What every business should know about the Dark Web
Did you know that the search engines we all use only look at a miniscule .04% of the ‘surface’ internet? The rest – the 99% plus that most of us never even see – is made up of various databases and private networks, as well as what is known as the Dark Web. But there is a problem lurking in the background that every business and its staff should be aware of, especially at the moment when so many people are working from home.
Criminals, hackers and fraudsters use the Dark Web anonymously to conduct their illegal activities. It’s impossible to know for sure but the Dark Web is already estimated to be around 550 times larger than the surface Web. Even more worrying: it’s growing.
Stolen data is big business on the Dark Web. Usernames and passwords are hugely valuable and, once they have been compromised, they are then bought and sold frequently.
81% of data hacks are down to weak or stolen passwords
Criminals use a range of approaches to lure unsuspecting employees into revealing information. Phishing attacks – where the target is conned into believing an email asking for data has come from a genuine and trusted source – are unfortunately on the rise. They are also becoming far more sophisticated and therefore harder to spot.
Every business is vulnerable. And contrary to popular opinion, the biggest risk to businesses from digital criminals is not them aggressively breaching security firewalls or breaking into secure systems – it’s your employees. Individuals at every level, from the most junior to your managing director or CEO, can inadvertently expose important and useful details – including passwords for business applications.
Consider this…
It’s a widespread problem that individuals use the same email and password combinations for multiple services. Lots of us are guilty of that because it’s impossible to remember otherwise. But think for the moment about all the various login destinations we use from accessing the business network or software applications to surfing social media platforms and trading with ecommerce sites. The more systems where the same (or even just similar) credentials are used, the more exposed the individual becomes to threats – and the more vulnerable your business becomes.
Taking a proactive approach to monitoring your users’ identities and password security lets you respond to threats quickly and minimise the impact of a wider, more serious breach.
Take assertive action
Training all staff – including the senior leadership team – on good password security and management makes sense; so too does pointing out the risks so they understand the sheer scale of the problem. It’s also necessary to remind people on an ongoing basis too, as it’s easy to get complacent and forget to refresh passwords regularly.
But there is more that businesses can do to protect themselves…
It’s now possible to engage a specialist service to keep a watchful eye on the Dark Web and scan for key names, email addresses or domains, telephone or card numbers or physical addresses that are important to your business. Why? Because the presence of these may indicate that a data breach has occurred. This obviously has to be done on an ongoing basis so that the business can respond quickly to update security details and ramp up system protocols before the problem takes hold and a criminal acts on it.
In these difficult times – every business needs to protect itself and its employees. For more information about the Dark Web watch this Access video overview. You can also review our FAQs here.
