VSTECS HPE Proliant Servers Header Top
SM Supermall WatchSM
HPE Proliant Server Pencil Bar Right
HPE Proliant Server Pencil Bar Left

The dark side of the dark web

The dark side of the dark web

Gone are the days when ransomware was developed and distributed by skilled cybercriminals. Today, anyone can easily build and launch ransomware as there are only two key requirements – bad intent and access to the dark web, a marketplace where malware kits are advertised the way a traditional online retailer promotes regular items like clothes and shoes.

Users on the dark web are annoymous and protected by a privacy feature baked directly into the Tor browser, which is the browser used to access it. This also means that law enforcement authorities are unable to identify where the websites are, who owns them, who uses them or who to arrest.

The easy access to the dark web is fuelling ransomware-as-a-service (RaaS) distribution models, which essentially enable novice cybercriminals to download and use ransomware. As ransomware is cheap to purchase and spread, it also provides a quicker payout than stealing credit card data or personal information.

One of the most recent, successful example is Philadelphia, a ransomware variant that is easy to customise and deploy, and uses common marketing strategies to reach potential customers. Cybercrooks only have to pay once to get an executable that can generate unlimited ransomware samples.

There is even a production-quality intro video on YouTube, explaining the nuts and bolts of the kit and ways to customise the ransomware with a range of feature options. Hence, with ransomware variants like Philadelphia, criminals with limited technical skills, can easily execute high-quality attack campaigns.

In fact, there are ransomware variants on the dark web delivered via cloud that offer a host of menu options to guide crooks on how much ransom to charge and the distribution spectrum of the attack.

For a ransomware campaign to succeed, attackers must overcome four main challenges:

  1. Setting up a command-and-control server to communicate with victims
  2. Creating ransomware samples
  3. Sending the samples to victims
  4. Managing the attacks by collating statistical information, checking payment etc

Chester Wisniewski, Principal Research Scientist, Sophos shares tips for enterprises to ensure attackers do not cross these challenges successfully:

  1. Understand underground trends and train employees on how the dark web works
  2. Increase the frequency of security monitoring and reporting in the organisation
  3. Patch early and patch often, even if you’re using an unsupported version of XP, Windows 8 or Windows Server 2003
  4. Be vigilant to recognise if employees or customers are being targeted

Use Sophos Intercept X, which is highly effective in stopping ransomware in its tracks.


About The Author

Raymund Ravanera is an accomplished and experienced graphic designer with almost 20 years of creative expertise working in the graphic design industry. He loves the latest gadgets, food and movies. Currently, he owns and manages megabites.com.ph, an online technology and lifestyle blog since 2015.

Related posts