What you need to know about dark web monitoring

What you need to know about dark web monitoring

In today's world, there are new cybersecurity minimums that every business should have. However, with Athens Micro as your IT partner, you don’t have to settle for minimums, thanks to our Cybersecurity Protection Package.
Our Package includes dark web monitoring, which you’ll learn more of in this post. Other items include Next Gen Antivirus, Security Training, Web Filtering, Email Security Filtering and Password Management.

The dark web — the part of the world wide web that’s only accessible via the use of specific software, system configurations, or authorization — was developed with digital rights in mind. That is, its creators wanted a virtual space where they could maintain their anonymity and security, avoid being watched or recorded, and speak freely without fear of censorship.

As with any tool, it can be used for legal or illicit purposes:

  1. Activists, journalists, and whistleblowers use the dark web to securely and anonymously share information.
  2. Buyers and sellers of restricted and illegal goods, such as weapons, drugs, and human organs, use it to facilitate transactions.
  3. Cybercriminals sell stolen access credentials and personally identifiable information (PII) for hackers and identity thieves to buy.

The third item is what we’ll focus on in this post. How would you know that your access credentials are already for sale on the dark web and that you need to change them ASAP? This is what dark web monitoring is for.

What is dark web monitoring?

Dark web monitoring is a service offered by cybersecurity providers. They scour places in the dark web that’s known to be marketplaces for access credentials and PII to check if their clients’ information is there. If the providers do find such information on the dark web, they notify their clients and recommend appropriate cyberthreat mitigation strategies. For instance, if staff members’ usernames and passwords are found, then the cybersecurity team will advise those personnel to change the compromised access credentials.

Wait, doesn’t this mean having to provide sensitive information to cybersecurity providers?

In a word, yes. Otherwise, the providers wouldn’t know what to look for. The typical information they ask of clients include:

  • Email addresses
  • Phone numbers
  • Credit card numbers
  • Insurance ID numbers
  • Driver’s license numbers

How do cybercriminals get hold of my information in the first place?

There are many ways in which cybercriminals steal information. Some of the more popular ones involve stealing directly from their victims:

  • Phishing – Cybercriminals send deceptive emails or text messages that trick recipients into going to fake login pages designed to steal access credentials.
  • Keyloggers – Hackers infect machines with malware that record keystrokes, including those made when logging into accounts.
  • Man-in-the-middle attacks – Hackers intercept network connections and steal the data being transmitted.

However, cybercriminals have a much more efficient way of stealing data: by hacking large corporations that store vast quantities of customer information. For instance, telecommunications giant T-Mobile recently suffered a data breach that involved the information of approximately 40 million past and present subscribers.

According to T-Mobile, the cybercriminal was able to exfiltrate the following information:

  • Names
  • Driver’s license numbers
  • Dates of birth
  • T-Mobile prepaid PINs (which T-Mobile reset to protect their customers)
  • Phone numbers
  • Government identification numbers and Social Security numbers (which T-Mobile gathered to determine eligibility of applicants to avail their service)

T-Mobile shared that they saw no indication that account numbers, passwords, or payment information were among the information stolen during the breach. Nevertheless, this goes to show that even when individuals are careful with their information, the parties with whom they entrust their information may still suffer a leakage.

Does this mean entrusting my information to cybersecurity providers isn't such a good idea?

This is a matter of risk management. Of course, there’s the probability that your information isn’t in the dark web in the first place and that you’d be opening yourself up to risk by providing sensitive information when you avail dark web monitoring services. However, consider what you may lose if your access credentials and PII were indeed compromised, but you were not aware of it and therefore did not know that you had to act upon it. Then, compare it to the risk of the cybersecurity providers themselves falling victim to a data breach. Not only is the second scenario less likely (than, let us say, T-Mobile getting breached), but even if it did happen, cybersecurity providers would be likely to discover the breach sooner. They’d plug their data leaks and, if you’re affected, they’ll notify you so that you could respond immediately.

In short, using dark web monitoring services is a calculated risk that grants you situational awareness. And being aware of whether your data has been stolen or not is much better than not being aware at all.

To learn more about dark web monitoring and other cutting-edge cybersecurity solutions, talk to our IT specialists at Athens Micro. Leave us a message or call us toll-free at 1-866-262-4461.

Like This Article?

Sign up below and once a month we'll send you a roundup of our most popular posts

It’s time to take downtime seriously. Discover why an MSP is your best ally against this threat. Download our free eBook today to learn more!Download here