The Dark Web makes buying and selling of company data and credentials almost risk free
It’s very likely that today, right now as you read this, your company’s credentials are being marketed and sold on the dark web. This could be your fault caused by untrained employees duped into releasing information, or your credentials might be part of a much larger data capture form a third party – like a bank or credit card company – that got hacked to the tunes of millions and millions of data entries including yours.
Exactly how are criminals using your information, what types of gains do they hope to realize and what can you do to prevent or defend against abuse of your credentials?
Layers of the Web
Within the world of the internet there are three different areas or layers of the web:
- Surface Web
The Surface web is the area of the internet that most people use on a day to day basis. This area of the web can be indexed by search engines. That means the pages on the surface web can be found by Google, Yahoo, Bing etc. As of Sunday, February 24, 2019 the surface web consists of at least 5.15 billion pages
- Deep Web
The deep web is like the surface web but has one main difference, it cannot be indexed. You spend a lot of time in the deep web, most likely without even knowing it. Examples of deep web sites/pages are internal company networks, databases, certain government websites, email and cloud service accounts, banking sites, and most sites you can only get onto using a username and password.
- Dark Web
The deepest and most obscure of the three areas is the dark web which is a layer of information and pages accessed through “overlay networks.” Special software is required to access this content because most of it is encrypted.
What Criminals on the Dark Web Hope to Get from Your Business
In the encrypted pages of the Dark Web, you can find almost anything, from legitimate and illegitimate social networks and chat sites, to solicitations for hitman, to black-market organizations selling guns, drugs and pornography − all while maintaining anonymity.
The dark web is one of the few spots on the internet that “true anonymity” is achievable. I put true anonymity in quotations because it is hard to say whether people on the dark web are truly anonymous or just hidden extremely well.
Using tools such as TOR on top of a VPN anyone can get very close to being truly anonymous, making the buying and selling of data and credentials almost risk free. That’s why the dark web is thought to be a safe home for criminals/organizations who are marketing and selling your company’s information for one of the following purposes:
- Financial Gain
Financial gain is a driving factor for many hackers and organizations. Hackers will gather very large amounts of credentials from multiple organizations and sell them for 2-3 dollars on the dark web. This doesn’t sound very rewarding but is some cases these cyber criminals are selling 50 million or more credentials. The amount of total sales going on within the dark web is unknown although some sources estimate it to be more than $500,000 in sales a day.
There is a community of people who consistently access the dark web who belong to underground forums, social networks, and chat rooms that can be particularly dangerous for your company’s brand or reputation. They’re not motivated by buying or selling your company’s data – they’re motivated by creating chaos and the challenge of doing it for fun, just to prove they can.
When breaches are originated by these “fun seekers”, they usually give the credentials/information away or sell millions for a very small amount of money, like a Russian hacker that goes by the alias “The Collector” who last year, sold 272 million credentials for less than one dollar.
- For a Social Purpose or Cause
Some cyber criminals are idealists trying to expose injustice, some are hacktivists trying to take down corrupt governments and religious groups, and some have political motives.
An example of a social purpose driven data breach is the Ashley Madison data breach from 2015. Ashely Madison was a commercial website billed as enabling extramarital affairs. A group called “The Impact Team” stole more than 60 gigabytes of company data, including user details like real names, home addresses, search history and credit card transaction records. The group then released the information on the dark web to expose and publicly shame those who participated.
How to Mount a Cybersecurity Defense and Dark Web Protection Action Plan for Your Business
Read our blog post: Cyberattack Strategies: Going on the Offense Against Cyberattacks
I don’t want to leave you with the impression that everything going on within the dark web is illegal, because it’s not.
The first and most critical step of that dark web protection plan is to perform a scan of the dark web to see if, where and how your company’s credentials are being compromised. We’re pleased to offer a free scan of the dark web to this end, which can be initiated by clicking on the button.
If you have more immediate concerns, contact us via form, here, or call me at 716.600.3724 today.