INTHEBLACK October 2021 - Magazine - Page 50
F E AT U R E
// D A R K W E B E C O N O M Y
Left: Manhattan District
Attorney Cyrus Vance Jr.
announces the takedown
of a crime ring run on the
dark web. Three individuals
were arrested in
connection with the sale
of counterfeit medication
on the dark web.
Below: A screengrab of
a darknet webpage.
“PEOPLE SAY
THAT WE DON’T
HAVE THE
RESOURCES
TO GO AFTER
CYBERCRIMINALS.
WHY NOT TAKE
THE PROCEEDS
OF CRIME ON THE
DARK WEB?”
TOM KELLERMAN, VMWARE
50 ITB October 2021
virtual currency has the capacity to disrupt or freeze any
capital when called upon by law enforcement.
“Right now, these entities are just turning a blind
eye to their digital currency being used for nefarious
reasons, because there’s no pressure on them to do
anything,” says Kellermann.
He argues that policing could be far more effective
if the money seized from the dark web was used to
fund critical infrastructure protection.
“People say that we don’t have the resources to
go after cybercriminals. Why not take the proceeds
of crime on the dark web? When law enforcement
agencies take down a big drug kingpin, they seize
their house, cars and cash, and those assets are
redistributed to fund law enforcement activity.
There’s no real difference here with the dark web.”
One of the challenges is tracing the money, which
is laundered multiple times in a short space of
time. Another challenge in catching the criminals
themselves is the protection they receive from some
government regimes.
“These rogue nation states truly embrace their
cybercriminals as national assets,” says Kellermann.
“They have made them untouchable from Western
law enforcement.”
HOW TO PROTECT YOUR ORGANISATION
As the first line of defence against cybercriminals,
Lemon recommends enlisting a cybersecurity firm
to monitor activity on your organisation’s behalf.
“They’ll do things like keep an eye on keywords,
email addresses or IP addresses that might relate to
your organisation.
“Some of these forums require a high level of
trust. Someone might say that they have access
to something relating to Company XYZ, but it
takes a level of interaction with the criminal to
actually understand what it is that they’re selling,”
says Lemon.
Employees at all levels of the organisation need
to receive cybersecurity training, including being
aware of their web browsing behaviour, because
cybercriminals often steal login information by
masking a fake website as a legitimate one.
Training should also focus on safety around
what can and cannot be installed on work
computers, and making sure any downloads
come from a legitimate source. Another tip is to
implement two-factor authentication, because it
means that simply stealing login details will not
result in access.