What’s Your Company Doing in the Dark Web?
Company leaders are familiar with a growing list of cyberthreats, from phishing to ransomware. Most are less familiar with another area of cyber-related risk, and even those who have heard about it may incorrectly assume it doesn’t pose a threat to their companies’ well-being. It’s known as the Dark Web.
Search engines like Google allow us to see and catalog information that’s in cyberspace. But there are a couple corners of cyberspace the search engines can’t reach. One, often referred to as the Deep Web, contains information that’s stored in private networks and similar spaces, such as medical and financial records, and is accessible only to people who have the right credentials.
The other, called the Dark Web, is also invisible to search engines. Many of the people and organizations who use it are doing things they don’t want anyone to know about, such as criminal activities. Dark web users such as terrorists, drug dealers, people trading in child pornography, and cybercriminals rely on complex networks that protect their privacy and mask their identity while they conduct activities. (Some people use the dark web for legitimate reasons, such as someone trying to avoid a stalker or keep their current life out of the eyes of a past bad relationship.)
Since your company isn’t involved in any of those activities, why should you care about the dark web? For one thing, it’s possible information about you and your employees is being shared or sold on the dark web — everything from contact information, to your company’s financial data, to access credentials such as passwords and usernames. It could be sitting out there right now, and you have no way of knowing it.
Not worried? Consider what happened to one company we worked with. The CFO’s email account was compromised, and one of the old emails stored in his account included scans of the signature cards for the company’s bank accounts. A cybercriminal used them to craft physical letters with the signatures and sent them to the bank, attempting wire fraud.
Being forewarned is forearmed. If you don’t know what information about your company lurks out there on the dark web, it’s impossible to address it. Once you do, you have to determine the implications of what’s out there and learn how you can keep similar situations from happening.
How do you determine whether you’re at risk? The first step is what’s known as dark web monitoring. There are software platforms and online services capable of peering into the dark web and identifying what’s out there. Regular dark web monitoring should be an ongoing element of your online hygiene. After all, a system that’s clean today could easily be compromised tomorrow.
Let’s say you discover the email address and password of one of your managers — we’ll call him George — is available for sale on the dark web. What’s your next step? Of course, you’ll change his email and password. But the longer his information has been available on the dark web, the greater the potential damage. So you need to think about your exposure.
For example, has anyone had access to George’s email? What kind of information was in George’s emails that an attacker might be able to use? Could an attacker use that information to launch a credible phishing attack, sending employees emails that duplicate George’s style and approach? You may need to revise company policies to prohibit actions that create potential exposures. If you discover that the information wound up on the dark web because an employee unwittingly shared access information after receiving a phishing email, you’ll want to step up your anti-phishing training. Faced with the example we mentioned earlier, you might want to declare that nobody in the company should scan anything containing a signature.
You may also want to sharpen your approach to protecting sensitive information through strategies such as multifactor authentication or endpoint security. One layer of protection is always good, but having multiple layers and strategies is much better. The better you understand the types of threats your company faces, the more effectively you can set up a program to combat them.
Many businesspeople don’t realize that threats like the dark web present a very real danger to the health of their companies. That underscores the importance of having a top-quality IT partner with access to the right resources.
If you’re wondering whether your business has an unwanted presence on the dark web, the first step is arranging for a dark web scan of your company’s IT system. Once you know what’s out there, you can discuss the steps and precautions you need to take to bring this threat into the light.
Doug Miller is CEO/CTO of Brightworks Group, a best in class Technology Success Provider (TSP) primarily serving Midwest-based companies in industries such as manufacturing, distribution, healthcare, financial services, and engineering.