SHEDDING LIGHT ON THE DARK WEB
With stories of cyberattacks and data breaches dominating headlines, some people might wonder why hackers go to all the trouble. The truth is that identity theft remains one of the most lucrative criminal enterprises for users of the dark web.
“This brings to the forefront what people don’t know about the dark side of the internet,” Brian Maletsky says. Maletsky is the Director of IT Operations at Capital Network Solutions, a managed service provider in Sacramento. “Stealing identities is one of the biggest financial gains for people that are black-hat hackers.”
WHAT IS THE DARK WEB?
In simplest terms, the dark web is the part of the internet that is not searchable by Google and other search engines. The dark web sits encrypted on top of the regular internet, but you need special software to gain access. Experts estimate that roughly half of the sites on the dark web get used for criminal activity.
“It’s linked to the Tor browser, which protects the identity of people connecting to the dark web and doing anything on there,” Maletsky says. “Criminal activity is probably the leading reason for people using it.”
WHAT IS A DARK WEB SCAN?
Just as the name suggests, dark web scans will scan the dark web for your stolen emails, usernames and passwords. Given the unprecedented prevalence of mass data breaches in recent years, the dark web scan industry is booming. There are numerous services on the market, but Capital Network Solutions uses Dark Web ID™ Credential Monitoring service from ID Agent.
Dark Web ID™ Credential Monitoring searches for compromised credentials in real-time and notifies you when critical assets get jeopardized. However, it does not require you to connect to high-risk services directly.
“On this tool, it really is scraping through all kinds of forums and websites, looking for stolen credentials,” Maletsky says. “You can buy credentials thousands at a time, whole databases full of them.”
WHY ARE DARK WEB SCANS IMPORTANT?
When your employees use their work email on third-party websites, it makes your business vulnerable to a breach. Weak and reused employee passwords also present significant security vulnerabilities. With our Dark Web ID™ Credential Monitoring, we can detect if your company is at risk due to exposed credentials. This knowledge allows you to patch any holes in your network security.
Far too often, companies with compromised credentials for sale on the dark web don’t know it until informed by law enforcement. Unfortunately, by that time, it’s probably too late.
WHAT CAN HAPPEN IF YOUR CREDENTIALS GET SOLD?
Employees often use the same password for multiple services, exponentially increasing the potential damage from a compromised credential. At the same time, compromised credentials could get used for further criminal activity. Meanwhile, limited visibility into the dark web causes 75 percent of compromised credentials to get reported to victims by a third party, such as law enforcement.
If dark web scans locate your credentials, you should immediately update any accounts where you use the stolen passwords. You should also update your account on any sites where you use the same password as on other websites. “Once they get that one password, they have programs that go out and try to login to everything,” Maletsky says.
HOW DO YOU PREVENT DATA LEAKS IN THE FIRST PLACE?
Beyond the cyber security basics of firewalls, data backups, email filters and software patch management, Maletsky preaches password inconsistency. “The number one thing that every company needs to do is create a secure password policy and live by it,” he says.
“Using the same password through all your banking and all your logins, your Facebook, your social media, is where this happens,” he says. “It’s a laundry list of sites they try to get into with that username and password.”
ARE YOUR COMPANY’S DIGITAL CREDENTIALS ON THE DARK WEB?
Find out for sure with a complimentary, one-time Dark Web ID™ Credential Monitoring scan. For your free dark web scan, contact Capital Network Solutions at (916) 366-6566 or click the button below.