Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Darknet (ec)

354 views

Published on

The Darknet, Deepweb explained in 'Plain English' is an overview of an area of the Internet that most people do not know about and where over 90% of material can be found, most of which is very questionable as to being legal. It is a space that should be avoided and in particular children educated as to its dangers. If you have a small business staff should be made aware of the dangers of the Darkweb and if you have not prepared an Internet use policy banning Darkweb access you should consider adding it to the policy.

Published in: Education
  • Be the first to comment

  • Be the first to like this

Darknet (ec)

  1. 1. Demystifying Cyber Security: The Darknet (Deep Web) 1 PD Unit
  2. 2. BRADLEY W DEACON Session Speaker Bradley W Deacon Bradley is a former Federal Agent and was one of the first members of the Australian Federal Police Computer Crime Unit Sydney where in 1995 his team was successful in having the first jail sentence imposed on a computer hacker. Bradley is a qualified non practising lawyer focussing on the law around Cyber Space & Social Media with degrees in criminal justice, law, and postgraduate studies in Criminology and Law. Additionally Bradley has a Postgraduate Certificate in Distance Ed specialising in Digital Delivery from Penn State University. Bradley also has a Masters in National Security with his thesis centred around digital technology: “Evolving Digital Technology Terrorist Financing & The Threat To U.S National Security” As a cyber bullying and stalking advocate, Bradley was approached by VCAT in 2014 to design and facilitate delivery of a social media awareness package in 2015 for Victorian Court Staff and the Judiciary and was recently a keynote speaker at the Say No 2 Bullying Conference on the Gold Coast. Bradley lectures at several Australian Universities and colleges in a variety of Cyber Law related units and justice units and is about to undertake a PhD in Social Media by ‘publication’. On-Demand Professional Development Academy
  3. 3. Session Outline Learning Outcomes • Background of Darknet (DeepWeb) • Ramifications of staff accessing Darknet • Cyber security education development • White Hat, Black Hat & Grey Hat hackers On-Demand Professional Development Academy
  4. 4. Background of the Darknet The Darknet aka Deep Web • Hidden websites started appearing in 2004 • The TOR network original intention was for anonymous communication within Military to keep messages encrypted and secret On-Demand Professional Development Academy
  5. 5. Background of the Darknet The Darknet aka Deep Web On-Demand Professional Development Academy • TOR stands for the ‘Onion Router’ and will generally have an extension .onion • TOR is slow as it bounces around several ‘volunteer’ computers around the world to keep original location it was sent from and the place it is going ‘anonymous’
  6. 6. Background of the Darknet Released As Open Source • In 2004 TOR was as freeware ‘open source’ to the public • The .onion extension represents the multiple layers similar to an onion in that when you cook an onion you peel off layers On-Demand Professional Development Academy
  7. 7. Background of the Darknet Released As Open Source • .Onion is used because the websites you are visiting are deeper and harder to find • .Onion websites are deeper and harder to find as they are behind layers of anonymity On-Demand Professional Development Academy
  8. 8. Background of the Darknet Deep Web • The Deep Web includes many web pages that are encrypted with passwords or documents in formats that cannot be indexed • Therefore, the Darknet is part of the Deep Web, but the Deep Web is a much broader term than the Darknet. On-Demand Professional Development Academy
  9. 9. Background of the Darknet Deep Web • The Darknet has an estimated 200,000 to 400,000 sites, with the exact number impossible to determine. • Websites are hosted on servers with hidden locations through the veil of encryption and virtual private networks (VPNs). • As a result, Darknet sites are extremely difficult to shut down as the location of the administrators is virtually untraceable. On-Demand Professional Development Academy
  10. 10. Background of the Darknet Released As Open Source • .Onion is used because the websites you are visiting are deeper and harder to find • .Onion websites are deeper and harder to find as they are behind layers of anonymity On-Demand Professional Development Academy
  11. 11. Background of the Darknet How Safe Is TOR? ● Like any part of the Internet TOR has its security threats ● YouTube, Facebook, Google, Email all pose a threat if you do not have good Anti-Virus ● TOR is no different and can be a threat especially if you click a site/link that is unknown On-Demand Professional Development Academy
  12. 12. Background of the Darknet How Safe Is TOR? ● TOR relies on Peer to Peer reviews and some use this as an indication to how safe a link is or a download may be ● EXTREME CAUTION MUST BE USED WHEN USING TOR On-Demand Professional Development Academy
