Dark web intelligence company Searchlight Cyber has announced the launch of Stealth Browser – a new, secure virtual machine for cyber professionals to access the dark web and conduct investigations anonymously, reducing the risk to themselves and their organisation.
Stealth Browser is an enhancement to Searchlight’s Cerberus investigation platform, which is used by law enforcement agencies, enterprises, and MSSPs to uncover criminal activity on the dark web.
The dark web consists of sites that are not indexed by popular search engines such as Google, along with marketplaces for stolen data and cybercriminal services.
Operational intelligence on what transpires on the dark web can be highly useful for security teams and critical in defending organisations against cybercriminals using compromised accounts to enable attacks, commit fraud, or conduct campaigns using spear-phishing.
However, accessing the dark web carries risks for the investigator and their organisation’s infrastructure, with accidental malware installation, exposure of digital fingerprints/proprietary IP addresses, and inadvertent leaking of sensitive information among the potential dangers.
Stealth Browser reduces risks associated with accessing the dark web
Stealth Browser reduces the risks associated with accessing the dark web by masking the investigator’s digital fingerprint, allowing both novice and experienced investigators to quickly and securely access Tor and I2P onions on the dark web, Searchlight Cyber said in a press release.
Stealth Browser allows the investigator to generate a virtual machine directly from any internet browser, without the need to install any software.
This contrasts with the complex setup usually required to safely access the dark web and allows analysts to get the relevant information they need more easily, without the need for lengthy administrative and approval processes, according to Searchlight Cyber.
Many organisations struggle with providing scalable and secure access to investigate threats on the dark web, said Ben Jones, CEO and co-founder of Searchlight Cyber.
“Stealth Browser was created to allow any threat analyst, regardless of expertise, to get the information they need while always staying safe and secure,” he added, with a focus on protecting threat hunters and investigators when collecting intelligence on cybercriminals and malicious actors who are lurking on the dark web.
Some organisations, sectors need dark web access more than others
Not all organisations need direct access to the dark web for threat monitoring purposes.
Some can benefit from tools like extended detection and response (XDR) or services like managed detection and response (MDR), which both commonly ingest data gleaned from sources on the dark web to identify compromised accounts, calculate risk, and provide context.
However, some industries, notably government, financial institutions, and certain high-profile IT security businesses, may have a need for more direct access to intelligence only directly available from sources on the dark web.
In many cases, these companies are looking for something beyond leaked credentials or corporate data – scanning for intelligence on threat actors, evolving attack vectors, or exploits.
In general, individual businesses won’t have the required contacts with internet services providers, cloud hosting platforms, and even law enforcement, to effect takedowns on their own.
Digital risk protection services (DRPS) offer service-based solutions that cater toward protecting brands through monitoring (including the dark web) and more hands-on methods like site takedown services.