Defence against the Dark Web

Blog post

Chris Barr, Technical Director at CT takes a look at dark web scanning and how to protect your business.

With the surge of home workers connecting to a remote system via the internet, cyber-attacks are becoming even more of a problem for all businesses.  As a result, here at CT we have noticed a marked increase in the number of customers requesting a ‘dark web’ scan.  Whilst some people may already know what the ‘dark web’ is, we wanted to make sure all organisations understand the security risks posed by the dark web, why the scans are important and how simple steps can be taken to prevent business data reaching the dark web in the first place.

The dark web is a ‘hidden version’ of the web you already know and use, which requires its own browser (and typically a VPN) to access. It contains a range of websites that have forums, communications tools, online stores and more, similar to how the surface net does. The dark web websites usually end in .onion.  To access them, you need to download a special browser called Tor and use its associated search engine, DuckDuckGo.

However the creators and users of these sites want to remain anonymous. There are of course legitimate uses for the dark web, but its anonymity also makes it a haven for criminal activity. 

The sites that most often concern businesses are those that sell stolen data, such as passwords, credit card information, social security numbers and other sensitive information. Most of the data that gets lost or stolen in data breaches ends up on dark web marketplaces where criminals can purchase it. Criminals may use this information to make fraudulent purchases, access your accounts and potentially get into your network to steal more data and cause further damage. It’s crucial that businesses, employees and consumers take steps to protect their data from ending up on the dark web.

There have been some major security breaches in recent times including LinkedIn who fell victim to leaking user data in 2012 and 2016.  In 2012 the company announced that 6.5 million passwords were stolen by attackers and posted onto a Russian hacker forum on the dark web. However, it wasn’t until 2016 that the full extent of the incident was revealed. The same hacker selling MySpace’s data (another major breach) was found to be offering the email addresses and passwords of around 165 million LinkedIn users for just 5 bitcoins (around $2,000 at the time). 

What you need to know

Dark web scans can help see if your data is for sale. These scans check the marketplaces that the company conducting the scan is aware of, but they can’t scan the entire dark web because of its scale and the fact that there may be private exchanges between parties on the dark web that they can’t access.  BUT, the sooner you find out that your information is on the dark web, the faster you can act to protect your assets and prevent any further security breaches.

How Can You Prevent Your Information From Ending up on the Dark Web?

1. Create a Cybersecurity Plan

Preventing a data breach starts with planning. Create a plan for assessing your cybersecurity posture, monitoring for threats and recovering should an incident occur. As part of your planning, determine which data you need to protect the most and consider which regulations you need to comply with.

2. Provide Cybersecurity Training

A significant amount of data breaches are caused by human error, so it’s critical to train your employees on cybersecurity best practices. Offer training on how to recognise phishing scams, how to effectively use passwords and how to handle sensitive data properly. Provide this training to all employees who could potentially accidentally reveal data.

3. Follow Password Best Practices

Always use best practises for passwords and be certain employees do as well. Ensure passwords are at least eight characters long and contain letters, numbers and symbols. You can also use a password manager to help you create and remember complex passwords. Consider using multi-factor authentication, which requires employees to identify themselves in more than one way before granting them access to an account or device.

4. Dispose of Unneeded Sensitive Data

Whenever you’re done with a dataset or with a device or document that contains sensitive data, be sure to dispose of it properly. Shred documents before recycling them and completely delete all data from electronic devices before getting rid of them.

5. Close Unused Accounts

If you have accounts that you’re not using and don’t plan to use in the future, close them to eliminate any risk they may carry. This includes accounts with third-party apps or services as well as user profiles on your computers and networks. If an employee leaves your company, get rid of their account to prevent them, as well as hackers, from using it.

6. Install a Firewall

A firewall monitors and controls the traffic coming into and out of your network. Installing one helps keep outsiders from accessing your network and can protect you from hackers who could steal your information and eventually put it up on the dark web.

7. Encrypt Your Data

Encrypting your data transforms it into a code so that even if a bad actor accesses the data, they won’t be able to read it. Encrypt all sensitive data and install encryption tools on all of your devices.

8. Conduct Penetration Testing

Penetration testing involves checking your network for security weaknesses so you can identify them before hackers can. Regularly conducting penetrating testing helps you to improve your security posture continually and prevents potential future attacks.

9. Monitor for Threats

Set up a system for constantly monitoring for threats using anti-virus software, anti-spyware and other monitoring tools. Continually checking for issues helps you to address them quickly, minimising damage and protecting your data.

10. Keep Everything Updated

Be sure to keep all of your software, especially your security software, updated. Software updates often contain bug fixes and security updates, so install any updates as soon as you can.

It’s crucial that you keep your own systems as secure as possible, but you also need to ensure that any third parties you work with also have proper security protocols and technologies in place, especially if these vendors have access to data about your company, employees or customers. Look for security credentials and information about companies’ data security practices.

Here at CT, we offer a range of cyber security solutions.  We can also provide dark web monitoring.  To find out more, please contact our Sales Team at CT on 01246 266 130.