Abstract
The ensuing discussion takes a closer look at the threats associated with malicious activity from the dark web. It addresses how users can protect themselves in the World Wide Web. Cybersecurity is a global phenomenon that poses significant risks to governments, home users, and corporations. This study identifies complex methods used by attackers to access personal information. In addition, it incorporates research from credible sources to portray the risks that exist in this issue. The study identifies various ways that can enhance protection and create a safe environment for Internet activity. It concludes that every entity involved must commit to eliminating cyber threats.
Introduction
Prevailing data breaches in the market have led to numerous stolen identities. Cyber criminals are using sophisticated means to access confidential information. This stolen data is traded through the Internet, particularly in the dark web (Shadel & Wertheimer, 2018). Notably, society relies extensively for interactions, industry, and commerce. While technology has revolutionized these areas, major risks prevail due to attacks on digital interfaces (Schafer et al., 2019). The attacks include data breaches of corporate and personal information, crippling viruses, and denial-of-services attack on networks. Corporations face the highest risks because they are primarily the custodians of consumer information (Schafer et al., 2019). Cyber-harm refers to attacks conducted wholly or partially on digital devices and their infrastructures. Understanding the critical nature of cyber-attacks is important to ensure that controls and methods of intervention are designed effectively (Boerman et al., 2018). People and the corporations they entrust their data to, can avoid the cost implications of cyber attacks by applying intrusion-detection systems and policies when browsing the web.
Delegate your assignment to our experts and they will do the rest.
Understanding data breaches requires a thorough analysis of the dark web. According to Schafer et al. (2019), the dark web includes numerous services concealed from search engines and regular users. Cyber criminals sell data stolen from consumers to the highest bidding buyer utilize this service (Schafer et al., 2019). Anything that is regarded as illegal to sell by the normal buyer can be accessed on the dark side of the Internet. Research indicates that these products may extend beyond the personal data to illegal pornography, drugs and weapons (Schafer et al., 2019). Schafer et al. (2019) contend that about 87% of the information found in 6600 sites identified on the dark web did not link to other sites. This indicates the severity of the situation and the risk it poses to the uneducated observer (Schafer et al., 2019). Each site on the dark web operates as a singular entity or separated island (Schafer et al., 2019). Indeed, systems designed to extract meaningful information from the dark web must overcome the technical challenge of processing large amounts of unstructured data.
Massive data breaches have made headlines in recent years. According to Shadel and Wertheimer (2018), there were 829 data breaches in the United States in 2017, leading to $2 billion lost identities. At this alarming rate of insecurity, it is imperative that people understand the severity of cyber threats (Shadel & Wertheimer, 2018). Common misconceptions indicate that the dark web is only accessible to large criminal syndicates (Shadel & Wertheimer, 2018). In reality, the average user can access the dark web to purchase discounted software or personal information for popular services such as Spotify. Most people accessing the dark web use a Tor services, which takes a different path from the average browser (Shadel & Wertheimer, 2018). Instead, it uses random encrypted servers referred to as nodes to connect users to the dark web. It offers an untraceable access to the dark web, preventing authorities from tacking a person’s presence (Conteh & Schmick, 2016). Most users are unaware of the potential threat posed by access the dark web. These threats extend to the World Wide Web since most of stolen data is accessed from the sites it hosts.
Despite stringent measures by government and corporations to curb data thefts, users are still concerned of their risks that persist. In 2018, identity theft victims increased by 8% which accounts for about 16.7 million Americans (Shadel & Wertheimer, 2018). The breaches led to a total of $17 billion in losses. This amount does not account for the costs it took to mitigate the breaches (Shadel & Wertheimer, 2018). The Internet of things comprises of devices connected in people’s homes and offices, including routers, thermostats, cameras, and computers. Cyber criminals can utilize each of these devices. Steel (2019) identifies three generations of data thefts. Non-specialized players perpetrated the first generation of cyber-crimes (Steel, 2019). This first group of attackers focused on auto theft, postal thefts and use of insiders at banks to steal personal data (Steel, 2019). In addition, the second group took the information and sold it to the third group, which monetized the data.
