross William Ulbricht, known as dread pirate Roberts. Silk road generated $1.2 billion in 2 years and 9 months, mostly by selling illegal drugs along with other illegal activity. It was later dismantled by the federal government of USA in sept. 2013. In the same year, the usership of The Onion Router, the most common network on the dark web, reached 4 million people worldwide.
THE ONION ROUTER
These websites are either present on the private networks like Tor (The onion router) or on the peer-to-peer networks like the Invisible Internet Project (I2P) which can be accessed in web browsers as well. The dark web routes traffic over the network with layers of encryption to preserve anonymity of its users.
The dark web is not accessible for a common man. It requires access to a private network to access the dark web. The dark web enforces many restrictions to maintain privacy of its users.
The Onion Router browser first created by the US Navy is one of the most popular browsers used on the dark web to browse anonymously.
How Does Tor Maintain User Privacy?
This highly secure, easy to use, free software is installed in minutes and routes the network traffic through various Tor servers located globally. This means that if any information packet is intercepted during transmission, it’ll only show sender and receiver as random nodes.
Therefore, the dark web looks like a highly charged galaxy of mobile nodes. This routing node mechanism makes it impossible to trace a user’s activity on the dark web.
Many sites from the dark web have a top-level domain (TLD), ending at ‘.onion’ rather than the surface web domains like ‘.com’, ‘.org’ or ‘.gov’. These top-level domains can only be accessed with browsers or apps running on the Tor network, like Orbot or Orfox mobile apps.
ACCESSING A DARKNET
Darknets allow access or penetration in different ways, based on the purpose of their use, like communication or anonymous browsing. They’re also differentiated by their level of security, depending on the encryption protocols and the routing they use.
FRIEND-TO-FRIEND DARKNET
Friend-to-friend is a form of peer-to-peer service, which is accessible by a specific ring of IP addresses. Other IPs can be blocked by the owners to hide their presence on the network.
F2F network has enhanced security, having every exchange on the network encrypted with extra preventive layers of coding.
WHAT’S HAPPENING IN THE DARK WEB; SNEAK PEEK
Internet is a flow of information, a huge amount of which is personal information. The surface internet is evolving swiftly. Compared to the size of surface web, the deep web is huge.
- In July 2016, 46% world was found to be connected to the internet.
- Feb 2017 revealed that there were 1.154 billion websites on the surface net.
- The Deep web is 4000 times bigger than the surface web and is growing at a rate which cannot be quantized.
The information flowing through the surface web is often attacked, stolen and sold. Medical Records, IDs, photographs, passports, credit cards Credentials, subscription accounts, browsing history, bank account details, everything is being sold in the dark web.
Who buys this information? Umm, it’s hard to tell. Hackers, scammers, marketers, competitors. Anyone.
Darknet serves as host to this black market of information. Stolen information is sold and bought there anonymously. Dark web serves as the Easy marketplace to find the right customers for any kind of information.
This is one of the reasons why Cryptocurrencies were readily adopted for illegal transactions, because they hide identities.
Many researchers dived into the depths to seek information regarding the activities going on in the dark web. 6,608 dark websites were crawled in January 2018, including all types of webpages from entertaining to horrifying, and this is what they found.
CONTENTS OF THE DARK WEB
The dark web deals with all kinds of scams and illicit content. From credit card cloning products to genius bitcoin scams, everything is available for purchase on the dark web, every passing second. Highly disturbing number of child abuse sites and extreme immoral websites were found on the dark web selling private photos and sexual content.
- There are 50,000 extremist terrorist groups operating in the dark web.
- Moreover, the 60 largest sites on the dark web have a combined data of 750 TB. Surprisingly, this data alone is 40 times larger than the data of the entire surface web combined.
Did You Know?
- A Medical record is sold for $50
- $20-100 are being earned for selling a credit card information
- Your Social security number is worth $1 on the dark web
- Your bank account details can be sold for $1000
- $50 are earned for 500,000 emails
- Mobile malware is sold for $150
- Commercial malware is sold for $2500
- Exploits can be as expensive as $150,000 to millions of dollars
THE MONOPOLY OF THE DARK WEB
The Dark web has the monopoly of breaching private information of organizations. Therefore, organizations have been paying large amounts of money to safeguard their leaked information found on the dark web. The number of breaches has gone down whereas the damages caused by each data breach have significantly gone up. In 2017, organizations paid up to $140 for saving each record from violation and misuse.
However, the information sold on dark web is not guaranteed to be legitimate. So, it can be falsely crafted to ruin reputations of organizations. Vendors of the information are rated by buyers to establish some level of credibility regarding what they bring to the table for selling.
FITTING TOR INTO THE GEOGRAPHY
The usage of The Onion Router for accessing the Dark Web cannot be marked with a geography. No country can be singled out as being responsible for the existence of the Dark web. However, as per the statistics of 2017:
- The largest percentage of Tor users comes from the USA with a 19.2% usership.
- The Russians make up 11.9% of the Tor users.
- 9% of the Tor traffic comes from Germany.
- Tor entertains 9.2% of the traffic coming from UAE.
- A report by Visual Capitalist claims that 80% of Tor is funded by the US Government.
CONCLUSION
The commonly known websites available through search engines on the internet are called the surface web. These sites make up only 7% of the entire World Wide Web. The rest of the Internet is a highly encrypted world unavailable for general browsing, called the deep web. A concrete part of this web is used for illegal activities and is thus called the Dark web. The Dark web offers absolute anonymity to all of its users. All kinds of sensitive information, malicious software, and illegal content is sold and bought on the dark web. While crafting security strategies, most organizations are unaware of the existence of the dark net. It’s important to consider this huge internet world as a threat factor while strategizing for mitigation of threat factors.