Skip to main content
Cyber News - All

Veterinary Practices and the Dark Web: Unraveling the Connection to Cybercrime

By April 17, 2023February 16th, 2024No Comments

In today’s digital world, veterinary practices are increasingly reliant on technologies to manage patient records, process payments, and communicate with clients. Unfortunately, this growing reliance on technology also exposes them to a myriad of cybersecurity threats. One such hidden menace is the dark web, a vast and often misunderstood part of the internet that serves as a breeding ground for cybercrime.

What is Dark Web?

When using the internet, most veterinary practices do not realize that they are only able to access a fraction of what is actually hosted on the internet. In fact, many do not realize that there is a hidden part of the web that most people never see, where all kinds of illegal and harmful activities take place. This is the dark web, a network of websites that can only be accessed through special software that masks the identity and location of the users.

On the dark web, criminal activities are rampant, including sell of drugs, weapons, ransomware, exploits, and stolen or compromised data. In fact, when a cyberattack is launched against a veterinary practice, there is a high chance that the tools used to attack them came from the dark web. In most cases, the planning of such attacks also comes from the dark web, and in instances where cybercriminals succeed in compromising the cybersecurity systems of veterinary practices, data acquired is also sold on the dark web. Therefore, it is important to explore the connection between the dark web and veterinary practices and understand how practice owners can fall victim to the dark web.

Threats Originating from the Dark Web

Veterinary practices’ reliance on digital systems and devices to manage their daily operations, such as electronic health records, online payment platforms, cloud services, email communication, etc, make them an attractive target for cybercriminals. They exploit the vulnerabilities in veterinary practices’ systems and devices to launch cyberattacks and data breaches. Most of these cyberattacks originate from the dark web, and some of the types of attacks they launch against these practices include:

Ransomware as a Service (RaaS)

RaaS is a business model where cybercriminals develop and sell ransomware tools to other criminals who then launch attacks on targets, including veterinary practices. In return, the developers receive a portion of the ransom payments. The dark web makes it easy for criminals to access and purchase these tools, leading to an increase in ransomware attacks.

Data Breaches and Stolen Data

The dark web is a marketplace for buying and selling sensitive information, including personal, financial, and medical data. If a veterinary practice experiences a data breach, the stolen information may end up on the dark web, where it can be used for identity theft, financial fraud, or other nefarious purposes.

Phishing and Social Engineering

Cybercriminals use the dark web to share and develop techniques for launching phishing attacks and other social engineering scams. Veterinary practices are not immune to these threats and can fall victim to deceptive emails or messages aimed at tricking employees into divulging sensitive information or granting unauthorized access to systems.

Data Exploitation on the Dark Web

The data that is stolen or compromised from veterinary practices can be used by cybercriminals for various purposes on the dark web. Some of the ways that the data is used on the dark web include:

Identity Theft

One of the main purposes of using the data from veterinary practices on the dark web is to sell it to other criminals who can use it for identity theft or fraud. Identity theft is when someone uses another person's personal information to impersonate them or open accounts in their name. Fraud is when someone uses another person's financial information to make unauthorized purchases or transfers. For example, cybercriminals can use the names, addresses, phone numbers, email addresses, social security numbers, credit card numbers, bank account numbers, etc., of clients or staff from veterinary practices to create fake identities or access their accounts.

Remote Access to Systems and Devices

Cybercriminals can use the login credentials or passwords of veterinarians or clinic staff to hack into their systems or devices and perform malicious actions. For example, cybercriminals can use the access to electronic health records to alter medical information or prescriptions of animals. They can also use the access to online payment platforms to steal money or make fraudulent transactions.

Blackmailing and Extortion

Cybercriminals can use the sensitive data they have obtained from veterinary practices as leverage to threaten them with exposure or harm if they do not comply with their demands. For example, cybercriminals can use the medical records or photos of animals to blackmail veterinarians or clients into paying them money or providing them with more information.

Veterinary Practices Becoming Unwitting Accomplices on the Dark Web

Besides being targeted and exploited by cybercriminals, veterinary practices can also become unwitting accomplices or victims of dark web crime by providing services or products that can be used for illegal or harmful purposes. For example, some veterinary practices may prescribe or dispense controlled substances, such as opioids, tranquilizers, or steroids, to animals that need them for medical reasons. However, these substances can also be diverted and sold on the dark web by drug traffickers or addicts who seek them for recreational use or abuse. According to a report by the U.S. Drug Enforcement Administration (DEA), some of the most commonly diverted veterinary drugs on the dark web are ketamine, fentanyl, and carfentanil.

Another example is that some veterinary practices may provide medical equipment or supplies, such as syringes, needles, scalpels, sutures, or bandages, to animals that need them for treatment or surgery. However, these items can also be stolen and sold on the dark web by criminals who use them for various purposes, such as self-injection of drugs, self-harm, torture, or murder. According to a study by the University of Kent, some of the most commonly traded medical items on the dark web are surgical instruments, blood products, and human organs.

A third example is that some veterinary practices may issue certificates or licenses, such as health certificates, vaccination certificates, microchip certificates, or pet passports, to animals that need them for travel or identification. However, these documents can also be forged and sold on the dark web by fraudsters who use them for various purposes, such as smuggling animals across borders, evading quarantine regulations, obtaining fake identities, or committing crimes. According to a report by the International Fund for Animal Welfare (IFAW), some of the most commonly forged animal documents on the dark web are CITES permits, which are required for trading endangered species.

Conclusion:

In conclusion, it is important for veterinary practices to understand the important connection between the dark web, cybercrime, and the data they keep on their systems. Failing to understand these connections puts them in a precarious position, which can result in them getting caught unaware or committing crimes unwittingly.

Therefore, by understanding some of the ways your veterinary practices can be aiding crime on the dark web, you can be proactive and possibly prevent your practice from being part of the dark web and crimes that go on these platforms.

Submit questions for our upcoming webinar aiming to demystify the complex world of veterinary technology!

Learn More