Every day, we go online to perform Google searches, play music and visit social sites—and each time we engage in activities such as online shopping, account creation and online banking, we’re required to input our personal information. But did you know there’s another, darker side to the internet where your stolen credentials and personal information can be sold to the highest bidder?
What is the dark web?
Although dark web awareness has only recently spiked, the dark web has been around since the beginning of the internet. Simply put, the term refers to a series of chat rooms, peer-to-peer file shares, databases and other sites not publicly available on the standard internet that are used to share anonymous content, facilitate illegal transactions and engage in other types of nefarious activity in a way that is difficult to track or shut down. For those of us not involved in underground activities or working for a security organization, the dark web has long seemed like a distant concept with little to no impact on our daily activity. Until now.
The current threat
For the last two years, one of the most prevalent security attacks against our clients has involved cryptoware, which typically comes in through some type of phishing email or pop-up that facilitates the installation of a harmful piece of software on your computer. Cryptoware then encrypts all your data, rendering it unusable unless you pay the ransom or perform a complete restoration from a backup. Although the threat of cryptoware still exists, we’re proud to have done a tremendous job keeping our clients’ computers safe from this malicious software.
Another dangerous trend we’ve noticed pertains to hackers gaining access to user credentials. Once cybercriminals have your username and password, they are able to circumvent the security measures put into place by your IT department. Hacking into corporate databases is a common method of stealing credentials, and the horrifying fact of the matter is that although we only hear about the hacks affecting major companies (think Target and LinkedIn), such incidents occur almost every day.
One of the things that makes this trend so dangerous is that users typically have no idea their information was stolen. Unlike a virus that might pop up on your computer or cryptoware that alerts you to its intention, this kind of hack is completely undetected and silent—and that’s where the dark web comes in. After hackers gain access to and amass whole databases of sensitive credentials, they can convert this information to cash on the dark web.
There are hundreds of dark web markets—think eBay, but for data—that sell a variety of stolen personal information, including credit card numbers and passwords (which, as a side note, is another great reason to not use the same password for every website you access). After purchasing your credentials, buyers will use them to log into your bank’s website or gain access to your corporate network.
How to protect yourself
Now that you have a better understanding of how the dark web may personally impact you, what can you do about it? This is where having a savvy technology partner becomes vital.
In the midst of all the criminal activity described above, security companies are proactively scouring the dark web to see what’s out there and sharing their findings with those who need to know. After all, if companies or individual users have a way to learn that their credentials have been stolen before any of this information is used in a harmful way, they can potentially stop a breach before it happens—thereby circumventing all the time, energy and costs associated with picking up the pieces. Needless to say, this proactive approach is rapidly becoming a fundamental component of every IT organization’s security arsenal.
If you want to learn whether your organization’s credentials are safe, MyITpros can help! We are offering a free dark web scan for a limited time that will allow you to see if any of your business information has been compromised. Contact us today for a consult!