Beacon, A Dark Web Search Engine Can Be Your Eyes In The Internet Underworld
Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.
"Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec CTO Michael Raypold. "We’ve designed Beacon to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the dark web as easy as using a surface web search engine."
The idea behind Beacon is that it can be used by a company to potentially head off -- or at the very least mitigate -- a potential disaster. Since the bulk of the data on the dark web is essentially unstructured, the Echosec team crawled the dark web, indexed its content and then build a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the dark web.
Keep in mind, of course, that not everything on the dark web is illegal.
Says Raypold, "The dark web is a place where you can source illegal or illicit materials because the inherent privacy and anonymity baked into platforms like the TOR network makes buying and selling these goods easier to achieve without repercussions. However, that isn’t to say everything on the dark web is illegal. News organization like the NYTimes and Pro Publica maintain Onion sites for their more privacy-conscious users and to help disseminate news that might otherwise be censored." Still, much of the dark web's content was acquired illegally and can be misused to spread misinformation, victimize vulnerable populations, execute social engineering exploits, or engage in various forms of identity theft.
Of course, a security tool is but another weapon in the wrong hands, and weapons can be misused; it's one thing for a pen-tester or white-hat hacker to be in possession of systems that can locate or uncover data, but what about someone finding a way to misuse Beacon? While Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger.
"First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced," says Raypold. "If a potential customer cannot pass the use-case approval process, they do not get access to the system."
Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.
"The checks built into the platform will outright prevent some searches from being run, so that users never receive data that we perceive could be used with malicious intent. Furthermore, some of the vendors from whom we source data have asked us to prevent certain queries from being run, regardless of a customer's use case," says Raypold. (Naturally, the company publishes an "acceptable use" policy, which can be found here.)
Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets, and other sensitive data. White-hat hackers -- such as pen-testers -- could conceivably be a market as well, but the company feels that would be fairly uncommon. And if it did occur, it would simply be viewed as an example of contracted security experts acting on behalf of the ultimate corporate customer.
However (and by whomever) Beacon is used, it looks as if the murky landscape of the dark web is no longer quite as dark as it once was.