Will Encrypted Messaging Services Become the New Dark Web?
Attaining a secure information exchange is a challenge within the current digital landscape.
Authorities and surveillance agencies are increasingly poking their nose into our personal lives, all with the facade of maintaining law and order.
But even if we manage to swallow this bitter pill for the greater good and succumb to online surveillance, cybercriminals are always the looming threat.
But let’s backtrack a bit! The very notion of any third party monitoring our data is nonetheless blood-curdling. Therefore, encrypted messaging services have become more or less a dire need.
However, like every good privacy enabling tool, helping innocent people gain internet freedom, these encrypted messaging services can potentially face exploitation.
Such as the TOR network designed for online anonymity now has a tainted reputation due to its connection with the dark web.
And now, encrypted messaging services will likely become the modernized dark web version! But how is that even possible?
These services offer end-to-end encryption, significantly hindering external parties from intercepting or spying on private exchanges.
Although these platforms serve vital roles in protecting the privacy of whistleblowers and activists, they also present opportunities for misuse by cybercriminals engaged in unlawful activities.
For example, Telegram, a well-known encrypted messaging service, has seen a rise in its use for distributing hacked data, trading hacking tools, and facilitating illegal deals.
The discussion concludes by highlighting the necessity of upholding one’s cybersecurity and the reliance on law enforcement agencies to apprehend cyber offenders.
Encrypted Messaging Services - An Introduction
Encryption has long been a secure and reliable method of securing information and internet traffic. It is the method that converts data into unreadable form preventing anyone other than the intended receiver from viewing it.
Quite like that, an encrypted messaging service or secure messaging ensures data protection and security while in transit. These platforms protect anyone from monitoring or snooping into private conversations.
These services provide end-to-end encryption to ensure protection from the sender-to-receiver end and vice versa.
Within various apps, this end-to-end encryption also extends to phone calls made on these applications.
This end-to-end encryption method is by far the most secure method of information exchange and communication.
Its security stems from the fact that the encryption occurs at the device level-meaning that the data gets encrypted before it leaves your device and only gets decrypted once it reaches the receiver’s device.
With this, while in transit, the information remains secure, and any threat actor willing to monitor or snoop into information does not have access to it since they don’t have the designed decryption key.
Instead, secure messaging services have secret encryption and decryption keys embedded within the user’s device, making it harder for any theta actor to access it.
This end-to-end encryption method utilizes the private-public key pair, which uses separate cryptographic keys for encryption and decryption of messages at respective ends. The public key encrypts a message allowing users to send secure messages.
The private key works in harmony with the public key and is already present with the receiver. It decrypts the encrypted message sent through the public key.
Each person has its own set of public and private cryptographic keys within end-to-encryption deployed by encrypted messaging services.
How Can Encrypted Messaging Become the Dark Web?
The dark web is the deepest part of the internet, where secretive activities often occur.
While it is notorious as a digitized criminal underworld, the dark web has initially been a platform for anonymous information exchange, which is why whistleblowers, activists, and even journalists often use it.
While the dark web is notorious for criminal activity, it continues to thrive as the users remain inaccessible to the government and surveillance agencies.
They access the dark web through the TOR network, which maintains online security and anonymity.
Therefore any information exchange that goes on over the dark web can potentially remain hidden from law enforcement and surveillance agencies, making it a suitable place for illicit activities,
When it comes to encrypted messaging platforms, things are somewhat similar. They protect user identity and privacy through a strict no-log policy and secure encrypted messaging.
Admittedly these measures allow secure information exchange and help maintain online privacy. And that is undoubtedly a good thing since privacy is a fundamental human right.
However, cybercriminals can use such platforms for various illicit activities.
Secure encryption and the absence of logs hinder surveillance agencies from monitoring online activities on encrypted chat platforms giving threat actors the liberty to use them for their evil intentions.
Encrypted Chat Platforms the New Dark Web - Threat or Reality?
So far, the notion of encrypted chat platforms getting exploited for illicit activities has largely been a concept.
This very concept has led various surveillance groups into pressuring private messaging and email platforms into sharing user information. A good example is ProtonMail.
However, threat actors have taken to breathing life in this concept over Telegram.
One of the secure messaging platforms that came into popularity after WhatsApp’s disturbing privacy policy is Telegram.
Launched in 2013, Telegram has more than 500 active users primarily because the platform is secure and easy to use.
Moreover, it has several features that make it an ideal platform for extensive group activities, such as:
- Allowing users to broadcast messages via channels
- Users can create public and private groups that are easily accessible
- File sharing is easy, and users can send or receive large files, including text and zip files.
Such features and security have helped the platform receive popularity, and now it has exploded as the hub of criminal activities.
Threat actors have started using this secure messaging platform to share stolen data and hacking tools or carry out the drug trade.
Previously, there have also been issues of fake vaccine card sales on Telegram.
In recent research conducted by the cyber threat intelligence group Cyberint, a growing network of hackers sharing data leaks and carrying out illegal activities was discovered.
There was massive information trade going on with hackers sharing information like:
- Compromised email passwords and access to sites such as Netflix.
- Stolen financial data such as credit cards and bank account information.
- Copies of passports
- Malicious software, exploits, and hacking guides.
All such activities are starkly similar to what is present over the dark web, which is nothing less than alarming.
Other private and encrypted chat applications include Signal and Session.
What to Do Now?
Threat actors have long since been exploiting secure platforms, and they will most likely continue doing that in the future.
Amidst this, we can’t surely stop using cybersecurity tools because we need to remain private and secure online, and there is no third party that can be trusted with private information.
Therefore, the best course of action we can take is to ensure our cybersecurity, avoid harmful activities, and hope that law enforcement is quick to catch cybercriminals.