Inside Dark Web Economy: Cybercrime, Data Breaches, and Crypto at Play Despite 26% of the dark web's user base originating from India, awareness remains alarmingly low. In BRICS nations, only 28% of people are familiar with the dark web

India has emerged as a major target for cyberattacks, witnessing a surge that outpaces the global average. According to a recent report by Check Point Research, cyberattacks worldwide increased by 30 per cent in Q2 2024 compared to the previous year. However, India saw an even steeper rise of 46 per cent putting critical sectors and the Indian population at significant risk.

The rise in cybercrime has fueled economic activities on the dark web—a hidden part of the internet where illicit transactions flourish.

Explaining the dark web ecosystem, Alankar Saxena, Co-founder and CTO of Mudrex, says,"Since its emergence in the 1990s as a forum for topics like gaming and books, the Dark Web has evolved into a hub for illicit activities. Today, it hosts ransomware services, stolen data marketplaces, and tools for cybercriminals to exploit IT infrastructure and consumer data."

A report from Enterprise Apps Today, titled "Dark Web Statistics 2024," highlighted that the dark web constitutes approximately 5 per cent of the entire internet, with an estimated 500,000 individuals regularly accessing its marketplaces and around 2.5 million daily visitors in 2023.

It remains a hub for illegal activities, with about 56.8 per cent of its content linked to illicit purposes, including financial fraud, Illegal file sharing (29 per cnet of content), and cybercrime.

"The dark web has become a hub for illegal activities, including the sale of stolen data, goods, and services. Cybercriminals use marketplaces that function like legitimate e-commerce sites, complete with customer reviews and bulk deals. There has also been a shift from traditional forums to encrypted messaging apps and social media for illicit transactions, making it harder for authorities to track these activities," explains Sunil Peter, Vice President – Global IT, Maveric Systems Limited.

The report also stated that approximately 543 million assets linked to Fortune 1000 employees are available, while ransomware-related breaches have doubled each year over the past two years. Users can purchase 1,000 high-grade malware attacks for USD 5,000, cloned credit cards with PINs for USD 25, and stolen PayPal accounts with a minimum USD 100 balance for USD 30. A complete identity theft package costs just over USD 1,000.

Indian businesses at risk

Businesses are the most vulnerable and have direct threats from the dark web ecosystem—a single breach attack brings great financial loss, impacts the reputation of the company, affects its user base, and further complicates legal consequences. Also, once malicious actors have access to sensitive data, they can destroy the data or sell it over the dark web. Additionally, the company is always under threat of future attacks.

Despite 26 per cent of the dark web's user base originating from India, awareness remains alarmingly low. In BRICS nations, only 28 per cent of people are familiar with the dark web.

"For Indian enterprises, the stakes are particularly high. Rapid digitalization and, in some cases, weaker cybersecurity measures have made them attractive targets for cybercriminals operating on the dark web," says Neehar Pathare, MD, CEO & CIO, 63SATS.

Amit Jaju, Senior Managing Director, Ankura Consulting explains "In India, the dark web is primarily used for trading stolen databases (42 per cent of listings), access credentials (23 per cent), and carding services (10 per cent). Hacktivist activities have also increased, with sensitive data often leaked for free when ransom demands are unmet."

Echoing the same concern, Avinash Shekhar, Co-Founder & CEO of Pi42, highlights data from cybersecurity firm Lisianthus: "At least 20 per cent of cybercrimes in India involve attackers leveraging the dark web. In a recent incident, a massive security breach exposed the personal data of 750 million telecom users in India, with this data being sold on the dark web."

"Protecting data post-attack should be a top priority for the industry. Star Health breach exposed massive amounts of customer data and personal information. This breach could have been mitigated and better controlled by immediately revoking data access and enforcing strict policies to prevent unauthorized sharing or printing of sensitive information," says Vishal Gupta, Founder and CEO, Seclore.

Cryptocurrencies at the major play

Cryptocurrencies play a crucial role in dark web transactions, with Bitcoin remaining the primary currency, though Litecoin and Dash are gaining traction.

Discussing crypto-enabled financial crime, Jaspreet Singh, Partner at Grant Thornton Bharat, states, "Crypto-enabled financial crime surged 70 per cent year-on-year, with India contributing 6.9 per cent of global cyber attacks."

To counteract crypto fraud, Mohan Krishnamurthy Madwachar, Country Manager at Sattrix, suggests, "Businesses and regulators should collaborate to tighten cryptocurrency regulations, enforce KYC (Know Your Customer) and AML (Anti-Money Laundering) rules, and update laws to cover cryptocurrency-based crimes."

Along with other regulatory measures, Aishwary Gupta, Global Head of Payments at Polygon Labs, emphasises on establishing public-private partnerships to share intelligence and best practices for addressing "crypto-related crimes."

The way forward

The Digital Personal Data Protection Act (DPDPA) is an important step in strengthening India's cybersecurity landscape. Munish Gupta, President & Global Head - Cybersecurity, Inspira Enterprise, explains,"The DPDPA is a timely and necessary move by the Government of India. It provides a legal framework to safeguard personal data, raise awareness, and ensure the rightful collection, processing, and storage of data."

Indian enterprises must harness DPDPA, GDPR, RBI cybersecurity guidelines, CERT-In advisories, and industry best practices to "protect consumer privacy, enhance cybersecurity compliance and mitigate risks from dark web threats," Gupta concludes.