Unprecedented growth of ‘Dark Web’ market has been a major concern for governments & corporate organizations worldwide. The leakage of massive volumes of stolen PII data from Thailand in ‘Dark Web’ is a very recent example of its growing strength. We at ‘www.digitalcio.in’ & ‘www.securitydive.in’, recently interviewed Shawn Loveland, COO, Resecurity, US based cyber security intelligence & services company, to understand better this dark side of cybersecurity sphere.
Q. 1: What is the estimated value of this dark web market globally currently?
Shawn: The dark web is a thriving marketplace for a wide range of illicit goods and services. In fact, it is driven by modern shadow economy trends, the size of it could be estimated at $2.5 trillion dollars. That includes not just cybercrime-related products and services but weapons, human and illegal goods trafficking, cyber kidnapping, financial fraud, etc. It is estimated that the shadow economy is almost 6-10% of countries’ GDP and experiences rapid growth.
Q. 2: How advanced the dark web criminals have been today with the advancement of technology?
Shawn: Proportionally to the advancement of technology, the bad actors continue to revolutionize their tooling and tactics. We see more and more actors leveraging AI to scale their operations and optimize timing and human efforts. The sophistication of attacks is also growing. Bad actors target critical infrastructure including nuclear, oil and gas, and telecommunications sector more often. Those attacks include the use of previously undisclosed zero-day vulnerabilities playing an important role in cybercriminal operations. The market size of zero-day vulnerabilities may be estimated at billions of dollars with players ranging from foreign states to advanced cyber espionage groups.
Q. 3: What extra dimensions ML & AI add today to sharpen their attacks?
Shawn: Bad actors use ML and AI to scale their operations similar to technology companies in legitimate business world – to optimize timing and human efforts. Just recently, we found a tool in the underground leveraging AI for invoice fraud. Multiple GPT frameworks have been created oriented on malware creation and advancement of fraudulent tactics. We do expect more bad actors will start leveraging ML and AI in their operations.
Q. 4: What challenges does this dark web market pose to organizations globally?
Shawn: Nevertheless multiple takedowns of major Dark Web marketplaces, the underground economy is progressing. Bad actors had to find new communication channels less visible to Law enforcement. For example, we see a big shift towards mobile devices and communication channels used by cybercriminals compared to traditional resources such as the TOR network. Many actors prefer to arrange communications in Telegram groups or alternative digital media channels they can easily vanish and replace.
Q. 5: What are the best possible ways & solutions to confront these threats?
Shawn: The private public partnership between cybersecurity companies driving threat research and law enforcement is one of the main catalyst of successful legal actions against Dark Web elements. Proactive monitoring of Dark Web and ongoing threat intelligence collection are the key to combat cybercrime. Governments across globe also must play a pivotal role mitigating the scopes of threats, creating effective security guidelines & policies. For example recently, the Biden administration has decided starting implementation a new requirement for the developers of major artificial intelligence systems to disclose their safety test results to the government. It is a positive move that guidelines for AI are being evaluated, considering how much value AI brings to consumers, businesses, and other common applications. However, we must be aware that malicious actors and threat groups can also target and misuse AI. Governments must continue to create and publish guidelines to monitor the usage of advanced AI models provided by commercial AI SaaS providers. AI SaaS providers of any nation must ensure compliance with the guidelines of the country without compromising their competitive advantage with foreign AI SaaS providers and AI services not provided by SaaS providers.
Q. 6: How scary can it be in future?
Shawn: Currently, Resecurity is tracking between 1.5 to 1.75 million profiles of the bad actors involved in Dark Web activity globally. This number is rapidly growing and represents only those actors visible on the surface. Dynamics shows great competition between network defenders and cybercriminal elements having bigger advance and freedom of action when based in jurisdictions not easily accessible for the US law enforcement. Notably, ransomware and data breaches start to act as geopolitical tools impacting countries’ national economy and well-being. This is one of the key concerning trends the international cybersecurity community should contain in perspective to minimize Dark Web activity consequences on peaceful society.