Should The Dark Web Be On Your Security Radar?
If you’re subscribed to any credit monitoring service, you’ve likely received a notification that looks something like this:
“Your email has been found on the dark web.”
On the surface, these alerts can create confusion, curiosity, or sometimes even anxiety. What is the “dark web” and how did my email, username, or other information get exposed to it?
What is the dark web?
Wikipedia defines the dark web as:
The dark web is the World Wide Web content that exists on darknets, overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private commuter networks can communicate and conduct business anonymously without divulging identifying information, like location. The dark web forms a small part of the deep web, the part of the Web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.
The definition can sound pretty sinister. And dark web references usually invoke images of hackers deep in a basement, surrounded by code-filled computer monitors, concealed in darkness and hoodies. As an anonymity layer over the regular internet, the dark web definitely has a large nefarious component. Terrorists, fraudsters, predators, and hackers are all regular beneficiaries of the anonymous network. The dark web also has a brighter side causing social media sites such as Facebook to open up their platform to anonymous use through the dark web. Journalists, victims, and citizens of oppressive regimes can all utilize the dark web to circumvent persecution and censorship.
Should you care?
While the dark web may offer a safe place for the oppressed to communicate or access information, the vast majority of dark web traffic is likely unethical if not illegal. Combine the allure of hackers to this anonymized environment along with 2020’s record-setting pace of 7 million data records compromised daily and it becomes obvious why dark web scans are increasingly being added to corporate security plans. Data breaches can expose confidential information such as trade secrets, financial data, and account credentials leaving a business exposed. Unfortunately, when a breach happens, it often isn’t realized until the data is found for sale on the dark web. If regular dark web scans aren’t part of your current cybersecurity plan, you may literally be in the dark on what confidential information has already been exposed.
Dark web scans and MFA
Today dark web scanning services exist to help businesses identify corporate breaches as well as personal breaches related to employee data. A dark web scan will search the dark web for any email address or company domain and send a personalized dark web report to domain admins and users.
Regular dark web scans will help to determine when a breach has happened. But to better protect user account from leaked credentials, it is always recommended to implement multi-factor authentication (MFA) such as WatchGuard’s AuthPoint whenever possible. Contact us for a complimentary dark web scan to see how you may already be exposed.