I originally planned to focus this blog post on the dark web. Many of you reading this blog may know that the dark web is a well-known part of the internet where many sites are not indexed by search engines and can only be accessed if you know the site address, making them effectively hidden. Accessing the dark web requires special software, like browsers configured with Tor. Once inside the dark web, “dark net” markets exist that sell sensitive data stolen in breaches (in addition to illegal products like drugs and firearms). The dark web’s currency of choice is the cryptocurrency Bitcoin.
I thought it would be interesting to do some research and take a tour of the dark web, providing my perspective on what activities take place and how easy it is to buy and sell sensitive data. The dark web presents a Déjà vu experience for me personally. You see, as young teenager, I was one of the many pioneers of the early dial-up BBS age in the 80s.
I hosted a “warez” site in my bedroom and had hundreds of visitors to my site from around the world, although only one at a time could visit in those early days. My system was a Commodore 64 computer, a 1541 disk drive, and a 300 baud modem, which I later upgraded to a 1200 baud modem. I used “phreaking” techniques to cover long distance phone charges. You could argue that what I was doing in the 80s was a form of today’s dark web although instead of drugs, firearms, etc., I was simply sharing software.
Fast forward to present day and I was eager to try out the dark web. To kick things off, I installed a VPN, configured my browser with Tor, and proceeded to spend several hours perusing a bunch of .onion sites. As part of the process, I went back and forth between the dark web and the real world, Googling in the real world to find some of the more popular dark websites. That is when it hit me. While the dark web can be scary with a variety of places where you can get access sensitive data if you look hard enough, there is a place arguably more dangerous and much more significant in scale. Thousands of public-facing sites where sensitive data can be easily uploaded and shared either with malicious intent or accidentally by unsuspecting perpetrators. This place is the opposite of the dark web because it is not hidden, but actually right in front of us in plain sight. Welcome to the “bright web.”
Researching the bright web – meet our victim Frank Altos
To help articulate what the bright web is, I enlisted the Netskope Threat Research Labs team and turned the research away from the dark web and instead focused on places on the public internet where you can easily upload and share sensitive data-in many cases anonymously without requiring you to create an account tied to a credit card. For some of you, these findings may be shocking. Many of you already know that some of these sites existed, but perhaps may not have realized how widespread and ridiculously easy it is to do some significant damage.
As part of the research, we wanted to paint a real-world scenario that involves sharing sensitive data. To support this, we created a piece of data that represents the type of data that stolen during the recent Equifax data breach. We created a fictitious customer record with personal information that includes name, address, phone number, email, and social security number. I also added a couple of credit card numbers, which we t