Another COVID-19 side-effect: Booming business on dark web
Cyberattacks have grown during the coronavirus pandemic, and sites on the dark web are thriving with information and good obtained through those hacks, according to security experts.
Posted — UpdatedCyberattacks have grown during the coronavirus pandemic, and sites on the dark web are thriving with information and good obtained through those hacks, according to security experts.
"They’ve got everything from bank logins, credit cards, corporate intelligence," says Neal Bridges, a cybersecurity expert and chief content officer for Cary-based INE. "There are quite a few known dark net marketplace websites that sell anything from drugs, guns, fake IDs, passports, credit card numbers, personal identifiable information."
Most people surf the surface web, which accounts for only 4 percent of the internet. The deep web, which includes protected sites for medical and legal records, accounts for about 90 percent. The remainder is the dark web and its illicit activities.
Using a special browser to hide his identity and navigate the dark web, Bridges searched "Carolina" on one site and found plenty of hits:
- A template for North Carolina driver's licenses that sells for about $1
- A Social Security number and a date of birth for a North Carolina resident.
- Some 7.4 million records in North Carolina's voter database.
"There’s a database leak from the NorthCarolina.gov website," he said,
The majority of the personal information on the dark net was stolen through hacking or email scams, he said.
"We’ve probably seen some of the most interesting movement over the past couple of years in the last 12 months," he said. "What I would say is since the pandemic there’s been a lot more listings."
Migliano attributed the increase to lockdowns that had more people at home spending more time on the internet buying more services and goods to survive the isolation.
"We’re seeing a lot more lifestyle brand accounts for sale on the dark web that we’ve never seen before," he said. "The users on many of these accounts you're finding on the dark web now, like Peloton, may not have had a lot of online accounts before but are being forced to use more online accounts because they’re stuck in their homes."
Among the pandemic-fueled items found by Migliano, Instacart account information going for more than $22, Peloton accounts at almost $18, Drizly, the alcohol delivery service, and Amazon Prime Video at just above $13 per account. None was on the hot list in 2019, he noted.
"They’re fresh blood, so to speak," he said, adding that the new accounts contain the most recent email addresses and passwords used by consumers.
Debit and credit cards, as well as bank information, still garner top dollar on the dark web. But it takes only one username and password for a cyber criminal to hit the jackpot. They can take that combination and run it through programs that submit it to hundreds, if not thousands, of other businesses.
Making it a volume business lets criminals keep their prices low enough that law enforcement is less likely to get involved.
"The risk/reward factor for hackers is definitely in favor of the hackers," Bridges said.
Both Bridges and Migliano urged people to use password managers and two-factor authentication to protect their account and personal information and to limit the potential damage if any of it does end up in the wrong hands.
"You have to be more diligent than what you’re used to right now in protecting your personal information, your financial information and just everything about your digital life," Bridges said.
Related Topics
• Credits
Copyright 2024 by Capitol Broadcasting Company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
