Cyber criminals have access to most-secured corporate data files on Dark Web: Researchers
New York: Cyber criminals now have access to the most-secured data files used to facilitate confidential communication between organizations’ servers and clients’ computers on the Dark Web, say researchers.
According to the team from Georgia State University and the University of Surrey, a thriving marketplace for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) certificates exists on a hidden part of the Internet
SSL and TLS are security technology (https protocol) that protects the transfer of data and information between computers and servers.
Networked machines use keys and SSL/TLS certificates to identify and authenticate themselves when connecting to each other, much like humans employ user names and passwords to go online.
According to the researchers, when these certificates are sold on the dark web, they are packaged with a wide range of crimeware that delivers machine identities to cyber criminals who use them to spoof websites, eavesdrop on encrypted traffic, perform attacks and steal sensitive data, among other activities.
“One very interesting aspect of this research was seeing TLS certificates packaged with wrap-around services — such as Web design services — to give attackers immediate access to high levels of online credibility and trust,” informed lead author David Maimon, Associate Professor in Georgia State.
A search of five marketplaces in the dark web uncovered 2,943 mentions for SSL and 75 for TLS.