Have you ever seen one of those ominous advertisements, usually with a hooded character lurking in the dark, that warned about your personal information being sold on the Dark Web?
While the term is fairly familiar, many people don’t know exactly what the Dark Web is and why it poses a danger both for individual users and businesses.
If you practice good device and network security, then hopefully you’ll never have to worry about a data breach of your information that causes your sensitive details to become a commodity for sale to cybercriminals.
But sales of stolen credentials or credit card numbers aren’t the only thing to worry about when it comes to the Dark Web. Criminals don’t even need to be good hackers themselves when they can buy an email hack for $40 or pay someone to do a targeted ransomware Trojan infection for $750.
Education is often the first step to a strong defense against cybercrime, so we’re going to go through a primer on the Dark Web and what you need to know about it to protect yourself and your business.
The internet as we know it is made up of three main “webs”:
According to estimates, the Deep Web is about 500 times larger than the Surface Web that most of us use every day.
What makes the Dark Web the most nefarious is that it’s designed to anonymize internet traffic, so many criminals use it for illegal transactions. It can of course also be used for legitimate reasons, but it’s well known for the criminal element that hangs out and does business there.
The most popular software that’s used to access the Dark Web is the Tor browser. Websites there don’t use .com or .net, instead they end with .onion. That’s why you’ll sometimes hear the Dark Web referred to as the Onion Web.
The Dark Web hosts a large online marketplace for all types of illegal products and services. These generally fall with four main categories.
Anyone wanting to spread a malicious infection can purchase things like ransomware, viruses, spyware, and other dangerous scripts that are typically delivered via phishing attacks.
Exploits can also infect your system and cause a data breach, but they’re different than malware. Exploits are software or a sequence of commands that take advantage of a known operating system, firmware, or software vulnerability.
This is the market category on the Dark Web that includes things like stolen credit card numbers, customer databases, social security numbers, and other sensitive data that can be used for things like identity theft or credit card fraud.
A hot commodity on the Dark Web are stolen credentials. These are login passwords to things like email, website administration, company accounting software, and more.
Canada has the distinction of having one of the highest ratios of identity theft to population. It has a data theft ratio of 2.5, making it number three in the world, just behind the U.S. (19) and South Korea (4.5).
The ratio of 2.5 means that there are two and a half times as many data records stolen as there are people. From a population of approximately 37 million, Canada has seen approximately 91 million data thefts.
The best way to protect your data is to institute good cyber security policies that ensure your network and devices have things like firewalls and anti-phishing software in place. Some other tips for good IT security include:
You’ve most likely seen those Dark Web monitoring offers from the same type of companies that offer identity theft protection services. Can it help?
Yes, but only so much. Dark Web monitoring isn’t going to stop someone from hacking into your network, only good network security can do that. But what it can do is provide you with an alert if your information happens to be found on the Dark Web.
No monitoring service can scan the entire Dark Web, however, so it’s important to understand that they’ll only be scanning some of the known marketplaces, which invariably make up a small portion of the Dark Web as a whole.
While Dark Web monitoring can have some benefit in alerting you to your personal details being up for sale, it’s no substitute for good IT security practices.
How strong is your network security? What about the security of your cloud-computing applications? Don’t wonder… call us!
Our data security experts can take a look at your current IT security practices and let you know about any weaknesses and make suggestions to correct them.
Contact us today at 705-222-8324 or through our website.