Back in March, a SpaceX engineer pleaded guilty to secretly selling insider tips on the dark web. Going by the name "MillionaireMike," not only did he purchase personal information — including names, addresses, dates of birth, and social security numbers — and use that information to conduct trades on a company that has not been made public, he also purchased and used insider information for an unnamed company, and sold insider information as well.
Unfortunately, this type of criminal activity is rampant — and the Dark Web is where it usually occurs.
The “Dark Web” is a hidden part of the internet not accessible by typical web browsers. Essentially, it requires certain software and/or specific network configurations to access. Once a user accesses the Dark Web, they have access to any number of sites that offer illicit and/or illegal material. While some journalistic and watchdog sites also remain on the Dark Web in order to protect their users’ safety and remain anonymous, much of the content there reflects the network’s title: it’s dark. Think: child pornography, fraud-related activity, malware, and other illegal or dangerous content. And users can often purchase databases containing user login credentials and other sensitive information, malware, ransomware, and other applications used for malicious intent.
In other words, the Dark Web is a hotbed of all the things you don't want your business or employees associated with. Nor would you want your company's (or client's) information finding its way into one of those many darknets. Once that information is made available, there's no telling the damage that can be done.
What Are the Risks?
If your employees explore the Dark Web, unless they’re an investigative journalist with a very good reason to do so, you likely have good reason to be concerned.
Those who dive into the Dark Web will find a veritable eCommerce market for things that are not available via the usual methods. You can't buy a database filled with usable credit card numbers on Amazon; you can't head to Etsy and purchase thousands or millions of user credentials for bank accounts; you can't point your browser to Walmart.com and click to add a list of valid social security numbers into your shopping cart.
On the Dark Web? It’s all possible.
On the surface, the risks are obvious: You have an employee who gains access to the dark web (from your company LAN) and then purchases a database of user credentials or troves of various illegal material. Your employee using your network to do illegal activity could implicate you accidentally, simply by association — or that employee could implicate you on purpose. Embittered employees have done worse.
Or that person might have access to specific information that could make it easier for people to invest in "sure thing" stocks. What happens if one of your employees takes that information and sells it on the Dark Web, such as when Hieu Minh Ngo hacked into US business computers, stole company data, and sold it? Although your company might not be directly involved with that illegal activity, it will certainly drag you into litigation for a while. And, given how quickly the court of public opinion draws its conclusions, your business could take a lasting hit.
But let's take it down a notch and out of the courts for a moment — there are other risks, too.
Say you have an employee who gets curious about the Dark Web. They find their way in and discover a treasure trove of what looks like harmless, but fascinating, content. Perhaps they want to pirate films that haven’t been released yet. With their curiosity piqued, they download a few files, not knowing those files contain a malicious payload. Their computer is now infected with dangerous malware or ransomware — and your company is hit with the bill for either recovering data or protecting its assets from theft. Or worse, your network is laterally infected with a virus.
How Do You Avoid the Risks?
The first thing you should consider is blocking all Tor traffic, as Tor is the most popular method of gaining access to the Dark Web. The problem is that Tor uses SSL connections over web ports and can be adapted to use any available/open port. Because of this, it's often a challenge to discover such traffic. To help prevent users from making it to the Dark Web, you should layer network security, using a proxy and VPN together. Or, if you’re on OpenVPN Cloud, you can strategically block all traffic to any site you choose.
Even before you get to the point of having to block Tor traffic, your company should have a clear policy on Tor usage. Make sure your employees understand that downloading a Tor application or bundle is against company policy, which can lead to immediate termination. Employing products like OpenVPN Cyber Threat Protection and Content Filtering can help your cybersecurity team enforce such policies, by simply blocking such traffic on your company LAN.
Another proactive step you can take is to educate your employees on the dangers the Dark Web poses. During a company meeting, make sure you not only reiterate the company policy, but explain what the Dark Web is and why it poses a danger to not just the company, but to the employees that could fall victim to such illegal activity.
The reality is, the fallout from an employee connecting with the Dark Web could spell disaster for your company — at the very least, it’s highly suspicious and simply too dangerous to risk. Not only do you risk your company becoming implicated in illegal activity, but the dangers of an employee accidentally infecting their PC with some very dangerous malware is something that could have company-wide ramifications. Instead of allowing risks like this to remain unchecked, empower your IT staff with everything they need to prevent such behavior. Policies, proxies, and content filtering won't drain your company's coffers, and the peace of mind you'll gain is priceless.