The dark web is a component of the World Wide Web that is only accessible through special software or configurations, allowing users and website operators to remain anonymous or untraceable. The dark web forms a small part of the deep web, which is the part of the Web not indexed by web search engines. The dark web has gained more notoriety over the past few years and several large criminal investigations have resulted in seizures of both cryptocurrencies and dark web pages and sites. Criminal enterprises involving counterfeiting, hacking, ID and IP theft, narcotics, child pornography, human trafficking, and even murder for hire seek a haven in the mist of encrypted communications and payment, such as Bitcoin, to facilitate their nefarious schemes.
While mining the dark web is critical for many law enforcement investigations, we are also seeing increased focus on this important evidence in civil litigation. Fero v. Excellus Health Plan, Inc., (Jan. 19, 2018, US Dist Ct, NY), is one recent example. Fero arises out of a data breach involving healthcare provider Excellus Health Plan, Inc. According to the complaint, hackers breached Excellus’s network systems, gaining access to personal information millions of individuals, including their names, dates of birth, social security numbers, credit card numbers, and medical insurance claims information. The Plaintiffs brought a class action asserting claims under various federal and state laws.
Initially, the court dismissed the plaintiffs’ case, citing a failure to establish damages and actual misuse by the hackers who allegedly stole their information. However, after conducting a more diligent investigation, the plaintiffs submitted with their motion for reconsideration evidence that the plaintiffs’ PII was placed on the dark web. This evidence was summarized in an expert report providing the following conclusion: “it is my opinion to a reasonable degree of scientific certainty that PII and PHI maintained on the Excellus network was targeted, collected, exfiltrated, and put up for sale o[n] DarkNet by the attacker for the purpose of, among other things, allowing criminals to purchase the PII and PHI to commit identity theft.” Fero, at 17. Based on this information, the court granted the motion for reconsideration and denied the defendant’s motion to dismiss. In other words, the dark web evidence was game-changing in this high-profile class action suit.
Cases like Fero v. Excellus Health Plan illustrate that dark web evidence is essential for criminal and civil litigation matters alike. Dark Web investigations do require specialized knowledge and tools to execute. For instance, X1 Social Discovery can be easily configured to conduct such dark web investigation and collections.
Recently, Joe Church of Digital Shield led a very informative and instructive webinar on this topic. Joe is one of the most knowledgeable people that I’m aware of out there on dark web investigations, and his detailed presentation did not to disappoint. Joe’s presentation featured a concise overview of the dark web, how its used, and how to navigate it. He included a detailed lesson on tools and techniques needed to search for and investigate key sources of evidence on the dark web. This webinar is a must see for anyone who conducts or manages dark web investigations. Joe also featured a section on how to specifically utilize X1 Social Discovery to collect, search and authenticate dark web evidence. You can review this very informative 30 minute training session (no sign in required) by visiting here.