The Dark web and the unseen impact on organisations
The phrase “Data is the new oil.” coined by mathematician Clive Humby back in 2006 is now more relevant than ever and with so much data being stored, managed and maintained by organisations it has also become an ever increasingly big prize for hackers to get their hands on.
You only need to look at the news to see that data breaches are turning into a typical everyday event in this day and age, take March 2020 for example. Over 832 million records were breached from multiple different business sectors, sizes and shapes. Hackers couldn’t care less whether you are a multinational or a family run business to them your data equals money.
Organisations are now waking up to the fact that unless data security, breach prevention and controls are put in place and managed at board level these attacks will have devastating effects to an individual or a business.
The Dark Web
We’ll explore the dark web what’s found on here and why security should the cornerstone for your business.
Let’s start with the three different types of web. You’ve got surface web whereby websites are being crawled by search engines and are accessible to everyone. You’ve got deep web which is where your online baking accounts are held amongst private data. Finally you have the Dark web which is made up of hundreds of different dark web platforms. The 3 key ones in use today are Tor, I2P and Freenet.
Over the course of this series we will be exploring multiple areas of the dark web but for now lets focus on Dark Web Marketplaces and associated forums.
Dark Web Marketplaces
The easiest way to describe a Dark Web marketplace is an illegal eBay, you can buy regular items but most products and services for sale are illegal. These dark web marketplaces are used by criminals to trade and sell other illegal items, such as stolen credit card details, login details, drugs, firearms and hacking services.
Malicious and Offensive Communications
Associated with these Marketplaces are forums whereby buyers and sellers discuss products and ideas amongst each other. Millions of posts and replies are sent everyday with individuals using these online forums to send abusive, threatening & offensive messages.
Within these forums are rent-a-hacker services whereby they will (for a price) extract data or take down servers and websites of whoever is asking.
Why cyber criminals (hackers) hack
Amongst other incentives the most well known and most evident explanation is monetary benefit, they want to make as much profit as possible and they can easily do so by stealing data like bank details or login details.
Once they are in possession of such details they can apply for a credit loan under your name or what happens in majority of cases they resell your information to another criminal on the dark web which is loaded with criminals performing all sorts of transactions on a daily basis.
Ransomware is one of the most popular method used by hackers where they break into your device, encrypt data on it and hold your data hostage until you pay the ransom within a certain period of time.
What data is the most valuable?
The most commonly sold personal or business data:
- Payment data / online banking account
- Authentication details and Cloud service account and email accounts
- Medical records and prescriptions
- Identity data, ID or passport
- Copyrighted material
- Classified data important for extortion purposes.
What happens to your business or personal data once it’s been compromised or stolen ?
Your information, and a large portion of your life, is on the web. Each move you make online could potentially put you in danger therefore it is essential to adopt a proactive strategy with regards to dealing with your own information. If you do nothing, the results can be catastrophic.