What is the dark web? When you perform a search on the Internet, you are searching on what is known as the surface web. This is where most of our web browsing and social media takes place. The deep web – initially developed by the US military – is an unindexed section of the web, with much more information available; however, it is mostly encrypted. The dark web refers to a layer of the Internet (below the deep web), which is also unindexed by search engines; meaning that any searches on the dark web will not show up in a Google search. All exchanges on the dark web are all encrypted and are all done from anonymous IP addresses, making it difficult to identify any users. Just as it sounds, the dark web is a place where things of a darker nature take place. Here, people will trade or traffic drugs, weapons, people, and information. The surface web only represents 0.04% of the information available on the Internet; whereas the other 99.96% of information is found in the deep web and the dark web. For this reason, it’s critical to use dark web monitoring tools to find out if your information and credentials are here waiting to be sold to the highest bidder. How does your Personal Identifiable Information get on the dark web? According to ID Agent CEO and Co-Founder, Kevin Lancaster, there are thousands of small compromises occurring daily. Most of these compromises or breaches occur through social engineering. Additionally, a lot of your personal data is easily found on the surface web: like that information you share on social media platforms like Facebook and LinkedIn. From this information, hackers will find out more information about their targets, and use a combination of social engineering and phishing techniques to gather credentials. Once a hacker has a set of credentials for a business, they can leverage it to access other corporate systems. Think of some of the large-scale breaches you have read about in the past year. Now think of all the personal data that was stolen in those breaches. All of that Personal Identifiable Information is for sale on the dark web. According to Lancaster, a credit card with CVV and date of birth can fetch USD$15 on the dark web. Multiply that by thousands and you have one very lucrative business. What can you do about it? Once the data is posted for sale within the Dark Web, it is quickly copied and distributed (re-sold or traded) to many cyber criminals, within a short period of time. “It is generally implausible to remove data that has been disseminated within the Dark Web. Individuals whose PII (Personally Identifiable Information) has been discovered on the Dark Web, are encouraged to enroll in an identity and credit monitoring service immediately.” There are some things you can do proactively, to ensure your credentials and Personal Identifiable Information does not show up on the dark web.
- Understand social engineering and phishing scams. Ensure that neither you nor your staff fall victims to these types of scams.
- Enable two-factor or multi-factor authentication. If all someone needs to enter a system is a username and password, it makes it easier for a hacker to gain access to a network. When someone is required to use two factor or multi-factor authentication, it becomes that much harder to break-in. With multi-factor authentication, some hackers may decide that it is too much work to crack, and move on to an easier target.
- Leverage an MSSP with a Dark Web Monitoring service. What if your data is already out on the dark web and you don’t know it! Using a Dark Web Monitoring Service can help you find out if your .com credentials are out on the dark web. You may even discover that there are “Zombie accounts” out there from your legacy employees that have not been disabled. Uzado’s Dark Web Finder monitoring service can help your organization
- Identify compromises,
- provide reports on compromised data,
- monitor logs, to allow for tracking and triaging of any incidents,
- create effective policies and procedures to minimize risk, detect patterns before turning into trends – using the intelligence to keep your organization more protected,
- proactively monitoring networks to catch and respond to threats immediately.