Sensitive data had a very bad year in 2018—and the year isn’t even over yet. In the last week alone, news broke of multiple breaches, including disclosures from Marriott and Quora, on the scale of hundreds of millions of compromised records. While the number of privacy regulations rose around the world, data steadily leaked from trusted retailers, agencies, and platforms. With the increase of large-scale breaches, what drives the underground economy for data on dark web markets? How will that change in 2019?
In The Year Ahead: Trends and Developments in the Dark Web Data Trade, Terbium Labs evaluates the trends and developments that shaped data privacy and the dark web over the past year. In addition to identifying the core themes that defined 2018, Terbium also offers three predictions for the year ahead, fueled by the changing landscape from criminal communities, new privacy legislation, and the rising tide of data compromise.
While we don’t want to give too much away up front (download a copy of the report here), it’s no surprise that data breaches were at the forefront of data privacy discussions throughout 2018. Breaches are increasing in volume and velocity, and, as this past week has shown us all too clearly, breaches now regularly impact millions and even hundreds of millions of records at a time. Third party compendiums of data play a significant role in the increased scale of data compromise, as demonstrated by the Exactis and Apollo breaches earlier this year—to say nothing of the prolific efforts of Magecart, who used a third-party access point to exploit payment information from Ticketmaster and possibly more than 800 other sites.
Data breaches are only one side of the problem, however: as of 2018, the dark web data trade is growing and thriving. After major dark web market takedowns with Operation Bayonet in mid-2017, a sense of normalcy returned to the dark web economy over the past twelve months. New markets rose to prominence after Alphabay, and while some crashed spectacularly, a few new contenders seem to be here to stay. The result is a more stable, but significantly decentralized ecosystem: none of the markets have the superpower status of Alphabay, but cyber criminals now have reliable enough platforms to get back to the business of buying, selling, and trading. Increased stability allows cyber criminals to build scalable fraud operations, but a shifting focus of law enforcement toward cyber-crime syndicates might derail this new market equilibrium.
Finally, we turn to the dark side of innovation. Innovation is key to new technology, increased security, and better privacy. But the pace of innovation also sets the pace of vulnerability. As technology develops, criminals find new exploits for old data or make a mad dash to cash out on sunsetting systems before they expire. The introduction of changing controls (like the adoption of EMV technology) might impact criminal behavior, but does not inhibit it. This dynamic does not affect the payments industry alone—look no further than the growth of SIM swapping to see the the creativity and adaptability of criminal enterprises in the face of evolving controls.
Data compromise, dark web markets, and the rapid iteration on new data-rich technologies shaped the narrative of 2018. What do these developments mean for the future of data security? What can organizations do to adapt? What does the future hold for sensitive data on the dark web?