The Dark Web is a hidden universe contained with the ‘Deep Web’ which is the portion of the internet that is hidden from conventional search engines, Government surveillance and regulatory oversight. The ‘Deep Web’ is estimated to be at least 550 times larger than the traditional internet, and it is growing every day.
What is driving this growth? A key feature of the Dark Web is the ability to operate anonymously – which is invaluable to citizens who are unduly subject to Government internet censorship and control. There is however a dark side – the levels of anonymity afforded to users has led to a wealth of illegal and illicit activity; drugs, weapons, corporate espionage and the trafficking of stolen personal information and company passwords (acquired through hacking and data breaches).
Once exposed, this information can be traded and change hands time and time again, especially if the information is deemed valuable. This information may facilitate identity theft, financial fraud or access to company IT infrastructure. Perhaps more alarmingly is there are review sites and forums on the Dark Web where identity thieves can review a vendor to determine if they are ‘good to do business with’
Of the Isle of Man based businesses our systems indicated:
- Finance and Accounting: 50% had over 50 employee credentials for sale and 20% had over 400.
- Technology: 50% were found to have over 80 and 30% had over 100 employee credentials up for grabs on the Dark Web.
- Manufacturing: 75% had over 100, and 50% revealed over 1500 employee credentials available to buy
Globally, cyber-crime is expected to cost the world $6 trillion per year by 2021. Damaging attacks such as NotPetya in Ukraine, which is estimated to have cost companies $1.2 billion, underscores the fact that cybercrime is a serious concern for every industry world-wide.
Alarmingly, cyber-crime is closer to home than you might think, the Isle of Man is no different.
Manx Technology Group (MTG) use several tools that monitor millions of data points on the Dark Web; automatically searching through forums, online databases, peer-to-peer networks and other sources – to uncover valuable information about breaches or other high-risk activity.
While these resources are all publicly accessible on the Dark Web, they are rarely accessed by the average Internet user or business.
Data breaches are commonplace, not a week goes by when an online retailer, web service or social network experiences a data breach.
The Isle of Man?
To assess the Isle of Man’s security posture, MTG utilised several tools to assess the Isle of Man’s prominence on the Dark Web. When considering the results, the systems indicated that fifty of the largest companies on the Island all had credentials, personal information and passwords available on the Dark Web. MTG estimate there is over 50,000 data points on the Dark Web that could be attributable to Isle of Man internet users or companies.
This trend is not unique to the Isle of Man. If you were to survey the UK or Ireland – the results would be similar – which is perhaps more alarming!
Does this mean we have been hacked?
Not necessarily, although despite data breaches of third-party services and personal use being a key contributor to credentials being shared on the dark web, it cannot rule out the chance of an organisational breach, or hacking incident. Typically, the existence of data on the Dark Web can mean an employee has used their work email to register on a third-party website such as LinkedIn or online delivery service. That website may have been subsequently breached, and the logins and passwords of that website are now compromised. Examples of recent breaches include LinkedIn, Dropbox and Adobe. The increased risk here is that employees often recycle passwords throughout their work and personal networks. Staff may use the same password to login to the workplace, as they do when logging into Amazon or Netflix.
At this point, I feel it’s important to reiterate that the presence of compromised employee credentials for sale on the Dark Web, may not mean that an organisation has been breached. It still should be treated with caution, particularly when viewed against the backdrop of your organisation’s security controls.
Dark Web Monitoring is a tool commonly used by the enterprise to manage its cyber-risk. There are several products and tools that can be used to search for compromised credentials on the Dark Web. Organisations such as Experian provide services to protect against Identity Theft whilst other services (such as those provided by MTG) can monitor your company’s footprint on the Dark Web.
Unfortunately, there are opportunists. Scans that leverage as blackmail and extortion are used designed to scare users, given the existence of their password, to hand over money. There is a growing trend in organisations who use these tools to make unsolicited approaches, using scaremongering and misrepresentation as a sales tactic – without providing context or the severity of risk.
Safeguard your business
There are a number of ways in which organisations and employees can work together to prevent a cyber attack and reduce cyber risk.
Educate your employees on the importance of having complex, strong passwords that are harder to crack. Regularly change passwords and use password management tools to ease the burden of managing several, complex passwords. Interactive cybersecurity training is a great value and highly effective way to educate your workforce and dramatically increase your cyber resilience.
Two-factor authentication (2FA) strengthens access security by requiring two methods to verify a user’s identity. 2FA is now commonplace on most social networks and even gaming platforms! A user will log in using their username and password, followed by a confirmation code that is sent to their mobile phone or mobile app. The use of 2FA is an absolute no-brainer in any modern organisation, particularly when it is so inexpensive.
Organisations should then consider a layered approach to security.
Antivirus, endpoint protection, firewalls and user activity monitoring are invaluable tools that can be used to safeguard your organisation. Collectively, these controls help protect your organisation from the internet and internal threats.
Data loss can be prevented by backing up your data securely to an off-site location, ideally segregated from your production data.
Next Generation Firewalls (NGFW) go beyond traditional network security; blocking malware and viruses, intelligently identifying and protecting against attacks and providing a real insight into your network’s activity.
Finally – consider a service that can continually monitor the Dark Web for compromised credentials and sensitive data, triggering alerts when problems arise. For many organisations and individuals, this early warning tool is invaluable to help protect valuable IP and customer data.
Free Dark Web Checks
Understandably, cybersecurity is a cause for concern for businesses of all sizes. MTG is offering free Dark Web checks to businesses, with a full explanation of the results and free advice as to how a business can enhance their security or mitigate any perceived risk. E-mail firstname.lastname@example.org to learn more. For Isle of Man businesses, our checks are included in our Isle of Man Technical Support services.