Dark Web intelligence pro and cons

Dark Web Intelligence could help law enforcement and intelligence agencies to gather information on potential attacks. Which are the risks?

The increased number of cyber attacks against government entities and the hypothesis that the U.S. government should take an offensive strike against hackers who hit the countries raised the discussion on the problem of the attribution.

Prevention, mitigation and response to cyber attacks must rely on a deep knowledge of the potential attackers and their tactics, technique, and procedures (TTPs).

The analyzing of various sources is a critical factor to gather intelligence information on cyber threats and government entities are looking with increasing interest in the Dark Web. Intelligence experts are aware that cyber criminals, terrorists and lone hackers crowd the dark park on the web to communicate each other, to exchange information and for many other illegal activities.

The US Government analysts are confident that the analysis of the Dark Web data could help to warn industry about planned attacks.

However, this process is not so simple, as highlighted by security experts there are two factors to carefully consider:

  • The inherent difficulty in finding information on the Dark Web.
  • The risk to compromise the sources and the methodologies of information gathering, communicating the findings of the investigation to private companies.
  • The risk of triggering the companies potential victims of unpredictable reactions.

“Tipping your hand could mean compromising your sources close to the adversary and disrupt a valuable information-gathering process” explained Shane Harris, Daily Beast senior intelligence and national security correspondent, speaking at IBM’s i2 Summit for a Safer Planet.

By sharing the information with companies there are enormous benefits in the short terms, but as explained by Matthew Wong, director of intelligence for Flashpoint, there is the risk to lose the long-term gain of intelligence.

The question is “whether the government has a responsibility to help its citizens or its corporations,” said Wong “And sadly, the act of helping sometimes causes undesired effects. If you help a company, you’re risking your sources and methods, so that’s why the government sometimes doesn’t help citizens and companies even though it has the power and ability to do so,”  “You can have a short-term gain now, if you use this intelligence to protect this asset, and then you lose the long-term gain of intelligence and you potentially lose the ability to leverage that information to protect yourself in the long term.”

Part of the security community is convicted that divulging the information collected during the investigation, especially from Dark Web resources, may induce changes in the modus operandi of the attackers that are difficult to predict and would risk undermining the efforts of previous intelligence operations.

Keeping confidential the information collected during the information gathering activities could give the intelligence agencies and law enforcement the opportunity to conduct further researches on the attackers, profile them and uncover completely the infrastructure they plan to use in the attacks.

“Just because we have the intelligence to stop every intrusion doesn’t mean we should,” Wong said.

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW

10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase

X