Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Notes from the Underground: A Multi-Part Investigation into the Cybercriminal Dark Web

The other day, I heard a staggering fact: At any given time, there are upward of one million people in the sky. That amounts to roughly the population of Dallas, all soaring forward at 30,000 feet to their next destination.

It got me thinking about other corners of the world that are just as bustling, but equally unapparent to the naked eye. One that matters a lot to us is the cybercriminal underground.

Most people will never dip as much as a toe in the dark web. After all, it's not indexed by traditional search engines and requires special software to connect to - an intimidating combination. Yet it's thriving and industrious in ways that are unimaginable to many. In fact, some estimates place the dark web, which allows users to stay anonymous, some 400 to 550 times the size of the "surface internet."

While many consider the dark web a black-market playground for the depraved and sinister (and a haven for whistleblowers and activists), it also functions in many relatable ways to environments you are used to. For security professionals especially, understanding how the cybercriminal underground operates and the end goals of its inhabitants (who happen to be your foes) is pivotal to staying ahead of today's sophisticated threats.

It's the old Sun Tzu "Art of War" philosophy: To defeat the enemy, you need to know the enemy. The goings on of the dark web offer an enlightening crash course into the tactics, methods and purpose of cybercriminals - insight that can be incorporated into your defenses. However, most security professionals don't personally have the time or resources to seek out this information, plus experts recommend even knowledgeable individuals avoid accessing this region of the internet due to its risks.

But at Trustwave, it's our job to wade into enemy territory. That's why we are bringing you a multi-part series that investigates the inner workings and subtleties of the dark web - and why and how they matter to you. The first part was released on Friday by our elite SpiderLabs team:

"Code of Honor"

Synopsis: Contrary to what many may believe, the dark web is governed by written and unwritten rules, and is a place where reputation matters above all else. Our SpiderLabs researchers plunged deep into the cybercriminal underground to understand how order and integrity is maintained among the felonious, from how to conduct business to where to make charitable (yes, charitable) contributions.

Here is a sneak preview of the next two parts, which will arrive in the coming weeks.

"The Underground Job Market"

Synopsis: This will offer examples of how recruiting works in the cybercriminal underground, from drug running, to hacking, to corporate infiltration.

"The Underground Laundry Machine"

Synopsis: This will describe the various schemes (many of them seemingly legit) that are used to launder money.

Stay tuned for much more to come!

Dan Kaplan is manager of online content at Trustwave.


Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More