Mann, the author of “Hacking the Human” identifies the transition of information between cyber groups as social engineering (Stohl et al., 2008). Likewise, the human element is the weakest link in combating cybersecurity. This means that most cyber-crimes result from human error in ensuring data in secured (Stohl et al., 2008). Perpetrators have identified this vulnerability and used it to their advantage. Cyber-criminals have adapted to every change introduced by security tools to protect assets (Stohl et al., 2008). By incorporating social engineering, attackers can increase the accuracy of the information collected. Profiling is a tactic that attackers use to predict record and analyze the behavior of victims. Stohl et al. (2008) indicate that cyber criminals have the capacity to aggregate comments and posts on a website for malicious activities. For instance, online news webhosts allow users to access online news platforms through login credentials (Stohl et al., 2008). Cyber criminals use these credentials to harvest personal data about individuals. Users on these sites are not aware of the value their data holds.
Web users often lack deeper understanding of a malicious attacker. They often perceive them as hooded figures typing continuously on their laptops. However, cybercrime is more sophisticated that the average user comprehends (Conteh & Schmick, 2016). Every day, people interact with news on the media about data breaches and millions of losses. However, few ever understand the far-reaching effects and reasons behind such attacks (Boerman et al., 2018). A cyber-attack could target extensive data including money, power, financial information, corporate data, sensitive government information, and personal information such as passwords. While cybercriminals prefer to remain undetected, their motivations are evident. Personally Identifiable Information (PII) is highly valuable in the dark web and can be leveraged by criminals in a myriad of ways (Wilson, 2019). Evidence suggests that cybercriminals are inclined towards attacking large corporations due to their large database of information (Wilson, 2019). A corporate system contains more vulnerability due to the wide scale of infrastructure requiring to be secured.
Consequentially, perpetrating such large-scale attacks requires complex attack strategies. As mentioned, The Onion Router (TOR) is commonly used for cyber-attacks (Shadel & Wertheimer, 2018). It was developed by the US Navy in the 1990s to facilitate information exchange between overseas entities and domestic US intelligence agencies. TOR software was released as an open source services for the public in 2003 (Shadel & Wertheimer, 2018). Every transmission that goes through the TOR browser is anonymous. This level of discretion is achieved by hiding IP address and transactions (Shadel & Wertheimer, 2018). In addition, Shadel and Wertheimer (2018) assert that criminals are embedding chips in credit cards to shift purchases from stores accounts into criminal accounts. Identity thieves have manipulated sites such as PayPal to deposit funds solicited from victims (Shadel & Wertheimer, 2018). Cyber-attacks are getting more complex by incorporating better tools to overcome corporate security. The University of Arizona has developed complex models to study perpetrator methodologies and construct social network maps (Stohl et al., 2008). By doing so, cyber-security companies can develop efficient software.
Granted, it is crucial that people and corporations understand how to protect themselves in the World Wide Web. In the current age, people are increasingly reliant on the Internet. Advancements in web technology have enhanced transaction time, increased communication and access you information (Boerman et al., 2018). However, users must exercise caution as they access these benefits. Vulnerability occurs due to lack of awareness for most individuals. Steel (2019) indicates that most users do not understand the risks they face in the Internet. Similarly, business and corporate which hold extensive consumer data must understand the plethora of threats posed by cyber-attack and respond effectively. According to Conteh and Schmick (2016), technical and non-technical methods can be used to safeguard consumer data. For personal use, people must use pass codes for all their devices (Conteh & Schmick, 2016). This means ensuring that no one can access information on a personal device even when it is lost. Failing to do so allows perpetrators to gain access to personal emails, social media accounts, and financial information (Conteh & Schmick, 2016). Indeed, such leaks could cause chaos in a person’s life. Every app, account on a Smartphone, laptop or desktop computer should be adequately protected.
