Continuous monitoring can keep companies from suffering further consequences from a data breach
There’s a really good chance that private information stolen from you or your company is for sale at this very moment on the dark web.
The Hollywood version of the dark web as the seedy underbelly of the Internet – a place where you can encounter some of the most unsavory parts of the human experience – has a lot of truth.
It’s the place on the Internet that’s not indexed by traditional search engines; it can only be accessed through a special browser like TOR that renders your IP address unidentifiable and untraceable. Not every site is illegal – for instance, such jealously-guarded anonymity makes it the perfect place for political dissidents to safely communicate with journalists. And even some legitimate companies like Facebook have a dark-web presence.
But the dark web is also the gathering spot for sites that illegally sell consumer data and other black market goods. It’s a one-stop shop for the tools individuals use to commit cybercrime, from malware kits to stolen account information to “cash-out” services to monetize misdeeds.
Criminals can buy credit card numbers, Social Security numbers, usernames and passwords, drugs, guns, counterfeit money, login credentials to bank accounts, hacked Netflix accounts, and software that helps them break into other people’s computers. Individuals can hire hackers to attack computers on their behalf. Users sometimes recruit for terrorist organizations, browse assassin markets, and purchase child pornography.
There are sites that offer reviews on identity thieves and whether their data is valuable. Sites specializing in stolen credit cards may even allow someone to place custom orders for desired data, such as a card type, the bank issuing the card, or zip code.
Every piece of data that’s stolen from companies during a data breach is almost guaranteed to end up on the dark web, where criminals buy and sell it to commit fraud, get fake identity documents, or fund other nefarious activities and criminal organizations. The dark web only represents 6 percent of the Internet, but MSP Insights asserts that 73 percent of Americans – 237,736,346 people – have at least one compromised credential for sale there.
The dark web poses a real threat to you, your business, and your customers – and it’s critical that companies are aware of the risks and take proper measures to mitigate them. Something as simple as an employee who accesses the dark web via the company network can instantly expose the business to risks that lead to a cyber-attack. If a high-ranking employee is caught doing something illegal on the dark web, chances are their company’s name will be splashed across the news stories that follow. Sources on the dark web also have been known to actively recruit “insiders” to legitimately gain access to company data or install malware in its systems.
8 activities associated with the dark web
Here are 8 of the biggest activities happening on the dark web that companies need to watch out for:
- Database dumps. Stolen company databases are dumped on the dark web, offering coveted data like account information, employee credentials, private contracts, customer data, and trade secrets. One of the most famous examples happened in 2015 when hackers dumped databases belonging to pro-adultery dating site Ashley Madison that revealed personal details of many of its 37 million subscribers.
- The dark web is also a dumping ground for information that’s dug up during doxing, which is when an individual – usually someone prominent like a company VIP – is targeted by others trying to find and publish as much personal and identifying information as possible. The online sleuth’s intentions are almost always malicious – such as uncovering “dirt” or revealing the target’s location or financial information – and often motivated by political beliefs, hacktivism, vigilantism, or vandalism.
- Fraudulent IDs. After a data breach, there’s a good chance that identity thieves are using personal information from a company’s customers and employees to peddle fake IDs on the dark web, including driver’s licenses, Social Security details, and passports. Experian reports that these driver’s licenses go for as little as $20, although passports can fetch $2,000.
- Fraudulent payment cards. Payment cards are available all over the dark web, and buyers can snap up a single card for as little as $5, Experian reports. New cards are regularly added to dark web markets. Business and platinum cards are especially desirable and sell for a premium.
- W2s and tax fraud documents. Every year before tax season commences, there’s a rush on the dark web to gather information to file fraudulent tax returns before the actual taxpayer does. Much of this activity is enabled by the sale of W2s and other tax-fraud specific documents stolen from employers.
- Guides for opening fraudulent accounts. Guides that contain detailed, step-by-step instructions on how to defraud certain organizations are for sale on the dark web. Not only do they teach cybercriminals how to break into a company’s systems and processes, they are updated with techniques to get around new security policies.
- Templates for impersonating customer accounts. Dark web vendors also peddle account templates that allow hackers to pose as customers of financial institutions, telecommunications companies, and other service providers. The templates are used to open accounts, solicit loans, or as part of a plan to commit identity theft or fraud.
- Source code dumps. Proprietary source code leaked by disgruntled ex-programmers or stolen by hackers also abounds on the dark web. It opens the door for competitors to steal a company’s intellectual property and gives hackers a chance to review the code for vulnerabilities they can exploit.
Dark Web Monitoring helps keep companies safe
American companies are under cyber siege – with a record 1,579 data breaches in 2017. There’s no fail-proof way to keep the information that’s stolen off the dark web, but you can be vigilant about monitoring it.
Dark Web monitoring is an integral part of the WAN protections in CyberGuard360’s new CyberGlass platform. It helps mitigate theft through continuous monitoring of the darkest corners of the web for identities, credentials, or other data belonging to a company. If the information being traded or even discussed relates to the business, it raises an alert with recommended remediation. This rapid response is critical because compromised credentials can change hands in an instant before being used for sinister purposes.
Companies must continuously educate their workforce and adapt to threats posed by cybercrime, the fruits of which usually wind up dark web. Dark Web Monitoring is essential – and just one aspect of CyberGlass’ comprehensive suite of cybersecurity tools.
CyberGuard360’s clients across four states and 40 industries are guided safely through the threat landscape. Our wide array of services includes system security suites, risk assessment, education, and training and disaster recovery, and we specialize in helping New York companies comply with 23 NYCRR 500. If you’d like us to put our expertise to work for you, we’d be happy to help. Call us at 844-315-9882 or use our contact form for a free consultation.