I’m sure by now you’ve heard of the term “the Dark Web”. Countless hospitals have been hacked at this point. And medical records leaked or ransomed. All of this information has ended up in one way, shape, or form on the Dark Web. The Dark Web might seem like a dark hole where anything bad or malicious is lurking.
What most people—especially those outside of cybersecurity—don’t realize what the Dark Web actually is and how and why it’s persisted (aka, why someone can’t just shut it down).
First Off, What Really is the Dark Web?
The Dark Web is a very anonymous part of the World Wide Web. It requires special software to access it and is hidden from most computer users. There is much more to the internet than meets the eye.
Let’s put things in context…
You see, when you open a browser, navigate to a search engine like Google and then type in a search, all of the thousands of hits that might pop up are visible, indexed websites on what is known as the “Surface Web”. Most of us stick to this Surface Web most of the time, where we’re able to access news, entertainment, business—everything is essentially transparent and is used to share or relay information.
There’s a layer of the web that is just beneath the Surface Web that many have coined as the Deep Web. The Deep Web are parts of the internet that have gates to them—areas that are only accessible with a login. Think of your online banking as one example of a page on the Deep Web. Only people granted permission are allowed on these parts of the internet. Essentially the Deep Web is any page that cannot get pulled up directly from a search engine.
The Dark Web is a subsection of the Deep Web. It cannot be accessed in searches and is deliberately un-discoverable, only accessible if you know it exists and where to find it. It is typically accessible anonymously (you don’t want your activity—even harmless or accidental visits to chat rooms—could get you into trouble). The Dark Web is essentially “hidden” out of sight because search engines have not indexed these pages. The creators of content on the Dark Web certainly don’t want to be found and because of that, areas on the Dark web can only be accessed if you know the site.
Where did the Dark Web Come From?
Essentially, the Dark Web originated from principles initially developed by the intelligence community to protect information exchange online. Seminal work by two mathematicians from the Naval Research Laboratory conceived of a project termed The Onion Routing project in 1997 (better known today as Tor). The researchers released the project to the public domain for anyone to use, the rationale to get more people to use it to disguise official communications.
Since its inception, this secretive web of anonymous traffic has attracted much of the modern day criminal activity, although it also attracts activists and others wary of state-run surveillance.
How do criminals access the Dark Web?
Most common is by using Tor (that platform the US government created in the late ‘90s), although it is possible to access it through other secure browsers. Tor is a routing system based on bouncing traffic off of multiple IP addresses to disguise which computer you are using. This makes it really difficult for someone to see who you are—if you are visiting content on the Dark Web.
Many sites on the Dark Web end in the extension .onion, which is only accessible by the Tor browser. Dark Web sites cannot be accessed through Google or any equivalent search engines. Lists of browsers and instructions to access the Dark Web are available on a variety of Wiki pages or Reddit feeds (Note: accessing the Dark Web is dangerous business. Unless you are well-trained and have an iron stomach, I would NOT recommend you try).
How big is the Dark Web?
Very hard to say, although some people have tried to quantify its size. In fact, a study by King’s College in London found about a quarter million pages on the Dark Web. To put this in perspective, Google has an estimated 30+ trillion pages at the time of the study. Why wouldn’t the Dark Web be larger than the surface web? Anonymity. To keep a really large cyberspace secretive and exclusive would simply be too difficult.
How are criminals exploiting the Dark Web?
Criminals have nefarious sites. People on them are selling, buying and trading illegal goods and services. One key commodity that we often see sold are medical records—many of which have originated from breaches in rural hospitals. Many criminals also sell passwords—many of which originate from hacked social media accounts, but have value because users use same exact passwords or derivatives of them on hospital networks (nearly a quarter of cyberattacks originate from hacked social media accounts).
How can you keep your data safe from ending up on the Dark Web?
Stay informed—make sure you or someone on your team understands the current threat landscape. Know how criminals are getting onto hospital networks and secure your network to prevent from those threats.
Maintain a clean network—keep your hospital’s network up-to-date and well-monitored to prevent a large data breach or cyberattack.
Train your staff—make sure everyone on your team knows how to identify a phishing scam or understands their part in your hospital’s cybersecurity plan.
Get a second opinion—from 1 to 10 how would you rate your hospital’s network security? If you’re less than a 10, your network is probably at risk. Get a second opinion that is able to clearly identify where your vulnerabilities lie.
Concerned that your hospital’s passwords, PHI, or other sensitive information might not be secure? Contact us today for a ransomware vulnerability assessment.