As hacks, ransomware attacks and data breaches occur with increasing frequency, many companies are enlisting third party dark web monitoring services to scan for sensitive data that may appear deep within the internet, hidden from traditional search engines.
What is the dark web?
To fully comprehend what the dark web is, one needs to understand that the internet is far more vast than it may appear to the casual user. It can be broken down into two layers.
The “surface web” is the internet that the majority of people are familiar with. This layer of the internet is composed of social networks, e-commerce outlets, news platforms and all of the sites that people regularly browse online. Sites on the surface web are easy to find and show up in search engines readily.
To use an analogy, consider the surface web to be the main street in a busy city where storefronts, people and the goods and services they offer are on full display and readily available.
Beneath the surface web lies the “deep web.” The deep web is host to encrypted networks, password protected sites, databases and paywalled sites. The vast majority of this information is legal, mundane and not inherently criminal in nature. Deep web content does not appear in public search engines, making it challenging to find anything.
In our analogy, the “deep web” would be the back rooms and alleys behind the main street businesses. Filing cabinets of employee paperwork, stock information, inventory sheets, etc. that the general public doesn’t see and typically has no interest in.
The “dark web” is a term that is used to describe any black markets that exist within the deep web. This includes forums, marketplaces and message boards that allow people to engage in drug and human trafficking, firearms purchases, malware and ransomware trading and more.
To complete our metaphor, the “dark web” would encompass any illegal activity occurring out of sight. For example, an illegal poker game regularly held in the back room of a grocery store, or a storeroom being used to move and smuggle illegal drugs or contraband.
The dark web requires a special browser to explore, and is the go-to place for the buying, selling and trading of personal information such as pilfered login credentials, stolen credit card numbers and any other valuable data that may have been nabbed via a hack or data breach.
What is dark web monitoring?
Because the dark web is inherently challenging and hazardous to explore, navigating it is best left to those who are aware of the risks involved and are adequately protected. The dark web is not regulated and is therefore the wild frontier of the internet. Links that claim to lead to where you wish to go could be legitimate, or they could compromise your system with malware or lead to illicit or violent content. There are no guarantees.
Dark web monitoring services allow companies to skim through the underbelly of the internet in search of stolen credentials, names, email addresses and other personal data without risking themselves in the process.
Dark web monitoring is typically automated, and if information appears on the dark web in any form a notification alert will be sent.
Is dark web monitoring effective?
The characteristics of the deep web, such as anonymity and secrecy, also make dark web monitoring a potentially time consuming and challenging process. It is not a perfect solution, but it is an effective way to be made aware of what information is out in the wild.
Dark web monitoring can also only find information that is publicly posted online. For example, an encrypted folder full of email addresses and passwords that is posted for sale will not generate an alert even if your data is contained within it. However, a dump of the same data on a forum that puts the information on full display will definitely be picked up.
Because of this, most of the sensitive data that causes an alert will have already been used, traded or otherwise compromised. However, there is certainly no harm in knowing what may be out there in order to change your passwords and login information to prevent any future abuse.
How to scan the dark web
Employing a third party is the safest way to monitor the dark web for potential threats. Many cybersecurity providers offer dark web scanning services to compliment the packages and programs they sell. Some companies continually monitor the dark web for you, while others may do a single dive.
However, the dark web is far too massive to scan completely and there is no way to take a look at all of it. Therefore, dark web scans generally examine data dumps already known to exist, which may or may not be truly helpful.
Additionally, there are free options that you can utilize to see if your accounts or credentials have appeared on the dark web.
Have I Been Pwned is a commonly used site that will scan to see if the information you enter into it appears on the dark web among hundreds of known data dumps.
Will dark web scanning keep my data safe?
It’s important to understand that dark web scanning is not preventative. If your information appears on the dark web, it has already been stolen. It is also likely that attempts have been made to use your data for illegal activity.
However, being alerted to dark web activity involving your data does give you the opportunity to bolster your defenses by investing in more cybersecurity measures and changing any affected credentials.
If an email has been compromised, for example, you can change your login data and have two factor authentication in place. If your credit card appears in a scan, you can cancel it immediately and inform the issuer.
Should I monitor the dark web as part of my cybersecurity protocol?
Dark web monitoring should be a component of a robust cybersecurity policy that heavily emphasizes preventative measures. The best way to stop your data from appearing online is to keep hackers and criminals at bay in the first place by employing the following strategies:
- Practice impeccable password hygiene by using strings of random letters, numbers and characters that are impossible to guess. You can use a password generator to create these. Never use the same, or even similar, passwords across multiple accounts.
- Staff training is crucial, as most ransomware or malware attacks occur via phishing scams or social engineering. Educating your staff on how to identify and avoid suspicious emails, text messages or even phone calls is the first line of defense against data theft.
- Update, update, update! Software and firmware receive regular updates from their developers that improve functionality but also address vulnerabilities and exploits that can provide hackers with a back door into your network. Drop any unsupported apps, and keep your hardware refreshed as well by replacing it with refurbished gear from a reputable dealer.
- Be sure to stay plugged in to current cybersecurity threats by checking out cybersecurity news blogs and websites. Safety is a moving target and criminals are always on the prowl.
Sources
- Why Businesses Should Care About Dark Web Monitoring 25 June 2021, GEP
- What Is Dark Web Monitoring and Do You Need It? By Alvin Wanjala, 13 June 2021, MUO
- Can dark web monitoring move you one step ahead of cybercriminals? By Charles Owen Jackson, Secure Features
- The Dark Web? Why Small Businesses Should Concern Themselves With the Threat by Jim Anderson, 20 Sep 2018, Entrepreneur
- What is the Deep Web and What Will You Find There? by Andy Patrizio, TechTarget
- Why Does My Business Need Dark Web Monitoring? INTIVIX