Why it matters: The dark web is still alive and kicking, and it's become more dangerous than ever. New research highlights how the value of stolen data and general cybercriminal behavior has evolved over the past six years.
Cloud security firm, Bitglass, recreated a data tracking experiment from 2015 by inventing a fictional identity selling login and password data. Researchers then posted the information in several dark web marketplaces, enticing users by offering access to fake files that would allow access to organizations in retail, government, gaming, and media sectors.
Watermarking technology inserted into the files allowed Bitglass to trace data from the users who accessed it and thus gather current trends on the dark web. The findings were interesting. Overall, stolen data spreads 11 times faster on the dark web today compared to six years ago.
Breach data received over 13,200 views in 2021, a dramatic increase from 1,100 views in 2015. The surge represents a growth of 1,100 percent, clearly demonstrating how the underground platform has become an even more popular destination for cybercriminals.
The time it took to reach 1,100 link views in 2015 was 12 days. In 2021, the targets were markedly faster in accessing the sham data as it took them less than 24 hours to view the links.
Locations from where the downloads of the stolen data occurred revealed the United States as the second-most frequent region from where cybercriminals originate. The top three included Kenya, America, and Romania.
The research also found that targets showed a keen interest in retail and U.S. government networks data. These two categories received the most clicks—37% and 32%, respectively. That's not a surprising revelation as the potential ransoms can yield enormous profits for those fields.
Retail networks are naturally a top priority for attackers as they can distribute ransomware and extract payouts from large businesses. Likewise, U.S. government data is equally valuable since hackers—state-sponsored or individuals—can then sell this information to other nations.
In addition, activity within the dark web has become busier. According to the study, the total number of anonymous viewers on the Dark Web in 2021 reached 93 percent, a notable rise from 2015 when it was 67 percent.
Cybercriminals have largely evaded laws that prosecute cybercrime as they've become more effective in covering their tracks, Bitglass stressed.
Cybersecurity efforts from businesses and organizations have not adequately been able to prevent attacks. Furthermore, because of the increased attention from law enforcement to track down malicious actors, the firm expects them to continue to utilize anonymous VPNs and proxies to evade authorities.
"In comparing the results of this latest experiment to that of 2015, it is clear that data on the Dark Web is spreading farther, faster," said Mike Schuricht, head of the Bitglass Threat Research Group. "We expect that the increasing volume of data breaches as well as more avenues for cybercriminals to monetize exfiltrated data has led to this increased interest and activity surrounding stolen data on the Dark Web."
According to data posted by Microsoft, Dark Web denizens can acquire most cybercrime services for less than $500. Atlas VPN discovered that underground marketplaces offer a single ransomware kit for as low as $66, while hackers only charge about $311 to deliver a sustained DDoS attack against a target for as long as a month.
Data breaches are commonplace nowadays, so it's not surprising that stolen usernames and passwords are offered for as little as 97 cents per 1,000 accounts. Additionally, hackers perform custom jobs such as credit card scams or identity theft for as little as $250.
Image credit: Freepik