If you asked a random person on the street about the biggest data theft ever, they’d likely mention Equifax or Guccifer 2.0 who reportedly hacked Democratic National Committee emails in 2016. These types of high-profile breaches make splashy headlines, making cybercriminals like Guccifer 2.0 and companies such as Equifax household names. But did you ever stop and wonder where the more than 164 million stolen digital files were sold in 2019? The Dark Web.
In many ways, the Dark Web is like an alternative Internet that cannot be seen or found by ordinary people. Thousands of platforms exist underneath the typical web sites Internet users browse daily.
This vast digital underworld is where cyber criminals go to peddle the valuable data they pilfer off small, mid-sized, and large corporations. What makes this criminal flea market truly scary is the fact you wouldn’t even know your data was for sale unless an expert investigates for you.
James Forbis, who provides IT consulting in Cincinnati with 4BIS.COM shares his insights into the dark web and why organizations need to take the threat seriously.
What Makes The Dark Web A Threat?
There are about 5 billion commonly used web pages in circulation. Behind those are upwards of 500 times more “deep web” pages, according to a report by CNBC. These are pages that cannot be easily accessed. Ranked among them are bank accounts, healthcare portals, and networks that require login credentials. Concealed within the deep web are Dark Web pages and these are items commonly sold on them.
- Credit Card Numbers
- Debit Card Numbers
- Bank Account Information
- PayPal Account Credentials
- Driver’s Licenses
- Social Security Numbers
- Medical Records
Dark Web pages require anonymous browsing software such as “TOR” (The Onion Router) to find them. While it might appear to make sense to get TOR and search for your digital assets, Dark Web pages are often laced with malicious software. However, cybersecurity experts with experience dealing with the Dark Web can locate your personal identity or valuable business data.
How Does Dark Web Monitoring Work?
A cybersecurity expert can scour the criminal landscape for stolen digital assets such as client information, employee records, or other sensitive files. It’s essential to keep in mind that a few scans will not necessarily cover the full breadth of the Dark Web. That’s primarily why industry leaders invest in ongoing Dark Web monitoring.
Dark Web monitoring is a highly technical process. Rather than bog business professionals down in a bunch of IT jargon, it may be more fruitful to understand the process this way. Dark Web monitoring is a series of scans that are rolled out to identify your exposure. In that sense, monitoring is a lot like the routine antivirus scans rum on your network and wireless devices. As a decision-maker, this may seem like one more cost on top of many you’ve made to harden your cybersecurity defenses. So, what makes it worthwhile?
By working with your IT services company and a cybersecurity professional who practices Dark Web monitoring, you gain cost-effective access to the tools and expertise already in place. That means the firm already performs this task for other proactive organizations. It also means your rate will be substantially lower than enlisting an in-house tech person. Dark Web monitoring also gives you a heads-up that a breach has occurred without your knowledge and provides an opportunity to take the following measures.
- Change Passwords
- Notify Banks & Credit Card Companies
- Alert Credit Reporting Agencies
- Temporarily Freeze Credit & Assets
Perhaps that greatest benefit of following through with Dark Web monitoring is that your organization can conduct a cybersecurity audit and secure the vulnerability that allowed hackers to breach the network. Once you know that a cybercriminal was able to overcome your defenses, you can double-down and ensure it never happens again.