You’re happily humming along on the internet, thinking you’ve got a pretty good understanding of the world wide web. You navigate your way around Google, Facebook, Amazon, and news sites. You’re actually only visiting four percent of the internet. There’s a whole world hiding beyond these safe surface-level sites, known as the Dark Web and it’s a much less hospitable place.
What Exactly Is the Dark Web?
It is a conglomeration of websites not found on search engines or by accessing via traditional web browsers. This is because their location and identity are hidden through encryption tools such as TOR. TOR was originally created to protect military communication. It now has a much broader use for both Dark Web purposes and highly secure communication. You typically only have access to these sites through TOR.
People create sites on the Dark Web in order to remain anonymous and to hide where they’re operating from. TOR hides all IP information, identifying information, as well as data transfers. Over half of the sites on the Dark Web are used for criminal activities.
Why Do People Use It?
One of the most prevalent uses is buying and selling illegal goods, such as recreational drugs, weapons, fake identities, and organs. The proliferation of cryptocurrencies—like Bitcoin— facilitates these sales or transactions. People living within totalitarian societies that restrict communication also gather to share their thoughts freely.
Dark Web’s most dangerous use for businesses is the exchange of credentials (usernames and passwords) and identities. An individual’s stolen credentials are sold on the Dark Web for as low as $1. Hackers utilize purchased credentials to:
- Gain access to important financial information and steal identities (access to a Bank of America account holding $50,000 can be purchased for $500)
- Access accounts for further phishing attacks
- Threaten people with exposure of sensitive information (Remember the Ashley Madison hack from a few years back? Those credentials were dumped onto the Dark Web and hackers leveraged them to expose users.)
- Compromise other accounts using the same passwords and perpetuate the sale of personal information
What Can You Do About It?
The average citizen has no reason to access the Dark Web, but their credentials can easily be floating around, endangering their offline livelihoods. Once your credentials are released on the Dark Web, there is precious little you can do to remove them. However, at the very least, you should know when you’ve been compromised so that you can take immediate action, like changing your passwords and activating two-factor authentication.
We recommend utilizing a full Dark Web monitoring service that alerts you if any of your credentials appear on the Dark Web. These services constantly scan the Dark Web for your information and alert you if something suspicious appears. These alerts don’t necessarily mean a breach has occurred, but they are a very good heads up that something bad may be coming. You can then create a plan of attack before any damage is done. Granted, there will be your fair share of false positives, but we firmly believe in taking the position of better being safe than sorry.
How Should You Get Started with Monitoring?
Our team runs a preliminary scan of your domain revealing the likely breaches in the recent past. We’ll then review that report with you and come up with a plan of action to alleviate any major dangers. Contact us at 213-626-1155 to request that scan.