Understanding Cyber Underground and Deep Web

Nikolay Danev, Founder of BitCrime, based in Sofia, Bulgaria participates in Risk Roundup with Jayshree Pandya to discuss “Cyber Underground and Deep Web”.   Overview What is commonly known as the World Wide Web is categorically just the visible surface of network of connected computers. Beneath this visible surface of global network of connected computers is an enormous, and mostly unmapped network of connected computers called the Deep Web. When we make an effort to identify, evaluate and understand the segment of the connected computers that is not indexed or mapped, and is not searchable by traditional search engines, many questions arise to its very existence. * Why is there a Deep Web? * What happens in Deep Web? * Who has presence in Deep Web? * What are the concerns? * Why are there concerns? The questions and its answers points us to the biggest concern of Deep Web, which is perhaps its rapidly growing marketplaces. What happens in those marketplaces that is a cause of concern? It is important to identify, understand and evaluate that. There is a growing concern that what happens in Deep Web, Deep Web forums, and Deep Web marketplaces has real-world implications for not only individuals, but entities across nations: its government, industries, organizations and academia (NGIOA) in cyberspace, geospace and space (CGS). Why is that so? Is it because most of the products and services that are commonly offered in the deep underground are not ethical and legal? May be! While for criminals it answers a need of their CGS requirements in underground world, the many faces of complex CGS crimes that originates in Deep Web and because of Deep Web is becoming a cause of great concern to each and every one of us across nations. The stolen data and information from Cyberspace, Geospace and Space; made possible through the Deep Web products and services further ends up in the deeper underground, known as Dark Web. Criminals or wannabe criminals use the stolen data and information to not only monetize and further cause personal or professional distress, damage reputation, commit identity theft, conduct espionage and extortion, expose private information to the public, and compromise corporate or government accounts, and use them as gateway to breach confidential and private networks; but also to carry out political agenda, activism and more. This growing agenda, propaganda and monetization of tradable goods and services in underground marketplaces is a cause of great concern and a critical risk facing individuals and entities across NGIOA. There is a growing belief that in the coming years, the Deep Web is expected to be involved in a lot of social and economic developments that will be much more visible and valuable than it is today. As a result, making Deep Web secure is vital for each nation. Irrespective of cyberspace, geospace and space, the role of Security professionals and community is and will be to strive to protect their clients’ security. So, when users, consumers, customers or clients, that is individuals or entities across nations: its government, industries, organizations and academia (NGIOA) get hit by malware because they used the Deep Web or because of a trade in Deep Web marketplaces, then security community need to create and provide solutions for such complex security problems. To be able to do that requires effective understanding of the Deep Web. As the Cyber Underground, the Deep Web part of the global internet keeps growing rapidly, the battle of encryption, privacy and security is likely going to continue. The question is whether encryption will be effective and our battle for privacy and security will have any meaningful advances.