As recent reviews have shown, upwards of 80% of hacking-related attacks involve compromised credentials. Threat actors can target individuals and companies through many different types of cyber attacks, but where does their information come from in the first place?
It’s easy to find lists of usernames and passwords, sometimes for free, but more often for sale online. In fact, according to research in 2020 by Digital Shadows, over 15 billion stolen account credentials are available on various criminal marketplaces, including the dark web.
In many casual conversations, the phrase ‘the dark web’ is used in reference to black market sales, political collusion, and a general sense of terror at the unknown realms of the digital world. But that version of the Dark Web’s reputation is too simple to reflect the reality. The Dark Web was originally set up with the intention to protect individual privacy rights, and even now there are aspects of it that are bright.
In this article, we investigate what the dark web really is, and subsequently, how you can prevent compromised credentials from being the downfall of your company.
When most people refer ambiguously to ‘the dark web’ what they mean is the Tor network. There are other networks (like Freenet and Riffle) that are also anonymous, but Tor is the most populated service. Interestingly, Tor has been around in some form since the mid-1990s, when developers funded by the US Naval Research Laboratory, as well as other departments, created The Onion Router.
Now better known by its acronym Tor, it was initially used by the US DoD to protect communications with national and international spies. But in 2004, after many changes, it was released under a free license, and immediately snapped up by other security-conscious organizations, including criminal organizations.
The guiding principle of the dark web is that it’s made anonymous by having layers of encryption. Onions are a helpful visual in this way, and it makes a bit more sense of Tor’s name. The infrastructure of encryption is essentially ‘layers of the onion’. Users’ online footprints are hidden. The source (an individual’s IP address), the destination, and the contents of the communication are protected, making it very difficult for anyone to trace any part of the connection.
The dark web is not searchable on standard browsers like Chrome or Safari. Instead, accessing it requires the Tor browser, which is encrypted so nothing on it has location data attached to it. The browser has myriad privacy features built into it, all of which support the aim of anonymized internet use.
This anonymity means that hackers can communicate not only about drugs or images, but also trade data and information. Popular purchases include lists of credentials—sometimes of an entire web host’s, sometimes a valuable individual, and in many forms. Hackers do this for financial gain but also for a political or social motive.
To be clear, not every aspect of the dark web is negative, and wanting privacy online isn’t a bad thing. The privacy that the dark web provides helps many people, from journalists to human rights activists, and from political whistleblowers to security specialists. The right to privacy, and the safe dissemination of information, are important parts of free speech.
But the reality is that a great deal of dark web traffic involves illegal or illicit activity. There are certainly urgent security matters to address. The theft and the re-selling of user credentials should not be underestimated. It can lead to identity theft, insurance fraud, account takeover, and interruption of business.
Personal information, especially from healthcare organizations, is a hotly-traded commodity on the dark web. The release of information can massively disrupt industries, costing a company millions and interfering with individual safety. So while the desire for privacy, the general concern over the state of digital security, and the number of data breaches all increase, more conversations are happening about the convoluted state of the dark web.
Most of these meaningful conversations agree that the dark web is a complex place, worthy of investigation. When it comes to illegal actions online, IT professionals do have a responsibility to address them. While law enforcement is more prepared to confront physical crime in most situations, cybersecurity experts can help you protect your company, employees, and self from harm caused by stolen personal information.
All companies need practical solutions to protect themselves from attack. One of the most efficient methods is to screen for compromised credentials on an ongoing basis. By comparing employee passwords against a blacklist, you can mitigate the effect of data breaches. Enzoic analysts use both automated and manual techniques to trawl the dark web for compromised credentials that have been stolen or sold. It is an ever-updating compilation with which to check your safety.