The Internet is like an onion. (No, pun intended.) When one opens their browser to search Google, Yahoo, or MSN, only a thin layer of the Internet appears. The dark web is hidden from regular Internet browsers. It is part of the Internet that is not indexed by search engines. It is known for criminal and illegal activity, even though some sites are legal and legit. However, the dark web is as chaotic as it may sound because of the consistently shifting profiles of unmemorable URLs, special-use top level domain suffix such as .onion, and suddenly disappearing sites because the owner or scammer shut it down to skip town in a hurry. Watching the dark web for your information is valuable in the sense that you know it’s been compromised. There is little you can do to remove it from the dark web, but at least you will know to contact whom it may concern like credit card companies and the social security office before it is too late.
Even though the data the hackers mine and their collaboration with others is attempted to be hidden by covering their footprints, they still leave fingerprints. These fingerprints can be used to track and anticipate an attack much like the way the FBI will profile a serial killer and predict his next attack. With the quadrillions of fragments of information in the IoT, relevancy and context of tracked data is critical. Attackers can manipulate open source data to attack a business is by social media data, human intelligence, internet searches and dark web data. Forrester Research reports the following: 45% of people disclose their birthday on social media, 29% share their phone number online, 20% share their home address, 14% mention their mother’s maiden name, and 7% post their social security number. The attackers searching the web, dark web, or deep web can use this public information to create phishing scams, analyze a network or website for security flaws, launch attacks through mobile devices on or off site, leak confidential data.