Most people aren’t aware of the difference between the surface web, deep web and dark web. In fact, most people aren’t even aware that the dark web in particular even exists. And yet, it’s below the surface that many of the biggest threats to personal and organisational data originate. This is why having a corporate digital risk protection strategy in place that counters threats which aren’t visible on the surface is so important.
Deep web threats: Legitimate beginnings
The deep web consists of websites and information that are often legitimate, or at least start out that way. These resources could include corporate intranets, educational networks or any number of different membership sites that require a login or other form of authentication. Unfortunately, it’s all too easy for criminals and hackers with malicious intent to hijack users from within these sites and redirect them to, for example, phishing websites or online stores selling counterfeit goods that also reside in the deep web. In this scenario, users are more likely to be taken in by a scam, because their starting point was within what they assumed was a safe online environment.
Murkier still: Threats from the dark web
If you can’t identify a website’s IP address, or the addresses of the people that visit it, everyone involved becomes essentially anonymous. Welcome to the unlit recesses of the dark web, a place which although useful for those trying to understand criminal activity, is even more valuable for those perpetrating it. Accessing the dark web requires the use of a browser or web tool that enables anonymous web access and communication. Content that can typically found in the dark web includes:
- Shops for counterfeit or stolen goods
- Marketplaces for buying people’s personal information
- Hacking tutorials
- Hackers for hire
- Chatrooms for networks of criminals planning a coordinated online or real-world attack.
The value of deep and dark web visibility
According to a 2018 report from the Ponemon Institute1, the average cost of a data breach is $3.86 million, with the likelihood of another breach occurring within two years running at almost 28%. The most serious breaches have operational and reputational impacts that go far beyond that. For example, when Danish logistics company Maersk was breached by the Nonpetya ransomware attack in 2017, it was not able to use its IT systems for 10 days, and had to reinstall 4,000 servers, 45,000 PCs and 2,500 applications in that time. The total cost of the attack was estimated at $300 million. Of course, a successful attack on this scale would be more than sufficient to put smaller companies out of business for good. That’s why the ability to identify and block potential threats wherever they originate can literally be priceless.
Giving cybercriminals nowhere to hide
It’s not difficult to see how threats from the deep or dark web can cause major headaches for corporate IT teams. But even with knowledge about where deep and dark web threats might come from and how to look for them, identifying them manually is simply not practical or cost-effective. That’s why an increasing number of organisations are turning to automated digital risk protection solutions to help them deal with these hard to spot risks.
The centrepiece of such solutions is a monitoring and alert capability, based on the scraping and searching of online marketplaces and websites that can be used for anonymous posting, among other tactics. Examples of threats that can be identified in this way include open but anonymised postings of:
- Bank account and credit card details for sale
- Requests for attacks against a specific company or high-profile executive
- Suspicious forum conversations
- Database dumps
Ideally, the implementation of a digital risk protection solution should be supported by a structured education and awareness program for employees. This can help limit the likelihood of inadvertent actions that may help criminals carry out attacks. These actions can include the publishing of sensitive personal or business data on potentially vulnerable corporate intranet pages, for example.
Cybersprint is expert in helping organisations identify and eliminate digital risks to their data, operational continuity and revenue, wherever they originate online. If you’d like to see what we can do, the first step is a free Quickscan of your company’s digital footprint.
1 2018 Cost of a Data Breach Study, Ponemon Institute & IBM