Illuminating Mysteries of the Dark Web for SMBs


Dark WebToday’s headlines blare news of major data breaches of large organizations seemingly every day. In fact, a recent report by the international digital security firm Gemalto shows during the first six months of 2018 more than $4.5 billion records were compromised, an increase of 133% over the same period last year. And per the latest study by IBM Security and the Ponemon Institute, the cost to businesses for every breach of 1 million to 50 million records lost ranges from $40 million to $350 million per incidence, with batches of information from the Healthcare and Financial Services industries fetching the highest prices per record.

Who’s losing all these records? While more than three quarters of compromised data came from breaches of social media giants including Facebook and Twitter, small to mid-size businesses (SMBs) should not rest easy. Our own research review indicates more than half (55%) of SMBs surveyed reported experiencing some sort of cyber-attack and/or data breach during the last 12 months.

Where is all this stolen data going? Mostly to the Dark Web, which functions like a virtual black market for illegitimately captured information. Various nefarious parties go there to buy or sell records for typically malicious purposes. Google’s definition of the dark web is: a collection of websites that exist on an encrypted network and cannot be found by using traditional search engines or visited by using traditional browsers.

To cast some light on this mysterious realm for our readers, we turned to a recent post by Wanda Archy, a threat intelligence specialist with the independent, nonprofit, cybersecurity association ISACA. Here’s a Dark Web primer we skimmed from Archy’s work:

  • Why do cybercrooks use the Dark Web? Because it’s a “internet that is inaccessible by conventional search engines and requires special anonymizing software to access.”
  • What kind of sites reside on the Dark Web? The difference between the Dark Web and the internet most of us frequent isn’t so much the type of sites – e.g., you’ll find “…marketplaces, forums, search engines, paste sites, social media sites, and chat rooms...” featured there – as their illicit missions.
  • What sort of data is most popular on the Dark Web? Archy gave four core classes of information:
    • Personal: Everything from names, addresses, Social Security Numbers (SSN), dates of birth, and even an associated Starbucks account.
    • Financial: Credit and debit cards are sold across many forums and marketplaces; tax forms also are popular.
    • Health: Health records, which typically combine personal and financial data, are a growing concern and vulnerability.
    • Miscellaneous: “Drugs are everywhere on the Dark Web – you can purchase virtually any prohibited item imaginable,” Archy writes. Also, damaging information – e.g., “stolen information from the extramarital dating website Ashley Madison” – is available. Plus, one can purchase an exploit or the services of a hacker to carry out cyberattacks.
  • How do dark players use the Dark Web? Archy identified five main “threat actors” in her column:
    1. Nation-states pursuing reconnaissance and espionage purposes.
    2. Cybercriminals using marketplaces for monetary benefit.
    3. Hacktivists campaigning for social or political causes.
    4. Terrorists seeking to spread propaganda and recruitment messages.
    5. Insiders motivated by a variety of factors, oftentimes leaking sensitive data as reprisal against an employer or for financial gain.
Many of our IT Managed Services Providers (MSPs) offer Dark Web monitoring and other threat assessment services. Contact us today.