April 3, 2021: 503 million Facebook users from 106 countries had their personal data scraped off the social media site and has been posted online for free in a low-level hacking forum(dark web). The data was stolen in a vulnerability that the company patched in 2019. This includes users’ phone numbers, full names, location, email address, and bio.
March 4, 2021: Internet researchers flagged a data breach from the Indian fintech MobiKwik mobile wallet. KYC details of 3.5 m users amounting to 8.2 TB of data are up for sale on the Dark Web. Users reportedly could view their bank account details on the illicit sites.
February 20, 2021: A third-party data breach occurred at cloud solutions company, Accellion. Hackers got away with human resources data and pharmacy records belonging to the supermarket giant, Kroger. The stolen records included names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers as well as information on health insurance, prescriptions, and medical history.
January 20, 2021: A database holding 1.9 million user records belonging to Pixlr, a free online photo-editing application, was breached. The time of the database hack coincided with the attack on 123RF exposing over 83 million user records. The leaked records include email addresses, usernames, hashed passwords, user’s location, and other sensitive information.
The above-mentioned instances of data and security breach rank among a whirlwind of such activities that leached the past year and the current one in worst possible attacks.
As it happens, unsuspecting users, suddenly come to face that their private and personal details are available for bulk purchase at some illicit website set deep into the Dark Net. The sudden dawning of insecurity with the theft of private and perhaps intimate details, some associated with their life’s savings, leave many to their nerves.
Understanding the Dark Web or the Darknets
When we search on the internet, the search engines return those pages which are indexed by popular search engines and can be accessed by normal browsers like Mozilla Firefox, Chrome, or Microsoft’s Internet Explorer that require no special configuration. This constitutes the Surface Web that is available to ordinary Web Crawlers.
The larger volume of the web that exists beneath the Surface Web comprises the Deep Web. the Deep Web houses websites that are not indexed or searchable by ordinary search engines. They may be reached by specifies URLs and are only available to authorized personnel to log in for access. Some pages exist as a part of the Deep Web because they do not use common top-level domains (TLDs), such as .com, .gov, and .edu, so they are not indexed by search engines, while others explicitly block search engines from identifying them.
Many Deep Web sites are repositories of data and content stored in databases that support services we use every day, such as social media or banking websites. The information stored in these pages updates frequently and is presented in different formats depending on a user’s permissions.
The Dark Web constitutes the even lesser accessible subset of the Deep Web. Access to the Dark Web requires special software tools. The Dark Web sites appear much like ordinary websites with the only difference being in the domain names; unlike most .com, .gov, .edu sites these sites are suffixed with .onion.
Be it in town or on the web, privacy is sought not just by upright citizens but also by those looking to obscure their not completely legal activities. In the physical world, shady business, comes to our minds, like those taking place in slums and criminal dens — places selected for their lack of foot traffic, that are not marked on public maps. The whereabouts of each den are known to a limited circle of individuals, although most are aware that they exist in some neighborhoods.
That is about how darknets, restricted-access networks used chiefly for questionable activities, operate. The nodes of each individual darknet (servers, computers, routers) are invisible not only to search engines but, to most browsers as well. This is because they use nonstandard protocols to transfer data. Direct links nor passwords cannot get an ordinary user in. collectively, these darknets make up the Dark Web which is a haven of illicit activities of the likes of arms and ammunition dealings, child porn, human trafficking, organ harvesting, and so on.
That being said, the murky characters aren’t the only ones using the Dark Web. The fundamental feature of the Dark Web is that the moment you dive in, you are stripped of your location-identifiers that are visible through your IP address. Therefore, dissidents, free speech activists, whistleblowers helping investigative journalists, and many others use the dark web to evade persecution and communicate anonymously online.
The Infection and Antidote: The Blockchain Technology
The curious would want to know the source of immunity the Dark Web is covered by. The simple answer to the question is Blockchain Technology and high-level cryptography. A blockchain is a decentralized public ledger that keeps immutable records of the transactions on the network. This record is stored across several users (decentralization) and this adds to the level of security and reliability. Security and Anonymity are the pillars of Blockchain. Capitalizing on these features the darknet entities have furthered their reach.
Quite obviously dark entities do not keep to the bounds of the Dark Web. They usually lurk around scouring for vulnerabilities within systems to break in. For instance, they would use a careless user’s credentials to hack into an exchange and flee into the Dark Web after robbing the crypto assets. The dark entities take the cryptocurrencies to Mixing Services where they can further obscure the robbed coins by mixing them among random others.
It is an interesting observation that the same technology that protects the Dark Web actors might also serve to protect the clean assets of upstanding citizens. Blockchain technology is built on the principles imbibe from cryptography, game theory, and peer-to-peer networking. It is
a networking technology, not dissimilar to world-wide-web (www), that facilitates a decentralized exchange of data. If public domains on the surface web, also adopted the blockchain network for their operations, the protective features could, in turn, serve to protect the privacy of common people.
While the Dark Web cannot be completely abolished, Governments could regulate it with suitable measures. Industries leads could unite to combat the potential threats of data theft by employing Software Analytics.
HashCash Consultants is a global Blockchain development company that advocates industry-wide adoption of Blockchain technology and reinforced cybersecurity. HashCash CEO Raj Chowdhury is a blockchain pioneer, author, and keynote speaker and advises industries on blockchain adoption.