Financial Crime in the shadows of the Dark Web

The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public. But the dark web is more than just horror stories. Today, the technology often used for illicit purposes is a tool for journalists, activists, hacktivists, and whistleblowers to share secrets while maintaining their anonymity.

Layers of the Web and access to the Dark Web 

 

The publicly indexed part of the web, known as the surface web, consists of approximately 4–5 percent of the internet. These include websites such as newspapers, blogs, and Wikipedia, which can be accessed through traditional search engines and don’t require any special efforts or credentials to access.

 

The deep web contents aren’t indexed by search engines and encapsulate 90–96 percent of the internet. It includes private or password-protected sites that are hidden for security concerns but are accessible with the appropriate credentials. Examples include bank account information, insurance records, or subscription-based content.

 

The dark web is a subset of the deep web that is estimated to make up from 0.01 percent to 5 percent. Content on the dark web is intentionally concealed and designed for anonymous communication. The data in this part of the internet uses encrypted networks and non-traditional URLs requiring special software and thus is not indexed by search engines.

 

 

Origin of the Dark Web

 

On March 20, 2000, a peer-to-peer, decentralized network known as Freenet was released and marked the first recorded instance of the dark web, which was commonly referred to as the darknet. Computer scientist Ian Clarke developed the project, allowing people to visit the internet anonymously without fears of being tracked by authorities or governments. He described it in his thesis for Edinburgh University called “Distributed, Decentralized Information Storage and Retrieval System,” as a network to allow people to communicate freely without being tracked.

 

A popular tool for accessing the dark web is the TOR (The Onion Router) network, it was developed on September 20, 2002 by scientists Roger Dingledine and Nick Mathewson. Through the TOR browser, users can navigate the dark web’s contents and reach hidden websites. Funded by the U.S. Naval Research Laboratory as a way to communicate with intelligence sources around the world without getting tracked, the tool anonymizes online activities and protects online privacy. The TOR project was released publicly in 2004 and is the most popular publicly available dark web access point.

 

 

Dark Web and Financial Crimes

 

Because the dark web isn’t cataloged by search engines and requires special software to access websites hosted on the network, it’s become the perfect environment where criminals can thrive.

 

One of the cases that brought dark web activities to public attention involved Ross Ulbricht, who in 2013 was arrested by the FBI. In 2010, Ulbricht started developing an online marketplace hosted on the dark web called Silk Road where users could buy and sell drugs, other illegal products, and services anonymously, and hosted it on the dark web from 2011 to his arrest. Reuters reported that drug dealers and others made over $200 million in illegal trades on the marketplace using Bitcoin.

 

In his 2013 indictment, Ulbricht, who ran the site using the pseudonym “Dread Pirate Roberts” after a character from The Princess Bride, was found to have committed seven crimes using the dark web, including conspiracy to launder money, conspiracy to commit computer hacking, conspiracy to traffic narcotics using the internet, and continuing a criminal enterprise. He would later be found guilty and sentenced to life in prison with no possibility of parole. His case also marked the first highly publicized case involving the dark web to commit crimes. President Donald Trump pardoned Ulbricht in January, saying his sentence was too harsh.

 

Today, many crimes can be committed using the dark web, including illicit trades like drug sales. Moreover, there are money laundering services on the dark web where criminals pay for online services to have their ill-gotten money cleaned.

 

Most ransomware gangs have a presence in the dark web today, where they announce their attacks. The ransomware-as-a-service business model has contributed to the recent spike in ransomware attacks.

 

On the contrary, the dark web is also used for legitimate purposes, with journalists, whistleblowers, and social or human rights activists often using it to communicate securely. Especially in countries with strict censorship laws or suppression of free speech, the dark web serves as a platform where people can communicate freely, expose corruption, or share intelligence with each other.

 

 

Dark Web Financial Risks

 

The dark web has made it easier for criminals to get away with financial crimes, including cyberattacks on financial institutions, money laundering, credit card number selling, identity theft, extortion, blackmail, ransoms, and ransomware attacks on individuals and companies by cybercriminals looking to make money off these attacks.

 

In the past few years, cases of financial fraud have also spiked, partly fueled by the dark web, where criminals are able to interact and share the techniques and targets of their next victims. According to Cybernews, financial fraud-related listings comprise a significant portion of dark web activities, accounting for over 34 percent of total listings.

 

Take credit cards and identity theft, for instance. Users of the dark web can easily purchase our credit card numbers, log into legitimate shopping sites like Amazon, and make a purchase using your credit card while masquerading as you—all without being detected.

 

 

Conclusion

 

The dark web is a cautionary tale of how powerful technology can become a force of evil by bad actors. The chances of falling victim to these criminals are also very high. A recent complaint filed in the U.S. District Court for the Southern District of Florida revealed that a cybercriminal group posted “National Public Data” on a dark web forum for sale for $3.5 million.

 

Your business’s next cyberattack may also be from the dark web. Therefore, the dark web issue is a public issue that needs to be taken seriously. In 2023, businesses experienced 70 percent more ransomware attacks compared to 2022. Though the ransomware payments slightly dropped in the following years, we should remain vigilant. Thus, businesses should develop a response plan, data backups, layered security measures, and educate staff on cybersecurity practices. 

Related Resources

Articles Blogs Compliance and Regulations Internet Security and Privacy Security Awareness and Training
The Ultimate Guide to ISO/IEC 27001

ISO/IEC 27001 is the world’s best-known standard for information security management systems (ISMS). It provides organizations with a structured framework to safeguard their information assets by applying effective risk assessment, risk management, and continuous improvement of the ISMS. It’s designed to help organizations of all sizes and industries protect sensitive data, including financial information, intellectual property, employee records, and third-party data.
As the British Standards Institution puts it, “ISO/IEC 27001 gives you the knowledge and confidence to protect your information — and your reputation.”
In this article, we will explore what it is, why you need it, and how to achieve certification.

Articles Blogs Compliance and Regulations Cybersecurity Governance and Strategy How Cybersecurity Compliance Helps your Business
How Cybersecurity Compliance Helps your Business

“Good Business thrives not just by making profits, but by embracing compliance as a discipline”.
The business world is rapidly changing and becoming more data-driven and technologically advanced. Whether it’s hardware or software, organizations must leverage information technology to improve their operational efficiency, gather more data for analytics, and empower their workforce.
New industry standards and regulations regarding data and cybersecurity have made compliance more challenging for organizations. However, cybersecurity compliance is a driving force behind any organization’s success. Compliance is not just a checkbox for government regulations, but also a formal way of protecting your organization from cyberattacks, such as distributed denial of service (DDoS), phishing, malware, ransomware, and more.

Articles Artificial Intelligence and Machine Learning in Cybersecurity AI
The Power of Large Language Models (LLMs): Transforming the World of AI

In the ever-evolving realm of artificial intelligence, Large Language Models (LLMs) have emerged as one of the most remarkable breakthroughs. These models, trained on massive datasets of text and code, have the capacity to generate and comprehend human language with astounding accuracy and versatility. As we dive deeper into the world of AI, it’s essential to understand the transformative impact of LLMs.