INterview with Mark Turnage, OWL Security CEO
Wednesday October 19, 2016
Mark Turnage is CEO of OWL Cybersecurity. Prior to that he was CEO and vice chairman of OpSec Security Group, a global provider of anti-counterfeiting technologies and online brand protection. While at OpSec, Mark oversaw 19 acquisitions, the listing of the company on NASDAQ, the sale of the business and subsequent re-listing on the London Stock Exchange, and then the subsequent sale of the business to a private equity group.
Before his operating roles, Mark was a consultant with McKinsey and Co., and a practicing attorney with Davis, Graham and Stubbs. He is a graduate of Yale Law School, Oxford University and the University of Colorado-Boulder.
He serves on numerous corporate and non-profit boards, and is a private investor in technology, software, and manufacturing startup companies. He is also a senior adviser to the Colorado Impact Fund and a technology adviser to the Blackstone Entrepreneurs Network.
Mark speaks Spanish and Arabic, is married with four children and lives in Denver. His favorite Colorado activities are skiing, biking, golf and triathlons in the summer.
Q: What exactly is the Darknet and how did it come about?
A: Before we dive into what the Darknet is, let’s quickly explore the parts of the Internet with which we are more familiar. The websites we browse each day make up only a small percentage of the Internet. These sites, collectively known as the surface web, are visible and accessible through common search engines such as Google and Yahoo.
Below the surface web is the deep web, which consists of content that cannot be found or directly accessed via conventional search engines, such as company servers, cloud-based services, home networks---most of which require password access.
Below the deep web is the Darknet. The Darknet is only accessible with special tools and is built to purposefully hide the identities of users and guarantee anonymity.
When someone says they've been on the Darknet or the dark web, odds are they're talking about Tor and the Tor browser. Tor is the most popular part of the Darknet, allowing users to anonymously access millions of dark websites.
Tor was originally designed, implemented and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. The United States was looking for a way to secure and anonymize defense and intelligence communications for operatives both at home and abroad. In October of 2003, the Tor network was launched and the Tor code made free and available to all under a license from MIT.
Q: Who uses the Darknet and why?
A: While most of what you've likely heard or read about the Darknet and dark websites involves illegal or nefarious activity, there are many legal uses for the Darknet:
- Many law-abiding individuals care about their privacy and want to keep their online activity private from third-party monitoring.
- Law enforcement and members of the military use the Darknet as a source of information and in support of apprehending criminals.
- People living or working in countries being led by oppressive regimes will often take to the Darknet for a myriad of reasons, including access to the Internet in areas where the Internet is restricted and for political activism.
- Journalists leverage the Darknet for encrypted communications to protect both themselves and their source(s).
Of course where there are valid uses for anonymity, there are also criminals looking to use the anonymity of the Darknet to their advantage. The largest volume of Darknet sites involve drugs and sites for the buying and selling of a variety of goods and services. Business-relevant data typically found on the Darknet includes:
- Stolen credit cards
- Personally identifiable information
- Counterfeit documents
- Copyright infringement/intellectual property
- Attack or breach chatter
- Viruses, malware, vulnerabilities
Q: Why does OWL Cybersecurity focus on the Darknet?
A: We now know that the effectiveness of evolving cybersecurity threats has taught us that it is not a matter of whether a business will be breached, but when. We focus on the Darknet because when a business’s proprietary data has been found on the Darknet, it is time to act; that data has been compromised.
Monitoring the Darknet can serve as a breach early warning system, if you will. If a business can shorten the timeframe to the detection of its sensitive data on the Darknet, it can more quickly detect security gaps and mitigate damage prior to the misuse of that sensitive company data. The cost of mitigating a breach can therefore be lessened, and the potential for reputation damage or other losses can be minimized.
Q: Do you believe the Russians and other governments have been hacking into American websites via the Darknet? Do they have that capability?
A: There is no question that the Russian government, as well as other state actors have the capability to hack into American websites. To do this, they do not need to use the Darknet---they can simply go in through the surface web or deep web.
Q: How can OWL Cybersecurity help protect websites that could be hacked by Darknet users?
A: Darknet users are generally on the Darknet in order to buy or sell goods or data, not as a location from which they mount cyberattacks. Cyberattacks can be conducted directly in the surface or deep web.
Our chief focus is the Darknet. When we discover a trove of, say, login credentials, we immediately notify the affected client (and in some cases organizations who may not be a client). Our client can then immediately begin to remediate the incident, with our support, by notifying customers and perhaps issuing new credentials or forcing password resets. In this way, the client is able to mitigate potential damage, from a security, financial and brand perception perspective, before criminals can capitalize on the theft of the data.