When we discuss the internet, the first website you’ll think of is Google.com. Famed for its ease of use, Google enables just about anyone to search for and pull up any information from any corner of the internet if you know what search terms to use. Or can you?
When accessing Google, or Bing, or whatever website of your choosing, you’re actually only scratching the surface of the internet, or what we would call the “World Wide Web.” Once you’re past searching through indexes of web pages, you can encounter the “Deep Web,” where a variety of databases holding a multitude of random information are stored. If you’ve interacted with job boards and discussion forums before, you’ve interacted with the Deep Web, probably without realizing it.
But there’s another deeper, dangerous layer beyond the Deep Web — one that can’t be accessed by the general public.
One that may be selling off your personal information to the highest bidder.
The Dark Web
The Dark Web exists on the dark net, occupying only 6% of the internet with extremely limited access. Only specially designed software and browsers can get in, and even then, the user is heavily vetted to ensure they’re not aligned with federal or state law enforcement.
All websites on the dark web are heavily obfuscated, so no URL is legible or easy to remember. This is intentional design because, despite how risky its current state is, the dark web had noble beginnings. It was originally created to be a haven for those living in authoritarian governments, a highly uncensored and totally anonymous environment to freely speak, communicate, and organize. The content posted in the dark web is heavily encrypted; Whatever information is posted there is not only impossible to completely remove, but it’s hard to track who posted it to begin with.
Although it’s still a conduit for the language of freedom, much of the dark web has become criminal in nature. Many dealers use the dark web as a platform to sell off highly illegal substances and content, while others bid off stolen personal data for a hefty price, one that far too many are willing to pay.
What happens when your data is on the dark web?
The short answer? Leaks and breaches. From there, it’s a domino effect.
On March 13th, innocent children registered as inpatients to the East Tennessee Children’s Hospital (ETCH) were caught in a breach — their full names, home addresses, and social security info stolen by criminals lurking on the dark web. Their parents now have to worry about the safety of their children’s futures every single day, all for a cyber event they had no control over.
With that stolen information, an anonymous criminal can shut the children out of basic American finance practices, like opening a bank account or maintaining a good credit score. They could potentially take out loans, create false IDs, or completely freeze the kids’ credit with the compromised information lost in the data leak. Identity theft — especially with the affected parties being so young — is a detrimental foot to start adulthood on.
In response, ETCH is offering 12 months of credit monitoring and identity theft protection, to include dark web scanning. However, the ramifications of losing your information at such an early age are still far too great.
How do I keep my data from being sold on the dark web?
It’s not easy to know if your data is being hosted on the dark web without additional help from a Managed Service Provider (MSP), but preventative measures can be taken to lessen the chances.
We recommend:
• Using multi-factor authentication on any available platform
• Using a physical key such as YubiKey/Titankey (Best for highly secure industries like banking and healthcare)
• Not using repeat passwords or short passwords (more on this in our other blog post: 4 Ways To Create (And Remember) Complex Passwords.
• Storing and randomizing passwords using a password manager.
At Centriworks, we’re currently offering a complimentary Dark Web scan using an open-source, fully anonymous software to help our clients identify any stolen data, like passwords. We’ll scan the Dark Web to see if we locate any of your information being sold to other cybercriminals. If we find a match, we’d recommend blacklisting them to a never-use list.
Contact us today to learn more about safeguarding your organization from the Dark Web.
We’re ready to help you work smarter and more securely.
For more information on cybersecurity, call Todd Sheppard at (865) 524-1124 or use this contact form.