Business owners today know the internet is not only a force for good. Some people exploit the Web for ill intent. They congregate on the Dark Web, and small businesses need to understand the risks.
What is the Dark Web?
You and your employees spend time daily on the Web. They’re researching clients, checking out competitors, and searching for information. They are accessing the ‘visible’ part of the internet. Lurking below the surface is The The Dark Web, or Darknet.
This part of the internet houses dangerous, often illegal activity. This includes black-market drug sales, illegal firearm sales, and illicit pornography.
The Dark Web is a general term for a collection of websites on an encrypted network with hidden IP addresses – all of which gives users strong anonymity protection. Because they are not indexed by traditional search engines, you can only access them with special anonymity browsers, such as I2P, Freenet, and the most common, The Onion Router (TOR) bundle.
You also need to know where to find the site you are looking for. There are Dark Web directories, but they are unreliable. The people on the Dark Web don’t want their victims to find them. Ultimately, it’s not somewhere you or your employees need to be.
So, why do you need to know about it? Because Dark Web users can buy:
- usernames and passwords
- counterfeit money
- stolen credit card numbers or subscription credentials
- software to break into people’s computers
- operational, financial, or customer data
- intellectual property or trade secrets
It is also where someone can hire a hacker to attack your computers.
The Dark Web is Not the Same as the Deep Web
The Deep Web is all the sites on the web that can’t be reached with a search engine. Although this includes sites on the Dark Web, it also includes sites that serve more mundane functions, such as business intranets, webmail platforms, databases, online banking platforms, and services that usually require a password or other means of authentication.
These are found and accessed directly with a URL or IP address, and are hidden behind firewalls, paywalls and HTML forms. Because all these other pages are included in the Deep Web, the Deep Web is actually far more vast than the regular internet (also known as the Clear Web).
The Dark Web business risk
The Dark Web itself isn’t illegal, and not all its traffic is criminal. It is also visited by journalists and law enforcement agencies, and it’s used in countries prohibiting open communication.
However, it is estimated that over 50% of all sites on the Dark Web are used for criminal activities, including the disclosure and sales of digital credentials. These credentials can include usernames, emails and passwords for your business!
With media attention on data breaches impacting millions, it’s easy to think a small business is not at risk. However, bad actors don’t target a business for its size – they look for ease of access.
Dark Web information is up to twenty times more likely to come from an unreported breach. Privacy specialists told a Federal Trade Commission Conference victims included medical practices, retailers, school districts, restaurant chains, and other small businesses.
How does this happen?
When your employees use their work email on third party websites it makes your business vulnerable to a breach. Individuals will often use the same password across a number of sites both business and personal.
Typical examples of where employees may use work emails include:
- Email Services
- Travel Sites
- Banking
- Social Media
Credentials can also be compromised from legitimate work related sites including HR & Payroll and CRM. Two high profile leaks of usernames and passwords related to LinkedIn and Canva, both sites that people use legitimately within their work on a daily basis.
Both sites let users know they had been compromised and encouraged users to change passwords. However, users will probably only have changed the passwords for those sites. If they are using those passwords across other sites hackers have a simple way in.
Reduce your risk?
To reduce the risk of your credentials ending up on the Dark Web be proactive. Keep your security protections current, and install security patches regularly.
Consider a unified threat management (UTM) device, or UTM appliance. The UTM plugs into your network to serve as a gateway and protect your business from malware, illicit access, and other security risks.
Make sure you have suitable anti-virus protection, email filtering and have trained staff to spot and avoid phishing emails. You should also be implementing a password policy which ensures that staff are not using passwords on multiple sites. Consider more advanced technologies such as Multi-Factor Authentication, Advanced Threat Protection and Endpoint DNS protection to further enhance your security.
Cyber Essentials provides a good basic framework for cyber security and provides certification that reassures clients and suppliers.
How will I know I’ve got a problem?
Far to often companies that have had their credentials compromised and sold do not know about it until they are informed by the authorities – and by then it’s too late.
There are websites such as Have I Been Pawned which can tell you if an individual email address has been compromised, however the result today might not be the result tomorrow.
A limited number of MSP’s, ourselves included, can offer Dark Web scanning and monitoring. These systems use a combination of human and sophisticated intelligence to identify, analyse and proactively monitor for your organisations compromised or stolen employee data.
With timely notification of compromised credentials you can take immediate remedial action. Change passwords, add Multi-Faction Authentication to compromised systems and issue further training to staff.
How We Can Help
We’ll take care of all aspects of protecting your business. We cover the basics of patching, up-to-date AV and email filtering and offer advanced security, including Dark Web monitoring.
We offer a FREE cyber security assessment to any business with over 20 users. The assessment includes a report detailing any credentials exposed on the Dark Web.
Stay on top of the latest cyber security threats with Your IT Department. Fill out our contact form or call today on 0115 8220200.