What Is Dark Web Monitoring?

by Wally Moore

on December 6, 2019

Dark Web Monitoring

What is the Dark Web?

It’s a place on the internet used to buy and sell drugs, weapons, and things everyday people can’t even imagine. This subterranean domain is sinister, untraceable, and if you look into it, you might even find your username and passwords to your private accounts for sale in this place! It’s true.

Most people are not aware of this place even existing.

In his article, The State of Cyber Security, Darren Guccione says that “You can buy credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. Buy login credentials to a $50,000 Bank of America account for $500. Get $3,000 in counterfeit $20 bills for $600. Buy seven prepaid debit cards, each with a $2,500 balance, for $500 (express shipping included). A “lifetime” Netflix premium account goes for $6. You can hire hackers to attack computers for you. You can buy usernames and passwords.”

When I read this article, I was shocked.

What is the Web?

It helps to think of the web in three layers.

1. The Surface Web – Everything that is open and available for anyone to search, anything that can be found from a Google search. Most of us search here and here alone.

2. The Deep Web – This is a portion of the web hidden from conventional search engines, and it contains unindexed websites. Here you can find personal information like payroll records or a corporation’s private data.

3. The Dark Web – Are websites intentionally hidden from search engines. Sites on the Dark Web are only accessed through special browsers that use masked IP Addresses to hide the true location of this illegal activity.

When did the Dark Web begin?

As the story goes, in 1969, two college students sent the first message over the internet. Connecting computers this way was a radical idea at this time, and it set in motion the progression of what would become the modern internet that we all know.

But ever since the inception of the internet, people have used it for illegal purposes, unintended consequences if you will. One of the first uses of this new technology was a drug deal in 1970 between two students at MIT and Stanford.

In the 1980s, people started to create data havens in small countries with relaxed laws for this type of criminal activity. These early beginnings are crude examples of the modern-day Dark Web. But they demonstrate how the Dark Web was used to hide criminal activity forty years ago.

This criminal activity has only increased.

Today, in 2019, the Dark Web is used by criminal hackers successfully attacking large and small businesses all around the world. These criminals are now after data that they can sell on the Dark Web.

But there is a problem with most small business (SMB) owners and managers.

These owners have the mistaken idea that their business is safe because they’re so small. In other words, because they’re small, no one will attack them. Nothing could be further from the truth.

Today, small businesses are the #1 target.

Most SMB’s do not think they are a target. Business owners think, “We’re too small to care about,” or they have a, “It won’t happen to me” attitude. The reason, “We’re just a small family-owned florist. Hackers don’t want my data, or my information, or my customer's information.” that is until something happens.

Convenience is creating chaos.

76% of people (including you and your customers) will use the same password, or a derivation of the same password for systems they log into – on and off the internet.

Your customers and your employees are logging into all sorts of websites. Some work-related. Some not work-related. They’re using their work email address.

But more frightening is they’re using the same password, or close to the same password.

So, if you think about it, they’re using the same password to log into their computer at work AND their bank account AND LinkedIn AND lots of other websites.

Criminals are hacking into these third-party websites too and stealing these names, email addresses, and passwords. These are also known as credentials, and they are bought and sold every day on the Dark Web.

Technological expertise will resolve this threat for you.

Here at DTS InfoTech, we have partnered with ID Agent, who provides a comprehensive set of threat intelligence and security training solutions to private and public-sector organizations and millions of individuals impacted by cyber incidents.

The company’s flagship product, Dark Web ID, delivers Dark Web intelligence to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to the client's most valuable asset – their digital identity.

When our customers see this activity LIVE (in their own office), it’s a real shock, and they want to take immediate action.

As an IT Services Provider, DTS InfoTech provides employee training – email phishing simulations - for our customers.

As employees become more aware of the danger going on around them, they become another line of defense for the business. Through regular online training at their desks, employees progress from being slaughtered sheep to becoming sheepdogs, protecting the business they work for because they are being trained in cybersecurity by experts.

The training is cost-effective, with no interruption to their normal duties. Employees do not leave their desks for training.

Relevant information for SMB’s.

When a small business owner reads about Target, or Facebook, or Chase bank getting hacked, the news is not relevant (they think) to their business because they’re so small. And that’s true they are a small business. They think, “Well, that wouldn’t happen to me. I’m not Facebook. I’m a small clothing store in town.”

However, being an SMB is the reason why you are a target for hackers.

