The Darknet and online piracy threats to pay-media services

The awareness of the darknet has been increasing in recent years. Yet, the scope of it nowadays is not only limited to the supply of illegal drugs or fake passports but also online piracy. Pay-media service is one of the most severely impacted industries and therefore understanding what the darknet is and how it works will give you a better understanding on how to reduce online piracy.

What is the Darknet?

To answer this question comprehensively, we need to dig deeper into the vast Internet world. This ecosystem can be broken down into 3 layers.

  • The Clearnet, often referred to as the Open Web or Surface Web, is the surface layer of the Internet used by billions of users worldwide. This term contains all public-facing websites that can be easily accessed via typical web browsers, such as Google Chrome, Firefox, Safari and many more. Those sites can also be indexed and organized via search engines. However, this searchable content occupies only 5-10% of the Internet space.
  • The middle layer is the Deep Web, which surprisingly accounts for approximately 90% of all websites on the Internet. This is an overarching term for all websites that purposely request not to be indexed and are therefore unidentifiable by conventional search engines. Websites on the deep web do not always equate to illegal activities. They can contain completely legal websites like databases, academic resources, or intranets that are concealed for various reasons.
  • Finally, at the bottom layer is the Darknet, interchangeably also called the Dark Web. It is a part of the Deep Web that is anonymous and only accessible via specific software, such as The Onion Router (TOR) or Invisible Internet Project (I2P). Due to its anonymity, the darknet naturally attracts criminal activities. A lot of virtual black markets thrive on unlawful transactions, using cryptocurrencies to purchase goods or services. For that reason, the Dark Web is often linked with the sales of illicit goods or services, like drugs, weapons, fake passports, and so on.

How does the Darknet work?

The darknet connects computers by employing its own communication protocol overlaying the conventional Transmission Control Protocol/Internet protocol (TCP/IP). It relays the internet traffic through multiple proxies worldwide to break the direct link between Internet Service Providers (ISPs) and their clients. The website’s information, such as its host, location and content, is processed through multiple encrypted layers on TOR or I2P, providing their users anonymity and privacy.

The impact of the Darknet on the paid media industry

Beyond the sales of prohibited goods and services, there has been a growing demand for customer databases, particularly for compromised pay-media services subscription credentials. Account credentials bought at a wholesale rate on the darknet, they are sold for maximum profit (averaging 300% markup) to be used in the Clearnet. That’s a tidy profit flowing into the pockets of cybercriminals.

However, in recent years, the dark net has also become a tool for law enforcement to investigate cybercrime. Alongside the illicit credential sharing and other illegal transactions on the dark web, many more information-based activities take place. The dark net is now used by both criminals and police alike, masked by anonymity in the apprehension of criminal activity.

It serves as a useful information pool where cybersecurity experts can learn directly from the criminals about how they target, prepare and execute attacks on vulnerable websites or streams. The cybersecurity experts can then use the information to their advantage with valuable insights on where another attack might take place and intervene at the right moment.

The uses for cybersecurity experts extend beyond piracy and credential sharing and in extreme cases, collaborate with both Interpol and Europol for the apprehension.

What does the process of apprehension look like?

Law enforcement agencies, such as European Union Agency for Law Enforcement Cooperation (Europol) and International Criminal Police Organization (Interpol), have made headway in locating and apprehending cybercriminals operating on the dark web. Interpol even developed their own simulated dark web to train law enforcement officers in how criminals on this platform operate. In some situations, projects may require higher technical expertise that are best handled by specialists from external cybersecurity firms.

By combining the skills of legal and law enforcement specialists, cryptography experts, forensic analysts, and security software engineers, external cybersecurity firms can support each stage of the investigation and enforcement lifecycle. This enables to identify, investigate, and obtain support for civil and criminal prosecutions.

What can be done to mitigate the threat from the Darknet?

To start with, it is important to identify which pay-TV operator’s database has been compromised and the extent of the attack. The next step is to validate whether the account credentials for sale on the darknet are legitimate. Once validated, evidence is then gathered to support civil or criminal proceedings.

However, given the anonymity of the darknet, it is easier said than done. Monitoring, detecting and investigating such activities require specialized expertise, particularly since many Clearnet tools and techniques are not transferable. That’s why we are here to help pay-media operators protect their brand and revenue streams against ever-increasing reach of online piracy.

Need help fighting online piracy?

Contact us today!