If you have been keeping your finger on the pulse of cyber security in 2020, you cannot have missed the warnings about the Dark Web.
It’s become so prominent that even some of the UK’s daily newspapers have carried reports this year about the growing problem of sensitive company details being traded by hackers on the Dark Web.
What is the Dark Web?
The Dark Web is part of the internet, but as the name implies, the Dark Web exists way down below the ‘surface’ Web in an area known as the ‘deep’ Web.
The deep Web is the term for the multitude of connected but hidden Websites that cannot be accessed by search engines because they require authentication via passwords and other login credentials.
In fact, any password-protected Website is part of the deep Web, and some estimates reckon that it accounts for up to 99% of the entire internet, with Dark Websites comprising just 0.005% of the Web, according to analysts Recorded Future.
Why does it matter?
A report from cryptocurrency specialist Bitfury revealed that the total value of bitcoin transactions (against USD) on the Dark Web had increased by 340% between 2017 and 2020.
This massive increase is thought to be driven by the fact that:
1) Cryptocurrency is the preferred cash alternative for hackers who extort funds via ransomware as it allows them to remain anonymous
2) There has also been a huge rise in ransomware attacks – whereby hackers steal sensitive data and threaten to sell it on the Dark Web unless a ransom is paid.
The risk of your data being sold on the Dark Web ranges from financial to competitive to reputational.
In some circumstances, companies suffering a data breach struggle to regain the brand trust that they had carefully built over the years, and eventually to the wall. You can find out if your details are being traded on the Dark Web by requesting a Dark Web report.
Increased ransomware risks
The COVID-19 pandemic has also seen a huge increase in ransomware attacks, as hackers have sought to exploit less-than-security-savvy employees now based at home.
According to Morgan Wright of SentinelOne, scammers and criminals have been:
“…exploiting the fear, uncertainty and doubt people are experiencing during the pandemic, and using the anxiety and desperation to get people to buy things or click on things they wouldn’t have otherwise.”
The technique widely used by these criminals has been phishing scams aimed at tricking unsuspecting computer users into clicking on malicious links or otherwise parting with password information to allow access to sensitive data.
Typically, users are contacted by a fraudster masquerading as an official organisation. During the COVID outbreak, the UK has seen scammers pretending to be working as Test & Trace scheme employees, HMRC, grant-awarding bodies and local councils as well as the usual banks and supermarkets.
Furthermore, criminals can buy ready-made “phishing kits and templates” on the Dark Web, which will then allow them to impersonate Microsoft, Apple, UPS and a whole range of other well-known organisations.
It’s working too.
According to security firm Sixgill, the number of stolen credit card numbers for sale on the Dark Web grew to 76,230,127 during the second half of 2019, an increase of 200% compared to the first half of the year.
Company data at risk
Confidential corporate information targeted by hackers can take many forms – in fact they’ll usually take anything they can get. From employee or bank account details, to intellectual property and prized customer data such as credit card details.
The key point to remember is that the Dark Web is there, it is real and you can’t afford to ignore it or pretend it doesn’t exist.
The reason is that you won’t necessarily know if or when your precious and confidential data is being traded by criminals.
It’s called the ‘Dark Web’ for a reason: standard technologies and Web browsers cannot get access to or track down users or the information they are peddling.
Worse still, it may be months or even years until you discover that your corporate data is being traded. Even if you discover a data breach, you won’t necessarily know what’s happened to the data that was compromised.
Find out if your company credentials are on the Dark Web
You might now be asking:
1) Are any of our company’s confidential data out there on the Dark Web?
2) If so, what can we do about it?
The answer to both questions is that help is at hand.
Alliance Solutions can provide a Dark Web report that provides a sample of your email addresses or domains that have been compromised.
If you choose to take the next step, we can help you take the remedial steps to address issues that led to this and to prevent future similar events.
We can also provide an ongoing monthly Dark Web monitoring service that gathers and analyses data in close to real time that could indicate when cyberattacks are emanating from the Dark Web.
To accompany this monthly service, we also provide you with intelligence and alerts, so that if your data is found on the Dark Web you can act quickly to mitigate any damage.
That’s Dark Web monitoring, intelligence, alerts and mitigation.
The strong likelihood is that this service from Alliance Solutions will cost you far less than a data breach and the resulting consequences.