Between DarkNet and Sabotage: Inside Look at the DarkNet

Darknet markets are hidden websites that cannot be accessed using regular or normal browses or search engines as they don’t actually have a DNS name. Instead, most darknet markets have a.onion TLD suffix which “states that it’s a hidden service and can only be reachable by the TOR network.” Darknet sites can only be accessed through anonymizing software such as Tor, which actually obscures or hides the user’s IP address. A useful thing for users that don’t want to give away their location and their identity to internet service providers or other parties that could track their network activity.

The Darknet can be considered a scary place, with hidden IP addresses and illegal trades taking place including fake passports, drugs and even insider trading. Fortune.com reported in January 2017 that insider trading on the Darknet was on the rise: a rise in websites dedicated to white collar crime was noticed, and these websites essentially made insider trading easier than ever with insiders peddling up confidential information, despite the consequences of getting caught.

According to a Fortune Insights report, “the activity of company insiders on so-called ‘dark-web’ sites has doubled in the last year, posing a threat to both consumers and investors”. But how do insiders actually get onto the Darknet, and how can you stop them from accessing it whilst connected to your network?

In January earlier this year, Fortune reported that there had been a rise in websites dedicated to white collar crime, making it easier for insiders to get online and stir up a storm. Accessing the sites is not necessarily a difficult task, with thousands of sites coming up on Google when ‘how to access the darknet’ is typed in. One simply needs to use a VPN tool, and the Darknet is at your hands. But whilst accessing it might be simple, actually becoming a member of particular criminal groups takes more than just clicking inside. Users often have to pay a membership fee; however, there are cases where this member fee is waived in the case of users with high level computer access. By recruiting these insiders the criminal groups gain more power with access deep into an organization.

Darknet criminal recruitment is on the rise, and is one of the reasons behind the boom in cyber security software. Application usage and keystroke monitoring allows for organizations to monitor what their employees are doing and typing whilst connected to the network. Keywords or terms like ‘insider trading’, ‘negative wire transfers’ or ‘insider fund trading’ can be flagged, and when typed by users an alert can be sent to the organization’s IT department to block the user.

It’s not only software that’s playing a key role in monitoring for insider trading on the Darknet, but also dedicated staff — often with a military and intelligence background — is sometimes lurk on the Darknet and monitor sites for information that may compromise their organization.

The Darknet may be a mysterious concept to most, but to insiders it’s a breeding ground for deceit for financial gain. Within the financial sector, the Darknet and insiders pose a huge threat to not only financial equity, but also reputation and trust.

Originally published on IT Security Central.