Cloud Hosting

By Cullen Browder, WRAL anchor/reporter

Raleigh, N.C. The recent ransomware attack on the Colonial Pipeline has raised new concerns about cybersecurity.

Cyberattacks have grown during the coronavirus pandemic, and sites on the dark web are thriving with information and good obtained through those hacks, according to security experts.

"Theyve got everything from bank logins, credit cards, corporate intelligence," says Neal Bridges, a cybersecurity expert and chief content officer for Cary-based INE. "There are quite a few known dark net marketplace websites that sell anything from drugs, guns, fake IDs, passports, credit card numbers, personal identifiable information."

Most people surf the surface web, which accounts for only 4 percent of the internet. The deep web, which includes protected sites for medical and legal records, accounts for about 90 percent. The remainder is the dark web and its illicit activities.

Using a special browser to hide his identity and navigate the dark web, Bridges searched "Carolina" on one site and found plenty of hits:

"Theres a database leak from the NorthCarolina.gov website," he said,

The majority of the personal information on the dark net was stolen through hacking or email scams, he said.

Simon Migliano, who researches sales trends on the dark web, said regardless of how the information is obtained, business has been booming during the pandemic.

"Weve probably seen some of the most interesting movement over the past couple of years in the last 12 months," he said. "What I would say is since the pandemic theres been a lot more listings."

Migliano attributed the increase to lockdowns that had more people at home spending more time on the internet buying more services and goods to survive the isolation.

"Were seeing a lot more lifestyle brand accounts for sale on the dark web that weve never seen before," he said. "The users on many of these accounts you're finding on the dark web now, like Peloton, may not have had a lot of online accounts before but are being forced to use more online accounts because theyre stuck in their homes."

Among the pandemic-fueled items found by Migliano, Instacart account information going for more than $22, Peloton accounts at almost $18, Drizly, the alcohol delivery service, and Amazon Prime Video at just above $13 per account. None was on the hot list in 2019, he noted.

"Theyre fresh blood, so to speak," he said, adding that the new accounts contain the most recent email addresses and passwords used by consumers.

Debit and credit cards, as well as bank information, still garner top dollar on the dark web. But it takes only one username and password for a cyber criminal to hit the jackpot. They can take that combination and run it through programs that submit it to hundreds, if not thousands, of other businesses.

Making it a volume business lets criminals keep their prices low enough that law enforcement is less likely to get involved.

"The risk/reward factor for hackers is definitely in favor of the hackers," Bridges said.

Both Bridges and Migliano urged people to use password managers and two-factor authentication to protect their account and personal information and to limit the potential damage if any of it does end up in the wrong hands.

"You have to be more diligent than what youre used to right now in protecting your personal information, your financial information and just everything about your digital life," Bridges said.

Original post:
Another COVID-19 side-effect: Booming business on dark web - WRAL.com