First, what is the dark web?
Maybe you’ve heard something about the “dark web” being a hotbed of criminal activity — and it is. But maybe you don’t know exactly what the dark web is. Basically, it’s a part of the internet that isn’t indexed by search engines.
The dark web is a subset of the deep web that is intentionally hidden, requiring a specific browser—Tor—to access it. No one knows the exact size of the dark web, but most estimates put it at around 5% of the total internet.
A Dark Reading report on cybersecurity and threats shows that in 2022 over 24 billion complete sets of usernames and passwords are currently in circulation in cybercriminal marketplaces. That’s four complete sets of credentials for every person on Earth and a 65% increase since the last time this study was conducted, in 2020.
What are some dark web tools and services?
There are several categories of dark web tools and services that could present a risk in the form of a network breach or data compromise:
- Infection or attacks, including malware, distributed denial of service (DDoS) and botnets
- Access, including remote access Trojans (RATs), keyloggers, and exploits
- Espionage, including services, customization and targeting
- Support services such as tutorials
- Customer data
- Operational data
- Financial data
- Intellectual property/trade secrets
There are three risk variables for each category:
- Devaluing the enterprise, which could include undermining brand trust, reputational damage or losing ground to a competitor
- Disrupting the enterprise, which could include DDoS attacks or other malware that affects business operations
- Defrauding the enterprise, which could include IP theft or espionage that impairs a company’s ability to compete or causes a direct financial loss
What is Ransomware-as-a-Service and how does it work?
Ransomware-as-a-service (RaaS) kits have been available on the dark web for several years, but those offerings have become far more dangerous with the rise of specialized criminal groups like REvil, or GandCrab. These groups develop their own sophisticated malware, sometimes combined with pre-existing tools, and distribute them through “affiliates”.
The affiliates distribute the ransomware packages through the dark web. These attacks often include stealing victims’ data and threatening to release it on the dark web if the ransom isn’t paid.
How can you help protect your organization from dark web cyber-attacks?
Always use sophisticated passwords. Make sure they’re a combination of lower and upper case letters, numerals and symbols. The more unique your password is, the harder it is to crack. Password complexity, especially length, is key to protection. Passphrases are a great tool as well!
Change passwords frequently. It’s also a good idea to use memorable fake answers to security questions. Password managers can help with these. Providing real answers to security questions can be trivial to guess or these answers can be found online.
Use different passwords for each account. It can be confusing to remember several different secure passwords and since you should never write them down, we recommend using a reliable third-party tool like LastPass to keep track of them. LastPass can also check against known leaks to help alert users to passwords that may need to be changed.
Install firewall, anti-spyware and antivirus software. Together, these provide a strong line of defense against malware attack. Some AV software will include anti-phishing web and email filters, but those are not necessarily primary functions.
Implement strong company guidelines on internet use. Make sure all your employees know how to use the internet safely by not clicking on unsolicited links. You could also consider restricting the use of personal devices on your company wi-fi.
Consider installing a Virtual Private Network (VPN). A VPN is one of the most effective tools for protecting your business from dark web criminals. It hides your location and browsing history from anyone who may be trying to illicitly access it. VPNs can help guard users from malicious activity on untrusted wi-fi networks (public hotspots) and provide some privacy from snooping on traffic traversing internet service providers. However, it’s capability in terms of privacy and tracking browsing history depends on the VPN used. The VPN app/service may very well be tracking the user.
Use two-factor identification (2FA). This makes it virtually impossible for hackers to access online accounts. There are many forms of 2FA ranging from weakest to strongest and include emails, SMS, app prompt, Time-based One Time Password (TOTP) and password-less authentication, or FIDO2.
Work with experts in cybersecurity and dark web protection. Your company’s network security is best left to the experts. At WIN Technology, we provide custom solutions that help you protect your business against dark web cybercrime.
Want to learn more?
Contact us for a free Cybersecurity Health Check ($3,500 value)
Born and raised in Northern Wisconsin, Casey has an Associate’s Degree from Northwood Technical College in Computer Networking Technology and a bachelor’s degree from UW Stout in IT Management. He joined WIN Technology nine years ago working in Network Engineering and currently in Security Operations.