The Deep Web was a topic of much speculation at this year’s Infosecurity Europe following a key note address by Troels Oerting, the head of the European Cybercrime centre. The issue, said Oerting, was that law enforcement agencies found it hard to penetrate the Deep Web making it hard for those fighting cyber crime to ‘do their homework’ and understand the motivations and technologies that cyber criminals are using. Clearly such insights would be welcome in a world where not a day seems to go by without another data breach or hack being reported.
The challenge faced by Oerting, and his counterparts around the world, is only set to get more complex as the number of people connected to the Internet is expected to exceed four billion in the not to distant future. The use of mobile devices, rather than fixed line PCs, will further make it harder to track criminals as they can dispose phones, disengage GPS and use a whole host of other tricks to stop themselves from getting caught. Such is the prevalence of the Web underworld that it is even set to be to subject of a new TV series: CSI Cyber. I kid you not.
But away from Hollywood, what are the key facts you need to know about the Deep Web and what risk does it pose to your business? The reason the Deep Web is such a concern for companies is because it has essentially become a marketplace for a wide variety of illegal content from child abuse images, money laundering, copyright infringement and unauthorised leaks of sensitive information to name but a few.
From an enterprise perspective the challenges posed by the deep web are twofold. Firstly there is a risk that employees could be unintentionally – or otherwise – accessing content in the Deep Web whilst at work and potentially providing them with the open back door they need in order to pilfer your corporate assets. Secondly, if you can’t see the Deep Web – heck even the FBI can’t see all of it – how do you keep the bad guys out and ensure that illegal or inappropriate content is blocked?
This whole situation presents something of a Catch 22. The Internet is increasingly a valuable economic resource, so shutting it down simply isn’t viable, but equally companies need to protect themselves. The key here is to make sure that you have a real-time security landscape. All too often security technologies only alert a company once an incident has happened – but by then it’s too late. A delay of even a minute is too much. Real-time security that responds immediately to user requests is essential in the fight to ensure companies don’t fall victim to the Deep Web.
Mark Gibson, sales director, Bloxx
Bloxx offers Web and email filtering and security for medium and large organizations in both the business and public sectors. Bloxx has achieved unrivalled sales growth year-on-year to become a leading Web filtering provider with an estimated 6 million+ users worldwide. To find out more about Bloxx content filtering and security email [email protected] or visit www.bloxx.com.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.