本文是计算机专业的留学生作业范例，题目是“Cybersecurity and the Black Market（网络安全和黑市）”,网络安全的目的是保护信息系统和数据不受黑客的非法访问，防止网络上的非法活动。本文阐述了在露天网上进行的网络犯罪的不同形式，黑市对网络安全的影响，暗网中的网络犯罪以及如何对暗网进行监控。
The aim of cybersecurity is to protect information system and data from unauthorized access by hacker and also prevent illegal activities on the internet. This paper describes the different forms of cybercrime carried out on the surface web, impact of black market on cybersecurity, cybercrimes in the dark web and how to monitor the dark web.
The emergence of the dark web has led to a huge increase in malicious activities conducted on the Internet such as money laundering, drug trafficking, child abuse, murder and so on. This has negatively affected the effectiveness of cybersecurity.
The creation of the world, wide, web and other search engines such as Google has made easy to access to information anytime. Most of these information easily accessible are on the surface web which is easily accessible through normal search engine . On the other hand, there are some websites that are not easy of access using normal standard search engines since the data embedded on these websites are heavily encrypted. Likewise, these websites called also dark web are very similar to black markets, since the main reason of their creation is to bypass taxes and laws and trade in dangerous illegal goods.
world, wide, web和其他搜索引擎如谷歌的创建，使随时获取信息变得容易。这些信息大部分都可以通过普通的搜索引擎很容易地访问到表面网络。另一方面，有些网站使用普通的标准搜索引擎很难访问，因为这些网站上的数据是高度加密的。同样地，这些被称为暗网的网站与黑市非常相似，因为他们创建的主要原因是为了绕过税收和法律，从事危险的非法商品交易。
As a result, we observe nowadays that black markets also expanded online where a pool of cybercriminals can make a lot of money by selling or exchanging data, buying forbidden data, or goods that are prohibited by governments regulations . So, the emergence of these online black market has affected deeply the effectiveness of cybersecurity and internet governance since people and business are getting more affected by these activities while cybercriminal are rendered more difficult to catch and prosecuted.
Cybersecurity is referred to as the process of protecting computer, software, hardware, data, information, computer network from unauthorized access and alteration by hacker, terrorist and cybercriminals. The Internet established a mean of conducting business, buying and selling of products and services, financial transaction and communication with customers. There are many benefits of using Internet, which include worldwide business advertisement with little or no fee and less man effort within a short period of time. As the use of Internet offers numerous benefits, it also offers equal avenue for hackers, cybercriminal and Terrorists .
Cybercrime implies to criminal activities involving the use if Internet, computer and any other type of IT Infrastructure. Cybercrime are in three categories which are :
Against Person: This type of crime include people harassment using computer, which can be through email, cyber stalking, and pornography and so on.
Against Property: Crimes includes computer vandalism, possession of unauthorized computer information and unauthorized computer infringement via cyberspace.
Against Government: This is referred to as cyber terrorism. For example, an individual or group pf people illegal access into government website.
2.1 Forms of Cybercrime
The following are the different forms of cybercrime:
Intellectual Property Theft
Intellectual Property is a new employed model with an economic value. Patents, video and music copyright, trademark are used to protect intellectual property. Attackers tends to target organization internal business information. Examples of Internal business information includes product price list, product design, list of customers etc .
The act of stealing little amount of money from different bank account which later amounts to a huge money is referred to as Salami Attack. This act is commonly conducted by cybercriminal. In most cases, Salami attack goes unnoticed because the amount deducted are ridiculously small. For example, an attacker develops a software that deduct (50 cents, a month) from several accounts holders in a bank. Majority of the customer would not take note.
This type of attack is conducted via email. The aim is to steal personal and financial information. In this attack, the attacker sends an email appearing to come from a legimate address requesting for user’s private information such as username and password, social security number, credit card details etc .
This is a fraudulent act, in which a cybercriminal steals someone else identity and commit crime with the stolen identity. The type of identity often are name, home address, card number and social security number. Also, with the stolen information such as username & password, bank account details cybercriminal cam access the bank account and make money transfer to another account or make purchase .
This is a process of gaining unauthorized access to computer. In this technique, an attacker manipulates a hosted IP packet and transmit the message whereas the receiver believes to have received the message from a trusted source.
DOS & DDOS
Denial of Service (DOS) attack interrupts network services whereby making network resources unavailable to authorized users. A Distributed Denial of Service (DDOS) is a DOS attack that spreads malicious content from more than one infected system at the same time. The targeted software are controlled remotely by “Botnets” .
2.2 Trends impacting Cybersecurity
Below are the few trends impacting cybersecurity:
There have been an increase of attack on web application. Web application require high level of protection as cybercriminal uses these platform to steal data. It is of importance to use a safe browser when conducting important transaction on the internet .