Additionally, applying a password to personal accounts requires one to follow various criteria. Creating strong and unique passwords could reduce the susceptibility towards data breaches (Steel, 2019). Users must refrain from using password that cyber criminals can easily guess, such as their usernames, birthdays, and common phrases. In addition, having a different password for each account increases protection significantly and reduces the harm that an attacker could do in case of an attack (Wilson, 2019). Users, who do not trust their memory, could consider a secure password manager such as Samsung Pass to keep track of all their credentials (Schafer et al., 2019). One should refrain from using public storage locations and papers to store passwords. Numerous websites on the Internet collect user information, disclose it to marketers to profile, and design intrusive ads. It is difficult to ascertain malicious and genuine ads. Boerman et al. (2018) indicates that persons sharing their information on online platforms can install an ad blocker, cookie manner and use incognito mode to limit tracking while browsing (Conteh & Schmick, 2016). Further, corporate must provide a way for users to identify the information they disclose to websites.
Companies are investing multiple layers of security to protect user data. Defense in depth refers to the process of adding numerous layers in server firewalls. This tactic delays the time it takes an attacker to access information from a database (Conteh & Schmick, 2016). The first step in augmenting defense in depth is through a security policy. This is a well-written guideline including technical and non-technical processes to safeguard operations within the corporation (Conteh & Schmick, 2016). It ensures that employees are informed of the dangers of cybersecurity and protection measures. Likewise, workforce must receive adequate education and training on modern attacks used by attackers to gain user data (Conteh & Schmick, 2016). Training should address network guidance where employees are guided on conducting themselves while using network address translation (NAT) (Conteh & Schmick, 2016). Cybersecurity is a continuous process in which organizations must commit resources. This involves regular audits and compliance checks to identify various parts of the system, which contain a certain level of susceptibility (Conteh & Schmick, 2016). Furthermore, technical procedures protect core infrastructure by installing intrusion prevention systems (IPS), instruction detection systems (IDS) and firewalls (Conteh & Schmick, 2016). By doing so, corporations can identify, analyze and respond to attacks in a timely manner.
Conclusion
In brief, protection against breaches is the duty of both users and corporations. Cyber threats are increasing on a daily basis leading to millions of dollars in losses. Yet, most people lack knowledge on protecting themselves on the Internet. Cyber criminals have developed sophisticated ways of manipulating user weaknesses. Information solicited is sold in the dark web at extremely high prices meaning cyber criminals are more motivated than ever to fuel a fast-growing and lucrative industry. Internet users should be cautious when setting passwords and scrutinizing websites. In addition, corporations can augment security through enhanced authentication mechanisms and training workforce on data protection protocols. To this end, people will be protected from adverse effects of cyber threats.
References
Boerman, S., Kruikemeier, S., & Borgesius, F. Z. (2018). Exploring Motivations for Online Privacy Protection Behavior: Insights From Panel Data. Communication Research , 1-25. https://doi.org/10.1177/0093650218800915
Conteh, N., & Schmick, P. (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research , 6(23), 31-38. https://doi.org/10.19101/IJACR.2016.623006
Schafer, M., Fuchs, M., Strohmeier, M., & Engel, M. (2019). BlackWidow: Monitoring the Dark Web for Cyber the Dark Web for Cyber. 11th International Conference on Cyber Conflict , 1-21.
Shadel, D., & Wertheimer, N. (2018, September 4). Is My Identity on the Dark Web? AARP . https://www.aarp.org/money/scams-fraud/info-2018/what-is-the-dark-web.html
Steel, C. (2019). Stolen Identity Valuation and Market Evolution on the Dark Web. International Journal of Cyber Criminology , 13(1), 70-83. https://doi.org/10.5281/zenodo.3539500
Stohl, M., Myers, P., & Danis, M. (2008). The Dark Side of WEB 2.0: Criminals, terrorists, the state and cyber security. Harvard Asia Pacific Review , 9(2), 47-50. Retrievedfrom http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?dir
Wilson, E. (2019). Disrupting dark web supply chains to protect precious data. Computer Fraud & Security , 6-9. https://doi.org/10.1016/S1361-3723(19)30039-9