Let us start by saying that the Dark Web can be a dangerous place for the inexperienced user. Drugs, illegal software, murder for hire, hacked user accounts and other illicit services are just a few of the things found there. As a business owner, you should also be concerned about where your data is at and who has access to it. A number of identity theft protection services and standalone providers are now offering “Dark Web” monitoring.
The monitoring service typically offers you the following data points:
What account was compromised (usually an email address)
When did the compromise take place or when was it discovered
What password was exposed
What was the source of the data, such as ID Theft Forums or social media
The applicable website or breach point, which may not be disclosed
This is a reactive service, but it allows you as the business owner to be made aware of where accounts and credentials may be exposed. A website that commonly comes up showing compromised accounts is LinkedIn or many other well-known data breaches associated with a web service or social media. It is becoming more common that external account information is being exposed or is up for sell on the Dark Web, but we can combat that by regularly updating our account credentials and ensuring that we do not utilize the same passwords across multiple accounts, especially those that are used for business purposes. It is important to be diligent of what Dark Web Scan results mean and aware that some entities will use the results in a manner that construes there meaning in a way that can falsely represent your businesses security standing.
Another component of Dark Web scans that can give businesses a false sense of security is that you do not get any hits or information about your accounts. Dark Web monitoring does not detect an active breach or when a threat actor is on your network. It only notifies you after the fact, and if you were impacted, you now have to determine from where, if the breach site was not disclosed in the report.
Regardless of whether or not you have considered using Dark Web monitoring as a part of your businesses security model, keep in mind that it is only a tool. A hammer in the hands of an IT Professional does not make him a carpenter, and likewise, Dark Web Reports can often be misinterpreted or misrepresented by inexperienced professionals.
If you would like to learn how Dark Web Scans fit into your organization’s security posture, what your Dark Web Scans mean, or you are just getting started in your security journey, the experts at EDTS Cyber would be happy to help.