Did you know your business and employee details could be up for sale on the Dark Web without you even realising? Addressing the Dark Web within your IT security policy will help you to protect yourself, your team, your organisation and your customers. In this article, we explain what the Dark Web is and the steps you can take to ward off hackers.
The Dark Web is often thought of as a place for illegal activities – from drug dealing to human trafficking. That, sadly, is the case. However, it’s also a playground for cybercriminals. If you’ve suffered a security breach or cyberattack, evidence might be found there.
What is the Dark Web?
The Dark Web is a collection of hidden sites which can only be accessed using a specialist web browser. Some people use it purely because it provides anonymity and they don’t want to be tracked whilst using the web. However, this inevitably means that it is largely used by criminals who want to cover up their tracks.
This part of the internet can only be found if you’re actively looking for it. There are specific tools you would need, and it can’t be accessed through mainstream search engines.
When and how the Dark Web started
You might be surprised to find out that the browser that allows users to remain anonymous on the web was actually prototyped by the US Naval Research Laboratory. The aim was to allow secret agents to communicate without risking the interception of their conversations and destinations.
Unfortunately, criminals soon realised that this browser would be ideal to carry out their illicit activities without being tracked easily.
Difference between the Dark Web and the Deep Web
The Dark Web is contained within the ‘Deep Web’, a sublayer of the Internet.
The Deep Web itself isn’t malicious, it simply refers to the parts of the internet that can’t be accessed by search engines like Google, Bing, etc. The Deep Web is actually more than 500 times the size of the indexed ‘surface’ internet that you can access through search engines.
Things like your email inbox and Netflix subscriptions, for example, are part of the Deep Web – imagine if anyone could access these from a quick Google search!
The Dark Web, then, is simply a different part of the Deep Web which is used mainly for illicit activity.
Why should I be concerned?
The Dark Web holds a vast amount of data and personal information stolen in cyberattacks. One of the many criminal activities it’s used for is as a marketplace for selling stolen data.
Email addresses, usernames and passwords, that have been obtained in cyberattacks, are sold to criminals that will use them to gain access to critical business applications, as well as online services. And, because most people reuse the same passwords across multiple accounts, it only takes a single breach for cybercriminals to potentially access all of a user’s other online accounts.
If your user credentials are stolen and then sold, it would allow criminals to infiltrate your company network to steal data and sensitive corporate information and conduct other malicious activities.
How to check if your credentials are up for sale
For business use:
- Dark Web monitoring is an effective way of finding out whether your business and/or employee details are available on the Dark Web.
For personal use:
- Mozilla’s Firefox Monitor tool and the Have I Been Pwned? tool allow you to enter your personal email address and see if it has been involved in any data breaches.
- Google’s Password Checkup tool lets you know if any passwords connected to your Google account have been compromised or are weak.
- Please note that these methods are not intended for business use.
What is Dark Web Monitoring?
It is a way of scanning the dark areas of the web in order to detect whether credentials relating to your business and/or employees are up for sale on the Dark Web.
This does not involve your IT infrastructure, and works by connecting to a variety of Dark Web servers through which evidence of compromised credentials can be found. It will scour botnets, criminal and black market sites, repositories, peer-to-peer networks, forums, private networks, bulletin boards, chat rooms, malicious websites, blogs and social media sites based in the Deep/Dark Web. And, if stolen data is detected, you can take emergency steps to reduce potential damage.
A dark web scan is a one-off occurrence which is a starting point for finding out whether your business is at risk, but Dark Web monitoring is an ongoing service which continuously searches, monitors and reports on the presence of your organisation’s credentials on the Dark Web.
With monitoring in place, you can rest assured that any evidence of stolen sensitive data will be caught and remediated as quickly as possible.
How would I benefit?
Firstly, without Dark Web Monitoring, you have far less visibility of when your credentials are stolen. Over 75% of compromised credentials are reported to victims by third parties, by which time it may well be too late.
With this service, you can take a proactive approach to prevent data breaches and neutralise the damage a breach can make.
How we can help
Air IT’s Dark Web Monitoring service helps detect and mitigate cyber threats that use stolen email addresses and passwords. We combine human and artificial threat intelligence to continuously monitor the web on your behalf in real time – day and night, all year round.
We leave no stone unturned in looking for signs of compromised details pertaining to your organisation – to keep you better protected. We’ll identify any exposed and compromised credentials that relate to your organisation’s email addresses and alert you immediately, as well as advising you on the steps required to mitigate risk.
If you’d like to find out more, please don’t hesitate to get in touch.