Thursday, September 24, 2015
The Dark Web - What are Your Website Security Measures?
Cyberspace is still full of unknowns to explore and I found it fascinating to know that the World Wide Web can be divided into two segments: the “Surface” web and in the shadows, the Deep web. The Surface web is all the content that can be indexed by the public search engines and is estimated at 15-20 billion web pages or 4% of all pages. The Deep web is a place that is not indexed by search engines and is ball-parked at 400-500 times bigger in the number of pages. These deep web websites typically are password protected and thus cannot be accessed by search engines.

 

 

Your entry to the deep web requires anonymity and begins with a special browser called TOR short for “The Onion Router,” that enables anonymous communication on the internet. The USA Naval Intelligence community initially developed the TOR web browser software as a spy craft tool in the mid 1990s; it was designed to prevent network surveillance and traffic analysis. It is now an open source project  (free to use) with an estimated 36 million users and has been used by military, police, journalists, political activists, whistle blowers and the underground economy or the Dark web. The story of Silk Road is the most notorious Dark web story; it was launched in 2011 (taken down 2 years later) and was an online illicit market for the drug trade using bitcoin currency as their ecommerce model. It was a TOR based website that enabled encrypted computer-to-computer communications. TOR websites typically have a .onion in the address instead of .ca or .com.

 

It seems that there is always a new hacker attack in the news launched from the Dark web. So, what can a small publisher do to protect themselves online and protect their readers and customer’s identities from these villains? First, rate the potential of an attack on your company’s data based on what they are looking to harvest from your site for free by some creative means. Sooner or later hackers looking for vulnerabilities will visit your site in their search and sniff web robot software programs (Bots).
 

Hacker’s Wish List
  1. Credit Card Numbers – Financial Fraud is a constant threat
  2. Contact Information – Identity theft and spammers
  3. Email Addresses – Spiders scraping sites for email addresses for spammers
  4. Fake Article Comments (HAM) – Paid campaigns from content shapers
  5. Free Content – Content scraping by fake websites using SEO link inflators
To protect your website from this online litter I chatted with Martin Smith, CTO at Newcom Business Media and he suggests the following practices to maintain security for small publishers that don’t have a big web development team.

1. Web Server - Who is your hosting provider? Typically the hosting provider provides the initial layer of protection to your website as the web servers are located in a hosting datacenter with the latest hardware security for protecting your website as they will provide the initial security layer.

2. CMS Software upgrades
– Next is to make sure your CMS software is to up to date as hackers like to exploit outdated software. There are regular updates for open source content management software like Drupal, Joomala and Wordpress that most small publishers use.

3. Online touch points – Email, comments, subscription, commerce forms.
Martin suggests 3rd party service providers for these functions whenever possible. This approach enables them to hand off security concerns to the service provider and allocate resources elsewhere. To minimize the risk during a hacker attack ensure that all your web forms are cleared on a weekly basis and transfered to another database that is not connected to the website.

You have to admire the creativity and entrepreneurialism of the huckster mind with all the scams and hacker activity that I have witnessed and learned about during my career. This negative presence is part of the everyday fabric and will never go away (the Yin/Yang theory of life), so education or digital street smarts is still the best weapon to keep the negative forces in balance. The price of freedom is the right of “freedom to choose” and some people choose to do this to earn a living. They would be great assets to society if we could get them back from the dark side.
- Martin Seto
About Me
Martin Seto

 
Martin Seto is the principal of Reflex Media, a media consultancy practice offering media owners digital publishing, event management and ad sales help. His media expertise also include working with ad agencies as a media buyer/planner for tv, radio, print, outdoor, magazine and online. He has been in the advertising and media industry for 25+ years and he has been an instructor/speaker with Centennial College and at magazine conferences across Canada. He can be reached at marty(dot)seto(at)
reflexmediasales.com or 416-907-6562, and on LinkedIn.

Most Recent Blog Comment
Adriel says:
The "Acceptable Ads" program offers a decent solution. It is enabled by default in the major adblock...
Blog Archive
2017 (11)
2016 (14)
2015 (12)
2014 (12)
2013 (12)
2012 (12)
2011 (12)
2010 (8)