As digital security grows more sophisticated, so too do the threats to online privacy and reputational risk. For every hacker out there, there are a multitude of individuals ready to offer their thoughts or share related posts. This issue is exacerbated by the deep and dark web based on a multitude of reasons, to include:
- Fewer parameters on content created due to minimal oversight on platforms such as Gab, 4chan, and Telegram
- More anonymity in accounts by virtue of the cyber environment
- Anonymity contributing to echo chambers that promote extreme content, including conspiracy theories and death threats, as well as other illicit activity
- A lack of understanding of how to navigate the deep and dark web by surface web users
While the majority of deep and dark web content is legal, Concentric is here to provide the expertise in monitoring and escalating Deep and Dark Web (DDW) activity to allow clients to make informed decisions about their operational safety regarding hostile actors, negative trends, and the volume or lack thereof of actionable threats that are out there so as to adjust their physical and cyber security.
What is the Surface, Deep, and Dark Web?
The Surface, Deep, and Dark Web are three separate entities. While the Deep and Dark Web likely bring to mind images of illicit activity and hacking, a more apt descriptor than legality of online activity is accessibility. The Surface Web encompasses everything that is searchable on any browser without entering a password to see it. The Deep Web requires an extra layer of security to view content, such as a paywall or password. To access the Dark Web, specific encryption software like Tor or I2P is required, with the purpose of protecting and obscuring IP addresses and locations. This software promotes anonymity as it becomes significantly difficult to track a user unless they reveal personally identifiable information. Although the Deep and Dark Web have a controversial and possibly negative reputation amongst the general public, in reality a significant portion of web traffic is housed on the Deep Web due to its sensitive nature.
Hostile Actors
Below the Surface Web, most Deep Web content is largely benign. However, individuals can be emboldened when they feel that 1) their audience is limited and sympathetic to their views and 2) they are anonymous and difficult to find based on the lack of accessibility on the DDW. When an individual makes a threat or posts intolerant content on the Surface Web it is often easier to flag and report by fellow users and social media algorithms. However, the DDW can create barriers to accountability. These barriers can promote:
- Conspiracy theories
- Proliferation of Personally Identifiable Information (PII), discovered by licit or illicit means
- User threats
- Doxxing
- Extremist, racist, sexist, or other discriminatory behaviors
Anonymity of users is not the only security concern on the DDW. In fact, some users like white supremacists and conspiracy theorists use sites like Gab, Telegram, and 4chan to keep a record of their posts that have already been shared to Twitter (a Surface website, due to its indexing of posts available through a simple search on any search engine), in case a more popular social media site decides to remove their posts or bans them. These individuals do not hide their identity or they have reached a point of infamy that their identity has already been revealed. However, they post the same posts word for word across multiple social media sites because of a popular belief that they are unjustly singled out for promoting their values. Thus, they must keep a record on sites that are less likely to censor them.
Monitoring the Deep and Dark Web
The DDW has a reputation of being a dark hole, where it is difficult to hone in on relevant information and even when it is possible to do so, individuals and companies have little to no recourse to address or remove malicious content. However, Concentric has the tools to monitor or “scrape” both the Surface and DDW and the analysts to parse through what is relevant with our intelligence reports and active monitoring escalations. By scraping the web we can identify what material is out there about clients, while our GSOC Specialists can pinpoint what is most relevant to a client. Our Intelligence Analysts take that information and identify trends and provide solutions to include physical, investigative, and cyber security.
Identifying all of the above information may seem futile if the user remains anonymous, but through sustained monitoring clients can be ready to increase their physical and cyber security if they see a trend of increased hostility. They can also mitigate reputational risk and document hostile or threatening behavior for law enforcement, civil, or their own investigations. In short, what you don’t know can hurt you, and Concentric can help you to be best informed about your risk level and options to mitigate it.
Authors:
Luke Blasing, Concentric’s GSOC Specialist
Kaitlyn Vlahoulis, Concentric’s GSOC Specialist
Picture source: Medium