The dark web is the part of the internet that cannot be accessed without specialised software. TOR (‘The Onion Routing’) is one such well-known software that provides significant anonymity and encryption. Accessing the dark web may not always be considered illegal, in and of itself. However, the dark web’s association with anonymity creates an equally strong association with unlawful activities.
Not to be confused with the deep web (the part of the Internet not indexed by search engines), the dark web is a part of the deep web and is used for many reasons: maintaining privacy, circumventing censorship, or providing an enabling space for criminal activity (cybercrime tools, trading data or illicit materials).
Dark web: A threat to financial sector
Businesses
Increased ‘cyberization’ has been integral to the financial sector over recent decades and cyberthreats have increased in step, directly impacting the operational risks faced by the financial industry. The dark web provides an enabling facilitator for these cyberthreats.
For example, hacker forums on the dark web can share expertise or coordinate attacks in relative anonymity, syphoning funds or stealing data. Ransomware attacks can be executed on the dark web preventing lawful access until a ransom is paid. In fact, ‘Ransomware-as-a-Service” is readily available on the dark web.
The dark web can also facilitate DDoS (Distributed Denial of Service) attacks; denial of access to financial services in such a time-sensitive sector has a significant negative impact, operationally and financially.
Consumers
Consumers hold and transact multiple financial assets online and use their identities to access these assets. The identity of a consumer online is often simply a collection of data points others don’t know. Such data points include password credentials, card details, dates, addresses, relationships, history etc. With enough of these data points, a person’s identity can be reconstructed online to gain access to the assets illegally. Obtaining these pieces of data is made much easier when there is a market where missing bits can be bought and sold in anonymity. This is, once again, where the dark web comes in.
The financial sector holds a wealth of such data for its consumers, since it collects the data to enable its service offerings while also maintaining regulatory obligations. Financial institutions are therefore valuable targets of cybercriminals who use the dark web to plan and execute data theft. At the same time, the dark web enables them to monetise the stolen data.
Malware that directly infects users’ computers and steals banking credentials is also sold on the dark web. It captures keystrokes or creates backdoors for later exploitation, leading to the loss of assets and consumer trust.
Consumer trust is crucial in the financial sector. Illegal activities on the dark web can erode trust and damage reputation, significantly impacting the financial industry.
Capital markets
Exploiting inside information, commonly referred to as UPSI (Unpublished Price Sensitive Information), undermines trust and investment in capital markets. The dark web enables buying and selling inside information in secrecy which also hurts the regulatory ability to curtail insider information. In response to such challenges, regulators have required the maintenance of Structured Digital Databases to track the flow of all UPSI from the source.
Impact on risk capital
The higher the risk, the more capital the financial sector must set aside to manage it. The impact of operational risks in the financial industry cannot be considered complete without considering the contribution of the dark web in increasing the cyberthreat quotient. Cybercriminals who are yet to achieve the required levels of sophistication can also avail of ‘cybercrime-as-a-service’ on the dark web, increasing the number of ‘threat actors’ and the resultant risks. With the increase in risks comes an increase in the need to hold regulatory capital in reserve, reducing the capital otherwise available for use and ultimately hurting the financial sector.
The threat quotient in the financial sector
The threat from the dark web to the financial sector as the primary but anonymous facilitator of tools, resources, expertise, and services continues to increase. In addition, attacks on other sectors can also impact the financial industry. For example, sensitive information belonging to 815 million Indians recently emerged on the dark web, brought by a hacker described as ‘pwn0001’, advertising the stolen information on the dark web. While the financial sector is not believed to be the source, misuse of such data can nonetheless compromise its consumers.
In the future, the influence of the dark web is expected to grow. A marketplace called STYX was introduced on the dark web in early 2023, offering services primarily related to financial fraud. These services include the sale of identities, money laundering, DDoS attacks, bypass mechanisms for 2FA, and distribution of malware, among others. The increasing threat quotient of the dark web to the financial sector rightly deserves greater attention. Simply put, there is little alternative.