By Joseph Raczynski
The importance of law firms understanding the dark web
Your very sensitive private client data could be available for all to see on the Internet right now. Technically this data would be on the Dark Net or Dark Web. It is the portion of the World Wide Web that is hidden or inaccessible from normal browsers. As corporations and law firms grapple with larger and more profound attacks, I think it is important to be aware of how individuals access it and what occurs there to better safeguard your firm from what is happening now. At the cybersecurity LegalSEC Summit last week in Baltimore, Kevin Lancaster CEO of Winvale, Todd Nielson, President at Secuvant Cyber Security, and Will Nuland, Sr. Security Researcher at Dell SecureWorks, spoke about the nuances around the Dark Net.
The Dark Web, born from a United States government program had positive intent from the onset. It created a cyberspace where people in disaffected regions could anonymously visit and share ideas freely. North Koreans and Iranians use this to congregate and postulate new ways to live. They could then visit this space in the ether and share ideas freely without the fear that they would be persecuted for espousing ideas incongruous with their government point of view.
How to get there:
The following is not advised, but is here as an awareness of how people access the Dark Web.
Mozilla Firefox has a plugin (Tor Project), a simple free application run by a nonprofit organization which turns your normal browser into a Tor Onion enabled browser. What that means is that the plugin creates a tunneled Internet to a minimum of 100 other locations around the world. You are essentially establishing a proxy connection to other computers who are running the same Tor software. This establishes a very strong sense of anonymity and security that no one knows who you are or where you live (IP address). If I live in Washington, DC after running the plugin I may show up as living in Prague, but first being routed through 99 other cities.
Once the application is launched you would need to find an index page, like the Hidden Wiki, which gives users a general launching off point for perusing the Dark Web websites. It is not a pure search and find environment like Google, though some sites are indexed. Sites are not set up with URL structure like we have on the Open Web, http://www.thomsonreuters.com. In fact they appear to be hashed with letters and numbers in a random pattern. They also end in an .onion compared to the normal .com that we tend to see. So an example address might be: ijfije856ya5lo.onion.
Unfortunately, once a user passes into this realm, there is a minefield awaiting. The Wiki page starts with the benign and dives headlong into the frightening and disturbing. You can buy $10,000 of fake US dollars for the equivalent of $5,000 in Bitcoin, the currency of choice. The cryptocurrency Bitcoin is also generally considered anonymous. Other possibilities include, hiring a hacker, buying prescription drugs, and buying illegal drugs, and acquiring arms or if you so desired, get involved in unregulated medical trials. On the darker side, you can even hire a hit man.
Law Firm Perspective on Dark Web:
The key important piece to this post is that law firms are now being brought into the dark side. Criminals are stealing IP information, M&A information and dropping off onto the Dark Web. Other groups are grabbing proprietary information or sensitive client information from law firm networks and saving it onto the Dark Net to either expose the firm, or to hold at ransom. Hackers for hire have been used to target corporations and law firms.
One of the subjects that was asked of the panel, how should firms handle the Dark Web? In my time consulting around this subject, I was curious about the response. The group was split. Some thought that companies should not use their own networks to access the environment, others stated that in a controlled access situation, they could monitor what is going on the Dark Web to protect their brand. In fact, it was stated that nearly two million people a day visit, but most are monitoring what is happening. Law firms and corporations should be looking for client names, login and passwords, email address of their respective company.
With the increase in cyber-attacks, all entities have to be aware of how the hackers operate. Understanding the Dark Web in the context of this is part of the due diligence for any corporation or law firm today. Fortunately a new wave of companies are surfacing which can monitor the Dark Net on behalf of your organization.