dark web blog CROP

What Your Company Should Do IMMEDIATELY After Discovering Your Credentials are on the Dark Web

Maintaining vigilance on the dark web is not a luxury because if you discover that your company’s credentials can be found on the dark web, it may only be a matter of time before a costly, reputation damaging catastrophe occurs. If you’re facing this unpleasant scenario, it’s time for executing an “all hands-on deck” action plan

In its simplest form, an Action Plan consists of three critical elements: discovery, remediation, monitoring.

How to Discover if Your Company Credentials are Being Offered on the Dark Web

An effective action plan begins with a dark web scan that will find if your company’s credentials have been compromised.

For a no-cost or obligation scan from DataSure24, click here or on the image at right.

New call-to-actionA dark web scan can reveal who at your company has been compromised, what type of information was leaked, when the breach took place, and the website where credentials were leaked from.

Why a breach occurred is dependent upon numerous factors that may fall outside the scope of your company’s security plan.  Did the breach occur recently, or is it a dump of old data from a decade ago? Do employees reuse passwords for both personal and work-related websites, and if so, does this password match the one from the breach?

Dark web scans work by monitoring the common forums that are used for buying and selling personal information on the dark web.  The best way to prevent cybercriminals from using company’s credentials is to leverage dark web scanning tools that monitor forums and other sites that trade company information so your management and network security team can know what cyberthieves know before it is used. 

When a hacker posts information online, they’ll post employees’ username and an encrypted copy of their password (called a hash) proving to prospective buyers that they have “the goods” for sale. Cybersecurity consultants can conduct a daily dark web scan, and report via a notice to a company’s management or network administrators if, when and where company employees’ usernames and passwords are found. 

Change Passwords: Immediate Steps Your Company Should Take After a Dark Web Discovery

Simply stated, companies must create policies, processes and requirements that employees frequently changing their password. 

A recent poll by Keeper Security found that 87% of respondents ages 18-30 reuse passwords and 81% of respondents 31 and older reuse the same password.  This pattern occurs at work too, where the same password that is being used for shopping online is the same password that is used for a corporate login. 

Current best practices have users change passwords every 90 days, and passphrases every 180, but best practices alone cannot stop another breach.  Cycling passwords creates a smaller window of opportunity for hackers to sell a company’s credentials.  Coupled with a dark web scanning service, a company can create a strong cyber defense … if employees are educated and monitored to make necessary changes on a frequent basis.

Additional steps may be taken such as using a password manager or utilizing two factor authentications.  Even with a password compromise, if the attacker does not have a secondary authentication device, they cannot gain access to your company’s confidential information. Password managers may also help by providing information such as which websites are sharing the same password. They can also generate random passwords to ensure no two passwords are similar.

Prevent Future Dark Web Scams via Monitoring

The third element of an Action Plan for defending against Dark Web scammers is continuous monitoring. This can be done on an outsourced basis, or through periodic searches using either free or paid tools.

Monitoring can include looking into the following types of sites that can be found on the dark web:

  • Hidden chat rooms
  • Private websites
  • Peer-to-peer networks
  • Social media platforms
  • Black market sites
  • 640,000+ botnets

Free solutions exist, such as www.haveibeenpwned.com, which will tell you if an employee’s email has been detected in a leak, but not the password that was used. Using a website like this will at least let a company know that a problem exists so remediations can be executed.

Taking the first step and understanding your visibility on the dark web should not be a one-shot effort. A cybersecurity consultant can review monitoring options with you, including features, benefits, costs and resource requirements. Unfortunately, in today’s business world, monitoring for security is a new cost that must be included in company operating budgets, but over the long run, it’s a small price to pay considering the costs of remediating a breech.

Connect with a DataSure24 Cybersecurity Expert

New call-to-actionDiscovering that employees’ credentials are on the dark web may not always spell disaster but implementing effective policies and maintaining vigilance on the dark web by utilizing dark web scans may prevent you from becoming the source of another hack. We can help.

If you have questions or concerns, or want to discuss your situation, please contact us for a no cost or obligation discussion.  Contact us via form, here, or call me at 716.600.3724 today.

View full article