What is the Dark Web, and What Does it Mean to Me?

What is the Dark Web, and What Does it Mean to Me?

The dark web. The underbelly of the internet. A hotbed for crime and other less savory activities. Whatever you want to call it, the most important aspect is that you’re aware. Equifax, Facebook, Under Armour, Panera, Saks Fifth Ave have all had recent breaches to their databases. If you have ever submitted information or shopped at one of these businesses, your information may be on the “Dark Web”. So how can you be sure and then protect your personal information? If your answer to that question is, “I don’t know.” You need to read on.

Criminal Appeal

The dark web has experienced increased popularity since its inception for a reason...crime. Its existence allows users to remain completely anonymous and conduct criminal activity under a veil of secrecy. The traditional internet is indexed by search engines, meaning that any search results or sites that you visit are logged and ultimately traceable. This traceability extends all the way to the location that you were at when conducting a search or visiting a site.

It shouldn’t be surprising that this transparency is then leveraged by authorities to assist with the identification of suspects or criminals (especially in TV shows). The dark web however shields its users from this identification process by leveraging a special browser known as Tor. Tor routes page requests through proxy servers. These servers are operated by thousands of international volunteers. The result is such that your searches and web traffic take what’s known as “hops”, leading to an unidentifiable and untraceable IP address.

Introduction of The Blockchain

By combining this completely autonomous internet with blockchain technology, you get the perfect environment to buy and/or sell illegal items. For those that are unfamiliar with blockchain technology, you may have heard about bitcoin or other cryptocurrencies. Blockchain is the technology that allows cryptocurrency to exist. It is an un-editable digital ledger that I will explore in a future article. For now, it simply helps to understand that this technology is the foundation for cryptocurrency.

Ultimately, the hottest commodities for sale are identities, or personal information on corporations or individuals. Credit card numbers, social security cards, bank account information, passwords, and company data can all be available for a variety of prices on the dark web. These various forums or malicious dark websites utilize cryptocurrency to help facilitate the anonymous buying and selling of these commodities.

Why You Should Care

I realize that you may not have any use for the dark web, but unfortunately its existence can still have an impact on you or your business. If your information is hacked, or a leak occurs, your information can very well end up somewhere on the dark web.

These are extremely startling statistics, especially given the amount of our personal data that is stored on the internet. The good news is that there are now tools available that can scan the dark web for your information. A good majority of these tools have the ability to scan forums or dark sites and generate a list of what was found. Additionally, these tools can sometimes even provide some illuminating information on how your data became available. As an example, if I conducted a search with one of these tools, it could inform me that my email address and associated password were made available in a public hacker forum back in 2016, and that this occurred as a result of a LinkedIn breach.

Of course, I changed my password a hundred times since then, so why should I even care? It is important to remember that these attacks are sophisticated, intelligent, and carried out by actual people. This means that if the password you used contained a key word that you use often, then you might still be at risk. So simply changing your password by a digit or two just won’t cut it.

How your information became available to the dark web is very valuable information to have. If it was a LinkedIn breach, then maybe that’s no big deal. However, if that information was made available due to a phishing attack, or keylogger on your machine, then that is a very different situation and potentially, much more dangerous.

So, My Info is on the Dark Web. What Happens Now?

  1. Check your account for fraudulent activity. Unfortunately, a staggering 84% of Americans only check their accounts only once a week. This inactivity is what hackers count on.
  2. Enroll in credit monitoring through services like LifeLock, Credit Karma, and MyFico. Discover also offers free credit monitoring if you have one of their credit cards.
  3. If you are especially worried about credit card theft, a credit freeze may be an option. This will prevent any new credit from being issued without your direct permission, first.
  4. Lastly, the ever-dreaded password change! As much of a pain as this is, regular password change can have a massive impact on potential identity theft.

In today’s security climate it is critical to protect your organization in whatever ways possible. Scanning the dark web for potential vulnerabilities is a process and tool that I strongly recommend adding to your arsenal.

If you would like to learn more about dark web scanning, or how Aqueity can help your organization with this process, contact us at 630-769-8700 or complete our online contact form for access to a complimentary dark web scan. Once the form is filled out, one of our representatives will be in touch with you shortly.