Updated: Aug 10
Not familiar with the term “Dark Web”? That’s okay, even some of the most sophisticated individuals in the tech space have no idea what the dark web is and how it’s accessed. As a business owner, executive or manager, you are doing your part to secure and monitor your company’s network and provide a seamless user experience. However, through no fault of your own, your work colleagues are not making your job easier by creating credential-based blind spots that until now were hard to detect and mitigate.
Criminal organisations, hacktivists and social hackers obtain and sell hundreds of thousands of stolen credentials on the dark web daily. Increasingly the result of breached networks, compromised databases and human error creates vulnerabilities for the Small and Medium Businesses!
To understand what the dark web is, you must first understand that there is a large portion of the internet that is not indexed by common search engines like Google, Bing and Yahoo. This is the “Deep Web”, the Government in the US created this hard to access area of the Internet, because the traffic flowing through the deep web was encrypted, it quickly became a preferred communication channel for privacy-conscious individuals, organisations and governments to share data, without detection.
It did not take long for individuals and organisations to begin using the deep web as a platform for exploit. The term “Dark Web” was coined to describe the pockets of the deep web that are used to buy, trade and exploit illegally acquired data or illegal items.
How the dark web impacts your security and what you can do to stay ahead.
The volume of data breaches has reached epidemic proportions and shows no signs of slowing down. When malicious individuals or organisations are successful at compromising data, they quickly move to profit from their heist and place it up for sale on dark websites. On an average day, hundreds of thousands of login credentials (email addresses and passwords), along with PPS numbers, dates of birth, financial information and other personally identifiable information are added for exploit. This information often and unsuspectingly leads to your co-workers identity theft and is also used to enhance the effectiveness of social engineering campaigns and ransomware attacks – further perpetuating the exploit cycle.
Compounding this epidemic is the fact that 80% of your work colleagues will use the same or a derivation of the same password across all the systems they access, both on and off their employer’s network. If your client’s internal requirement is to have a capital letter and special character, it’s a common practice for employees to use a password they are familiar with and add a capital letter and explanation mark. For example, the exposed password on a 3rd party site is “cowboys.” The new variation will be “Cowboys!” Hackers can apply brute force scripts that run hundreds of variations of passwords to find a match in seconds.
Start protecting your company from dark web exploits in a matter of minutes.
To help you protect your business from the dramatic rise in credential-based exploits, we can begin monitoring, reporting and mitigating credential-based exploits that, even with the most robust security defences in place, can be used to access your data.
Tusa IT will notify you when we discover compromised data that matches your email domains and show you how the data was discovered, including 3rd party data breaches, key-loggers, malware or phishing exploits. As the associated passwords are often discovered in “clear-text” (meaning un-encrypted), you are able to automatically compare it against your internal password criteria (minimum character lengths, number of letters, numbers, special characters, and capital letters) to focus on exposures more quickly that have a higher probability of being used to exploit or breach your clients network. Hashed or (encrypted) password can be just as damaging because there are now thousands of free websites that can be used by criminals to decrypt hashes within seconds.
In addition to how the data was discovered, our analysts will often provide where it was discovered. Some of the areas that are identified include:
ID Theft Forums – hard to access Internet Relay Chat (IRC) forums, hacking sites, and private member-only sites where criminals go to buy, sell, and trade personal and financial data.
Social Media Sites – social networks including recently exploited sites like LinkedIn, Twitter as well as legacy, but still active platforms like Myspace.
3rd Party Web Sites – exploited sites like Dropbox, major hotel brands and other commonly accessed sites that your colleagues will register with, using their employer issued email address out of convenience or negligence.
Tusa IT work with organisations who value the confidentiality of their company data and customer information.
We provide Dark Web monitoring, staff awareness training and simulated phishing campaigns to ensure that your staff are on the front line of your cybersecurity defences.
Learn More email email@example.com to see how we can help you.