ASU professor discusses this mysterious part of the net for Cybersecurity Awareness Month
Hackers on the "dark web" claimed to be selling information stolen from the Office of Personnel Management. A recent study found that more than 80 percent of dark web activity was related to pedophila. And if you've heard of bitcoin, chances are the story had to do with a dark web transaction involving something illicit.
But what is the dark web? Is it really so dastardly? Paulo Shakarian, director of Arizona State University's Cyber-Socio Intelligent Systems Laboratory and a researcher with the Global Security Initiative, is a resident expert who helps track down viruses and malware for sale on the dark web. He talked to ASU Now as part of national Cybersecurity Awareness Month.
Question: The internet is more than just what you can search for in Google. Can you provide a basic rundown of what the dark and deep webs are?
Answer: The “surface internet” — or “clearnet” — is the internet we all consult to read the news, check our email and communicate on social media. It's the most transparent network, and the number of sites surpassed the billion mark in 2014. Sites that are restricted either because they address a small subset of the world population, like your library’s internal catalogue, or is sensitive in nature, like medical records, are not indexed and hence not returned on commonly used search engines. This is generally referred to as the "deep web."
The dark web relies on specific protocols, of which the most commonly known is Tor. Sites hosted on these crypto-networks will not render in your traditional browser. The term “darknet” refers to an earlier, smaller version of the dark web comprised of crypto-networks in general or Tor specifically.
Q: Is all the activity on the dark web illegal? Does it have its own culture?
A: By no means. Tor is widely used by journalists, political dissidents and human rights activists in regions suffering under repressive regimes. Privacy conscious citizens worldwide enjoy anonymous browsing without being targeted by custom advertisements on each site. Some tech-savvy folks put up a website on Tor just to say they’ve done it. However, there are ghastly contents out there as well: child pornography, assassination services, marketplaces offering all kinds of illicit goods and social media populated by pedophiles, drugsters, financial fraudsters and others.
Our lab is researching malicious hackers in particular. We do notice a distinct culture: The avatars they are choosing are oftentimes depicting popular underdogs and anti-heroes (e.g. the Joker of “Batman – Dark Knight,” and references to “Fight Club” abound). Furthermore, hackers use their very particular way of written communication and replace letters w1th num83r5 (referred to as “leet-speak”). They use their own slang: “leet” or “1337” refers to elite or highly skilled hackers whereas “noobs”/”n00bs” or “newbies” are new to the hacking world. The most derided are ScriptKiddies: hacker wannabes.
Q: Is government/law enforcement doing anything to ensure illegal things aren’t happening there?
A: Since I’m not in the government, I don’t think I can answer that question, but it's Cybersecurity Awareness Month, and every year the Department of Homeland Security brings awareness to the issue: www.dhs.gov/national-cyber-security-awareness-month.
Q: What should regular people do to protect themselves from being victims of crime on the dark or deep web?
A: If you absolutely have to go and explore the dark web yourself, please install a virtual machine on a computer that has absolutely no data stored on it. The virtual machine is easily reimaged in case your browsing catches some malware. There is some very sophisticated malware “in the wild” that absolutely detects its environment and attempts to escape a Virtual Machine (VM) or Sandbox (commonly used for reverse engineering) and goes onto the computer itself — that’s why it's a good idea not to keep any data on that computer. Best, of course, is to stay away entirely.
As to the Clearnet:
• Practice password safety: choose a sAf3 P4ssW0rd adhering to recommended safety standards, choose a distinct password for each site, change it frequently — if you have to keep a list of passwords, try to keep it offline.
• Don’t be click-crazy.
• Keep backups of your data and/or work off an external hard drive, so you don’t have to pay and thus perpetuate ransomware attacks (disconnect your backup hard drive as often and as long as possible).
• Read up — you’d be amazed what’s out there! Over time you will gain situational awareness, which will enable you to protect yourself.
• Be critical of online services in how they are storing and dealing with your data.