Enlightening Solutions for the Dark Web
by Keith Barthold
Here’s the bad news:
▪ 80% of hacking-related breaches leverage either stolen passwords and/or weak, guessable passwords.
▪ 85% of businesses with less than 1000 employees have been hacked, and most don’t even know it.
▪ 97% of breaches could have been prevented with available technology.
Here’s the current state of the industry:
The dark web isn’t just an intriguing conversation topic or fictional antagonist in a Bond movie. It’s a potential threat that’s becoming all too real in the cybersecurity-sensitive world we live in today. Essentially a collection of websites accessible through a special web browser where complete anonymity can be maintained, the dark web has created an increasingly vast environment for nefarious activity, including an illegal trade marketplace for compromised data and credentials, particularly passwords.
One of primary objectives of those perpetrators manipulating the dark web is to compromise user credentials. Compromised credentials found on the dark web typically are not the actual passwords used by you or your company. However, because 76 percent of people use the same passwords across multiple website accounts (social media, shopping, travel, memberships, banking, etc…), statistically, it’s likely that a password found on the dark web associated with a company email address is also in use for the company. This creates a severe vulnerability since passwords are often the primary security control to protect access to email, data, and systems.
Here’s the good news:
But just because there’s a lot of mystery around the dark web and the potential to compromise data and systems is growing, there are plenty of things you can do to fight back and keep your cybersecurity defenses at the level you need them.
One of the procedures you can perform is a dark web “scan.” We use an advanced toolset, previously only available to the FBI and CIA to scour millions of dark web sources known for trafficking compromised credentials. Often the actual passwords can be captured and other times an encoded password or an encrypted hash (which looks like a series of random characters) is captured because the password is for sale and is only provided through an anonymous purchase with cryptocurrency.
The best way to keep your data safe and secure is to adopt a comprehensive information security strategy. This is going to take a corporate commitment – the right mindset and the right tools – to keep up to date and on top of potential threats.
Here are several integral parts of your strategy:
▪ Security awareness training
▪ Enforced password policies (periodic reset and no reuse)
▪ Multi-factor authentication
▪ Password management tools
▪ Dark web scanning and monitoring
The best way to expose the potentially disastrous aspects of the darkness is to shed light on them and create a workable plan on how to overcome them. When it comes to the dark web, taking cybersecurity seriously and embracing an effective data security strategy are great first steps in making sure you do all you can to not get left in the dark.
DKBinnovative is currently offering a free dark web scan for all those interested in seeing how vulnerable you are to this growing threat. Sign up here and become more cyber sensitive, secure, and safe.