Majority of companies are migrating into the cloud. The use of cloud computing poses a threat to cybersecurity. As the use of cloud application increases, effective control of cloud services is needed to prevent the loss of sensitive information. Cloud computing offers numerous opportunities so also does the security concerns around it increases.
Advanced Persistent Threat
This is a new approach of cybercrime. Attacker gain unauthorized access to computer network and remains unnoticed for a period of time. IPS & web application filtering are used to detect such attacks but as attackers keeps improving their techniques. It is important to integrate network security with other security services in order to detect and prevent more advanced threats in the future .
The black Market can be defined as an Illegal, free market expanding in economies where goods are scanty or heavily taxed. It is basically a clandestine market that takes place outside any government regulations or sanctions to avoid price control and taxes. These markets also called Shadow markets are places where one can purchases assets or any kind of property that are not publicly accessible. There is a motto saying that “No good deed is done in the dark”. A prime example of it is the Black Market. In a nutshell, the main reason for trading through the channel of Black market is to trade contraband, avoid paying heavy taxes and being under the influence of price fluctuations. Likewise, participants in a black can freely exchange stolen or corrupt good without being under the scrutiny of any kind of federal agents or regulations. Since participation in Black market activity is considered illegal, each member tries to hide their identity from the government by using cash for example to not leave any footprints during transactions.
According to the Research Institute for Arts and Humanities, the early 2000s saw the growth of cybercrime message forums like ShadowCrew, counterfeitlibrary.com and the Russian language carderplanet.com operating on the clear web through a message board, with members communicating through a Virtual Private Network (VPN).
An example of Black Market born because of the expansion of the web is the Darknet. The Darknet is comprised of numerous black-market websites where everyone’s identity is veiled against authorities and law enforcement. Recent years have seen dramatic increases in the darknet’s aggregate bandwidth, usability, size of shared library, and availability of search engines. To be able to access these websites, participants need to be computer-proficient enough to install the special software required by the black markets’ websites. Moreover, the Darknet use complicated encryption techniques to hide people identities and bounce the network traffic around many servers around the world making tracing impossible.
Likewise, Pseudonyms are used for messaging and most transaction like in the Black-Market use Bitcoin and the service of escrow third party for trading. As a result, the surfers and the publishers are anonymous and not easy to catch by investigators. On these websites, Narcotics, Firearms, stolen credit cards numbers, human trafficking, illegal pornography, money laundering services, and even hiring assassins are some of the marketplace option offered to any participants. As an example, in 2015 a Hacker posted a data dump of 9.7 gigabytes in size which include account details and log-ins for some 32 million users of the social networking site AshleyMadison.com in the Dark web .
Ashley Madison is the most famous name dating website in infidelity and married dating . Kim Zetter (2015) claim that the data released by the hackers includes names, passwords, addresses and phone numbers submitted by users of the site. On top of that, an analysis of email addresses found in the data dump also shows that some 15,000 are .mil. or .gov addresses indicating that some users were parts of the US government and that their credentials might have been affected . Moreover, in 2013, the Australian Police Department has confirmed that the hackers so-called “Medicare Machine” offered private Medicare details to anyone requesting them, all for a fee of 0.0089 bitcoin — equivalent to AU$30.50 on the Dark Web . In 2017, Target was hacked and customers card detailed turned up for sales of the Dark web .
Another famous example of a dark network was the Silk Road marketplace founded in 2011 and often considered the first dark net market .These kind of marketplace were instrumental in the development of cryptocurrencies such as Bitcoin, which rely on decentralization and enhanced security measures. Even though it was busted in 2013 by government authorities, many copycat market were reproduced after. This shows us how dangerous these online Black markets are for people nowadays. Practically anything one need to know or have access to is available on the Dark web.
As a result, on these secret websites existing on encrypted network, individuals hosts websites that not every common internet user can have access. While many of these websites are host on the dark for illegal purposes, they can be used to protect individual from surveillance, facilitate news leaks and used to protect political from reprisal . So, aside from illegal activity perpetrated on the Darknet, there are legitimate reasons one might use this kind of market.
4.1 Accessing the Darknet
Furthermore, to access Dark Web or Black Market’s websites, you need an anonymizing browser. “Tor” is an example of an open source browser routes your web page requests through a series of proxy servers operated by thousands of volunteers around the globe, rendering your IP address unidentifiable and untraceable . Tor stands for “the onion routing project” and was developed by the U.S. Navy for the government in the mid-1990s. The browser is available for any Linux, Mac and Windows system and is now render available on Cellphone. Any time you visit a website using a typical browser, you can be traced back to your exact location because your IP address is made unhidden to everyone connected on the website.