Are we selling fear?

No! We are not writing articles like this to sell our IT Services based on fear.

We write about our services based upon the reality that most SMB’s are not aware of this threat. Selling is not our concern here. We’re not a sales force.

Our concern is for SMB owners who are not aware of this threat, to become aware and then take action and defend themselves.

When we show customers and prospective customers live screenshots of what is happening on the Dark Web, it’s ALWAYS a shock and an eye-opener. Why? Because SMB owners are honest, hardworking people thinking honest thoughts.

In other words, they are not criminals, so they don’t think in terms of how they can steal information to sell and make money. SMB make money the old-fashioned way; they earn it.

Hackers stealing from businesses is a reality. Hackers will sell your information.

Again, you must understand you are a target to hackers for the simple fact that you are a small business. You are NOT Facebook or Target. Those organizations spend millions of dollars every year on cybersecurity, and still, they get hacked.

What chance does an SMB have against these types of crooks? Not much if you don’t get some professional help.

The Dark Web is a sophisticated business.

When you think hackers, don’t think uneducated, low intelligence, downtrodden people.

The Dark Web has Job Postings, software reviews, etc. All the things that legitimate businesses do to be competitive in their industries, happen on the Dark Web too. Why? So, they can more effectively steal from you!

If you’re a hacker and you’re going to go after British Airways, it’s going to take you a long time to pull off an attack like that, but hackers can and do accomplish that. It will take money. Hackers have to hire a team to do all of the work. They have long drawn out plans to attack British Airways with different execution strategies they will use to be successful. Big targets take time and money.

But more and more cybercriminals are working solo.

They can attack an SMB in one or two days. So, they go after a bunch of small businesses. They take the path of least resistance because the credit card information is still credit card information.

Data is data and they can sell it on the Dark Web. That’s why more and more SMB’s, every year, are being attacked by professional hackers.

How do hackers do this?

A large part of their success is credential exposure.

Who knows how many employees there are worldwide? I’m just guessing here, but I think it’s safe to say there are millions and millions of employees around the world who daily have access to very sensitive information.

Of course, hackers know this. It’s one of the most common ways hackers get into organizations is by Phishing attacks. These types of attacks are how they get your user name and password, and once they have that, they have an entry into your company data. They steal your data, then sell your data.

Cybersecurity training is just one area IT Service Providers help SMB’s

IT Service Providers help to protect your company data. IT Services train your employees, so they don’t fall for a phishing attack. But even if an employee makes a mistake and your business suffers a ransomware attack, your IT Services company can restore your company data in minutes, so you don’t pay the ransom, and your business is not shut down.

Unfortunately, successfully defending your business is the reality an SMB owner must live with every day.

Employee behavior.

So, you can have firewalls in place. You can use strong passwords. You can have all the technology in the world. But if an employee makes a mistake, all your technology will not protect your business. You must do more than this because technology alone is never enough.

IT Services can show a business owner, in real-time, exactly what is going on over the internet regarding the exposure your business is risking. And an IT Services Provider can teach you and your employees about the real dangers of the Dark Web and how you can avoid becoming a statistic.

When you use their expertise and training, you can see how your employees are trained to protect your business. With this information, you can create policies and procedures to protect your business against criminal hackers.

What’s really at stake?

Losing company data means you can’t service your customers. Think about the Public Relations nightmare. A business reputation can take years to build and only a day or two to destroy when customers find out you can’t service them. They’ll be forced out and have to leave you.

Who is ID Agent?

ID Agent is an American company based in Bowie, Maryland.

  • 2,200 Partners in 25 countries
  • Former IT Service Providers on staff at ID Agent
  • ID Agent has 50 current employees
  • 24,615 domains monitored
  • 8,068,698 compromises under domains monitored

ID Agent core model

  • Monitoring the Dark Web for credential exposure
  • Monitoring for emails and passwords that have been compromised
  • IT Service providers use this technology to support their SMB customers
  • It provides SMB’s with additional technology and technology expertise that will protect your business

Get Dark Web Monitoring, Employee Training, and Disaster Recovery as a service with DTS InfoTech and ID Agent.

In addition to Dark Web Monitoring, DTS is very good at restoring data for businesses that have been the victim of an attack, or internal mistakes of losing data. Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes data backup and disaster recovery.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about Image-based backups and disaster recovery as a service give us a call, we’re always happy to chat, and the call is free, every time you call!

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work