Flashpoint reveals top deep, dark web threats of 2015
The top five high-risk threats developing in the deep and dark web have been identified, says Flashpoint.
Flashpoint's 2015-2016 Highlights & Trends in the Deep and Dark Web report highlights the trends that present the greatest risks to companies and their critical assets.
- Anyone can be a cyber-criminal. Thanks to expanding toolsets such as malware-as-a service offerings, the barrier to entry for would-be cyber-criminals continues to lessen.
- Drugs are more desirable and accessible via dark net markets now more than ever. Half of all Tor markets offer narcotics. A growing interest in dark net markets will be result from the increase in online drug markets.
- With encryption and privacy entering the political sphere and no legislature or governance to address use of hidden services, a rise in Tor and I2P services will continue along with the exploitation of these services to conduct illicit and malicious activity.
- Threat actors motivated by chaos, ego and fame, such as those involved in the TalkTalk breach, flourished in 2015. Their actions and goals are more challenging to predict than those motivated by politics and money.
- Chinese and Jihadist communities have recruited younger and more tech-savvy talents who offer strong support for terrorist groups such as ISIS, which has created an increased risk to farther reaches for these terrorist groups.
“The last year has been one of escalating activity for cyber-criminal activity in the Deep & Dark Web, as we have seen a number of new and telling trends in places such as Europe, the Middle East and Asia, including the maturing of the Chinese and French underground communities. To add to this, the illicit goods marketplaces are also maturing, and new, specialised marketplaces are emerging,” said Josh Lefkowitz, CEO of Flashpoint.
Researchers at Flashpoint stress that intelligence about malicious and illicit activity being executed in the Deep & Dark Web can help organisations to prepare for the latest threats before they are carried out by cyber-criminals.