Today’s headlines blare news
of major data breaches of large organizations seemingly every day. In fact, a recent
report by the international digital security firm Gemalto shows
during the first six months of 2018 more than $4.5 billion records were
compromised, an increase of 133% over the same period last year. And per the latest
study by IBM Security and the Ponemon Institute, the cost to
businesses for every breach of 1 million to 50 million records lost ranges from
$40 million to $350 million per incidence, with batches of information from the
Healthcare and Financial Services industries fetching the highest prices per
Who’s losing all these
records? While more than three quarters of compromised data came from breaches of social
media giants including Facebook and Twitter, small to mid-size
businesses (SMBs) should not rest easy. Our own research review indicates more
than half (55%) of SMBs surveyed reported experiencing some sort of
cyber-attack and/or data breach during the last 12 months.
Where is all this stolen data going? Mostly to the Dark
Web, which functions like a virtual black market for illegitimately captured
information. Various nefarious parties go there to buy or sell records for
typically malicious purposes. Google’s definition of the dark web is: a collection of websites that exist on an
encrypted network and cannot be found by using traditional search engines or
visited by using traditional browsers.
To cast some light on this
mysterious realm for our readers, we turned to a recent
post by Wanda Archy, a threat intelligence specialist with the
independent, nonprofit, cybersecurity association ISACA. Here’s a Dark Web
primer we skimmed from Archy’s work:
- Why do
cybercrooks use the Dark Web? Because it’s a “internet that
is inaccessible by conventional search engines and requires special anonymizing
software to access.”
- What kind
of sites reside on the Dark Web? The difference between the
Dark Web and the internet most of us frequent isn’t so much the type of sites –
e.g., you’ll find “…marketplaces, forums, search engines, paste sites, social
media sites, and chat rooms...” featured there – as their illicit missions.
sort of data is most popular on the Dark Web? Archy
gave four core classes of information:
Everything from names, addresses, Social Security Numbers (SSN), dates of
birth, and even an associated Starbucks account.
Credit and debit cards are sold across many forums and marketplaces; tax forms
also are popular.
Health records, which typically combine personal and financial data, are a
growing concern and vulnerability.
“Drugs are everywhere on the Dark Web – you can purchase virtually any
prohibited item imaginable,” Archy writes. Also, damaging information – e.g.,
“stolen information from the extramarital dating website Ashley Madison” – is
available. Plus, one can purchase an exploit or the services of a hacker to
carry out cyberattacks.
- How do
dark players use the Dark Web? Archy identified five main “threat
actors” in her column:
pursuing reconnaissance and espionage purposes.
using marketplaces for monetary benefit.
campaigning for social or political causes.
seeking to spread propaganda and recruitment messages.
motivated by a variety of factors, oftentimes leaking sensitive data as
reprisal against an employer or for financial gain.
Many of our IT Managed
Providers (MSPs) offer Dark Web monitoring and other threat
assessment services. Contact us today.