  13. 13. RAMIFICATIONS STAFF ACCESSING TOR & YOUR STAFF • TOR is attractive to staff to use • TOR is well known amongst ‘Digital Natives’ as the site to download games, movies and TV shows • Staff need to be educated about TOR • Your Internet use policy should include a ban on using TOR or any Virtual Private Network (VPN) in the workplace On-Demand Professional Development Academy
  14. 14. RAMIFICATIONS STAFF ACCESSING TOR & YOUR STAFF • Your IT Security Advisor/Provider Should Block access to TOR and VPN’s • Ensure you have systems in place to log all attempts to access TOR and VPN’s • Ensure Firewalls are installed • Advise staff of accessing TOR and VPN’s is against the Firms Internet Use Policy & access attempts are logged On-Demand Professional Development Academy
  15. 15. Education Development Education Is The Key • Digital Natives are constantly pushing the Internet boundary • Digital Natives want everything yesterday • Digital Natives generally do not see any issue with copyright infringement for movies, music and the like • Porn is available all over the Internet from desktop to smartphones with one click On-Demand Professional Development Academy
  16. 16. Education Development Education Is The Key • The Darknet provides a marketplace for a wide variety of illegal substances, services, and communications. • It is more than just a black market-the Darknet also houses the most controversial political debates and sharing of information between dissidents, journalists, whistleblowers, extremists and trolls. On-Demand Professional Development Academy
  17. 17. Education Development Education Is The Key • The Darknet via peer group pressure tempts and lures staff to sites • Education is paramount and annual reinforcement is critical • Case studies need to be provided of where the use of TOR in the workplace can lead to dismissal On-Demand Professional Development Academy
  18. 18. Cyber security education development On-Demand Professional Development Academy
  19. 19. The Darket Brings Out The Scammers On-Demand Professional Development Academy
  20. 20. The Darket Brings Out The Scammers On-Demand Professional Development Academy The bravado I have witnessed as one of the founding Federal Agents in the Computer Crime Section in the mid 1990's, where we obtained Australia's first Jail sentence for a computer 'hacker' and now as a Cyber Law educator and consultant never ceases to amaze me. Most seem to have this 'untouchable' attitude where they believe that they have outsmarted law enforcement and intelligence agencies and large private sector IT security companies, only to eventually face the harsh reality that justice almost always prevails.
  21. 21. White, Black & Grey Hat Hackers Hacker Groups and Sub-Groups From experience and over the years, I have observed that hackers fall into three categories or sub-groups: • White Hats - generally work for security organisations and are assigned the task of improving and securing computer services by identifying and securing security flaws. . On-Demand Professional Development Academy
  22. 22. White, Black & Grey Hat Hackers On-Demand Professional Development Academy Black Hats - are a varied group who use their skills to cause problems for others and can be motivated by a range of motivations and skill sets: Some direct their destructive actions at a targeted company or group and are often referred to as 'angry hackers' A less skilled group with lower 'hacking' skills who use hacking tools to cause mischief for fun aka known as 'script kiddies' and; Those that are interested in political and economic upheaval and view technology as the means to accomplishing a goal aka 'agenda hackers'
  23. 23. White, Black & Grey Hat Hackers On-Demand Professional Development Academy Grey Hats - are independent security experts and consultants who are quite often reformed Black Hats. ● Hacking is quite simply 'unauthorised access and subsequent use of other people's computer systems' and can be correlated with everyday burglars who break into a house where in the world of computers it is a 'computer break in.’ ● One must look at how the hacker came about to committing the hack that defines what type of hacker they are.
  24. 24. Hactivisim On-Demand Professional Development Academy Over time we have seen another hacking term emerge and this is 'hacktivism' a term that denotes hacking for a political or activist purpose where at its worst can even be a 'terrorist attack'. It is believed that hacktivism emerged by joining hacking with activism where the hacking techniques are against a targets Internet site with the intent of disrupting regular operations such as web sit-ins, virtual blockades, automated email bombs, web hacks, computer break ins, computer viruses and worms. All of which in legal international and domestic legal instruments are referred to as 'illegal' or 'unauthorised' access and interception.
  25. 25. Peace of Mind Have you got the following covered? A. Workplace Internet Use Policy? B. Social Media Policy For The Workplace? C. Social Media Staff/Firm Reputation Management Training In Place? D. IT Security Reviews? E. Have a ‘White Hat’ Hacker test your staff with ‘Phishing’ attempts to see if they open links? On-Demand Professional Development Academy
  26. 26. Demystifying Cyber Security: The Darknet (Deep Web) 1 PD Unit

×