On the other hand, Tor allows individuals to hide their location, appearing as if they are in a different country. Tor is a network made up of many of volunteer nodes which are called relays. A relay is a computer inside Tor, listed in the main directory, receiving internet signals from another relay and passes that signal on to the next relay in the path. Consider someone in Jamaica who wants to search a site hosted in Minnesota. Instead of him connecting directly, the Tor browser takes him on at least three random detours called relays. His request may go from Jamaica to South Africa, from South Africa to Hong Kong and from Hong Kong to Minnesota . Using Tor browser make it difficult or impossible for any snoops to see your search history, social or any other online activity because bouncing people request around to random computers all over the world makes it harder for the government to find you .
Furthermore, Tor only works for TCP streams and can be used by any application with SOCKS support . Thus, a path is randomly generated for each connection request and on top of that none of the relays keep records of these connections. Using Tor, you can prevent the sites you visit to have access to your physical location and keep websites to track your history . Seeing how Tor is powerful show us why it is the most preferred ways to host Black market on the websites and why cybercriminal are difficult to get caught by the government.
4.2 Dark Websites
On the same nutshell, Dark websites look like any other websites but instead of ending with .com or .edu , they usually end with .onion. These sites also use a scrambled naming structure that creates URLs that are often impossible to remember. Finding a criminal market place is very simple once someone has gotten in the dark web searching for them. As an example, Nucleus was a very popular marketplace on the Darknet that focused primarily in dealing drugs or contraband. But in the late 2016, the website became unresponsive. The marketplace best known for trafficking in identity theft using Tor was Alphabay Market. There thousands more dark websites that are available on the Black market. Many more Dark web are created every rendering criminal investigation more difficult since it is not easy to pinpoint exactly their locations.
5.CYBERCRIME IN THE DARK WEB暗网中的网络犯罪
The virtual crime is not different from the real-world crime, the virtual crime only employs a new medium of conducting the crime. Virtual crimes are also committed using the computer and the Internet.
Drug, Weapons and Exotic Animal
Silk Road website is an anonymous marketplace that involves in the selling of cloths, books and illegal goods such as weapons & drugs. On the Tor network, these website appears like every other shopping website on the internet that includes a brief description of the goods and also corresponding photographs .
Stolen Good and Information
The dark web encourages their user to trade sensitive information such as username and password, credit card details, PayPal password etc.
Assassination website on the dark web allow its users to predict the date of death of a particular individual and gets a reward when the date of death is guessed accurately. The dark web also include website to hire assassin such as White Wolves.
Terrorist make use of the dark web because of the anonymous network that is inaccessible. The terrorist cannot use the surface web because their site can be easily shut down and the administrator can be traced. They make use of the dark web for their propaganda, recruitment, planning etc .
Illegal Financial Transaction
Untraceable financial transaction are conducted by some website in the dark web such as Banker & Co and Instacard. They carry out their activity by issuing a bank anonymous debit card to user or virtual credit card which is used by the dark web trusted operators.
The Hidden Wiki
The hidden wiki is the main inventory used in the dark web. This website encourages cyber-attack, money laundering, contract killing etc. Just like other website on the dark web, the link to the hidden wiki is changed frequently to avoid detection .
6.MONITORING OF THE DARK WEB监视暗网
As earlier mentioned, the Dark web and the Tor network protects cybercriminals presence on the Internet and promotes various illegal activities. Security agencies are making effort to track and monitor activities conducted in the dark web by focusing on the Tor network but due to the dark web network design, monitoring of activities has been a huge challenge to the security agencies.
The following areas below can be concentrated on to address the challenges :
Monitoring of Customer Data
Security agencies can monitor and analysis customer web data to identify interaction with the non-standard domain. Thus, this monitoring might not detect links to dark web but it will give the agency an insight on their activities. User privacy would not be comprised during the monitoring, as agencies are interested in the web request destination not the individual accessing the website.
Social Site Monitoring
New hidden service and information are transmitted through a website called Pastebin. Under constant monitoring of this site, message exchange that includes new dark web domain can be detected.
Hidden Service Monitoring
Most dark web services are frequently shutdown and relaunched under a new domain after a certain time. Hidden service activity can be monitored by identifying new sites as soon as they are launched and take snapshot in order to be used for future analysis.
After retrieving the hidden services data on the dark web, a semantic database containing importance information about the hidden service can be created. With this database, future illegal activities on the site can be tracked.
The rapid growth of dark web has led to the easy distribution of encrypted technologies and hacking codes making it harder for the cybersecurity domain. Nowadays, we observe a rise in the number of cybercriminals carrying out their activities on the dark web to avoid being tracked by the government. In the wake of highly-publicized arrests and an increase in the ability of law enforcement to take down some markets, criminals are now aware of the risks using the web. As a result, it is necessary for every organization to at least update its security systems to the current standards and always pay attention to network traffic that is flowing through its connections.