What is the The Dark Web consists of hidden internet sites that can only be accessed with the use of specific software and configurations and web browsers. Though the dark web can be used for legitimate and legal purposes, it’s more commonly used by cybercriminals for illegal activities, like selling someone’s personal credentials, or malware and viruses for hackers to purchase via cryptocurrency. The Dark Web is sought out from cybercriminals because all the activity is untraceable and remains anonymous.?
The cybercrime landscape is evolving fast. The “Nigerian” email scams are now old. Cybercriminals are smarter and organized – almost functioning like professionals. In fact, there’s a parallel universe where they all operate in a very corporate-like manner, called the Dark Web.
What can be the implications for your organization if you are on the Dark Web?
If your data is on the dark web, it puts your business and your clients at risk. As a business, you possess a lot of the Personally Identifiable Information (PII) of your clients, which, if leaked can even shut down your business by:
- Attracting lawsuits that require you to pay out large sums of money in the form of fines or settlements
- Causing serious damage to your brand and reputation
- Resulting in the loss of clients and new business
Safeguarding your data against the Dark Web
A proactive approach to safeguarding your data would include:
- Password Hygiene – Following good password hygiene is industry best practices. Be sure to establish clear password policies and rules regarding password sharing. For example, discourage the use of the same passwords for multiple accounts or use of passwords that are too simple or obvious such as a user’s name, birthdate, or numbers in sequence.
- Train your staff – Train your staff to identify spam, Phishing is a social engineering event where a cybercriminal attempts to receive personal information, like a credit card number or bank account information through email, phone or SMS text messaging by posing as a legitimate person or institution. Typically, this is the first step involved in identity theft or financial loss., and other Malware is short for “Malicious Software” and is typically coded and designed by cybercriminals for the intel to corrupt a machine, system or gain access to a network. Malware is most commonly created and sold on the Dark Web. traps. Use an So, what is a MSP anyways? A Managed Services Provider, or MSP, acts as an extension to your own team to offer on-demand IT support and carry the responsibility of all IT logistics, which could include: cybersecurity, infrastructure, licensing, software and hardware recommendations, purchasing and set up, etc. An MSP can also help keep you aligned on IT rules and regulations so that business owners can run their business without the worry of meeting regulatory requirements., like Accelerate to send mock phishing emails to your staff to help train and re-train those who don’t pass them. Provide updates when there’s a new threat in cyberspace that may affect you.
- This acronym stands for Bring Your Own Device, which refers to an employee bringing their personal smartphone, laptop or tablet in lieu of company-provided equipment. A BYOD policy can make employees happy, but it also presents many other issues that should be explicitly addressed by employers before it becomes adopted. The biggest issue that companies face revolves around how to secure their data on the device and protect it from misuse. However, bringing your own device is not just an Policies – If you allow your employees to bring their own devices to work, establish a clear BYOD framework that will help you manage the risks associated with this setup.
- Access Permissions and Roles – Establish different user roles for your staff and give them role-based data editing, copying or sharing permissions, so that each employee only has as much access to information as they really need.
Being exposed in the dark web can be exhausting, scary and threatening to a small or medium-sized business. Teaming up with an MSP, like Accelerate, that has proactive and reactive services, can help keep your organization safe. We can tell you within seconds if you or one of your employees are on the Dark Web.
For more information about the Dark Web and about overall security concerns and risks within today’s world, join us on our next webinar on September 1st from 2-2:45pm with our senior security consultant, Mike Heneghan. We’ll be conducting the webinar live and will leave 15 minutes at the end to go over any specific questions or concerns you may have. Use this link to register today!