|
To the depth of web : The Dark
Web

| |
Surface web is the web
that is visible to all of us. Where the general services we use such
as Linkedin, Facebook etc are presented. Simply it is the indexed part
of the web by any search engine such as google, yahoo. Then the deep
web can be identified as anything search engines cannot find. Though
people portrait this part of the web as illicit, the truth is deep web
can be some pages in a website that cannot be reached by the common
search engines but only through the website itself. This can be
medical records, legal documents, university databases etc. The dark
web which I�m going to talk about is a part of the deep web. It is the
part of the web which is hidden intentionally and only accessed by
special search engines through a unique process.

What illegal content is on the dark web exactly? Well, there is common
illegal stuff like drugs, illegal products, fake ids, fake passports,
pornography, and the list goes on. But there are more bizarre things
in the dark web which are beyond our imagination. There are sites
where you can find professional assassins, human trafficking, organs
for sale and terrorism. A site called �cloudenine� provides
information about well-known celebrities, politicians, public figures
as well as individuals. The accuracy of the information is not
guaranteed. Yet to see that this information contains public email
addresses and certain IP addresses are frightening. There is also
verity of malware, spyware, ransomware that are available for
purchasing.
But there are also advantages in the dark web. Freedom of privacy is
one of them. Then there are resources that are useful for study
purposes in different fields. The dark web can be used for military
activities for its anonymous nature. It has also become a platform for
activists to interact.

In my
opinion, the best way to deal with cybercrimes in the dark web is to
capture only the culprits. Indexing dark web will not prevent cyber
crimes from happening. We humans will always find a way to be
undiscovered. The best example for this is when FBI seized a child
pornography site called playpen and hosted it in one of their servers
for weeks. Then they were able to track down hundreds of members using
this site. They framed only the criminals and did not affect other
dark web users. Anonymity is not illegal. It is the crimes that should
be focused and should be prevented.
Hope this article brought you some knowledge of dark web and if you
are interested I suggest you to read some research papers regarding
the subject.
By:
Hasini Navindi
Abeywardana
Hasini is an undergraduate of the Sri Lanka Institute of
information technology who is currently following Bachelor of
Information Technology specializing in Cyber Security, currently, she
is working as an Intern - Information Security Engineer at Sri Lanka
CERT|CC
| | | | | |
References | |
1 Statistics on the Internet
growth in Sri Lanka | |
http://www.trc.gov.lk/images/pdf/ | |
statis_sep_2012.doc | |
2.The Dragon Research Group (DRG) | | |
http://www.dragonresearchgroup.org/ |
3.TSUBAME (Internet threat
monitoring system) from JPCERT | CC | |
https://www.jpcert.or.jp/english/tsubame/ | |
4.Shadowserver Foundation | | | | | | | | | |
http://www.shadowserver.org/wiki/ | |
5. Team Cymru | |
http://www.team-cymru.com | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | |
| |  | | | |
 | |  |
German chat site faces fine under GDPR after
data breach | | |
 | | |
"...A German social media
platform called Knuddels.de has been fined with �20,000 following a breach
that exposed the personal information of 330,000 users, including their
passwords and e-mail addresses, according to a statement (in German) by the
regional Baden-W�rttemberg data protection watchdog (LfDI Baden-W�rttemberg)..." | | ![]() |
Microsoft Warns of Two Apps That Expose Private
Keys | | |

"...Microsoft on Tuesday warned
users that digital certificates were disclosed in two apps, which could
allow a bad actor to remotely spoof websites or content.
Headset software company Sennheiser HeadSetup, Microsoft said, had
inadvertently installed the root certificates onto two apps, HeadSetup and
Headsetup Pro....." | | | | | |  |
| |
|

'...A Facebook executive has admitted that the company �made a mistake�
in not removing a post that incited racial hatred in Sri Lanka, an
international hearing on fake news and disinformation in London heard on
Tuesday (Nov 27)....' | | |
| |  |
Election Security Tested | | | |
 | |
| |
'...We�ve learned a lot about election security in the two years following
the 2016 presidential election, and most of it is not
confidence-instilling. U.S. voting systems, like any other electronic
systems, have vulnerabilities......' | |  |
Smartphone shopping: Avoid the blues on Cyber
Monday | | |
 | | |
'....Let�s get a bit statistical first. On Cyber Monday in 2017,
smartphones and tablets accounted for almost one-third of online sales,
according to Adobe Digital Insights (ADI). With that proportion rising
in recent years, a not-too-dissimilar picture is expected to be painted
during the 2018 edition of Cyber Monday, which ADI expects to be the
largest single online shopping day, ever, in the United States. The
importance of taking precautions while grabbing those bargains via our
mobile devices cannot be overstated.......' | | |
| |
|
|
Month in Brief | |
Facebook Incidents
Reported to Sri Lanka CERT|CC in October 2018 | |
| |
| |
Statistics - Sri Lanka CERT|CC | |
|
| | |
| | |  |
Keeping data swamps clean for ongoing GDPR
compliance | |
 | |
'...The increased affordability and accessibility of data storage over
recent years can be both a benefit and a challenge for businesses.
While the ability to stockpile huge volumes and varieties of data can
deliver previously unattainable intelligence and insight, it can also
result in �data sprawl�, with businesses unclear of exactly what
information is being stored, where it�s being held, and how it�s being
accessed....' |  |
Cisco predicts nearly 5 zettabytes of IP
traffic per year by 2022 | |
 | |
"...Cisco foresees a massive
buildup of IP traffic � 4.8 zettabytes per year by 2022, which is over three
times the 2017 rate � lead by the increased use of IoT device traffic,
video, and sheer number of new users coming onboard....." |  |
'Congress Wants to Confront Facebook,
Robocallers and Data-Throttlers | |
 | |
�...Democratic lawmakers clashed with the tech industry last week while
Republicans sought to expand cyber protections for small businesses.
Congress also finally delivered the Homeland Security Department its top
legislative priority and pushed the Pentagon to chip in more cyber
resources to defend civilian agencies.....� |  |
Iranian hackers charged in the US for
SamSam ransomware attacks | |
 | |
."...We�re sure you know what ransomware is by now.
ICYMI, ransomware is malicious software that scrambles your files with a
randomly generated cryptographic key�....." |
|