You may have seen some headlines in the news recently regarding multiple data breaches of companies such as Leicestershire City Council, NHS Scotland, AT&T and boAT, resulting in millions of customers’ data being leaked on the Dark Web. But what exactly is the Dark Web, and how does it function in today’s interconnected world?
In this article we journey into the depths of this digital Wild West. Much like the lawless frontiers of the past, the Dark Web is a digital landscape where anonymity and illicit activities thrive beyond the reach of many authorities. We explore what the Dark Web is, its role in cyber crime, and recent reports on data leaks. In addition, we cover measures that organisations can take to prevent their most sensitive assets from ending up for sale on the Dark Web.
What is the Dark Web?
The Dark Web is a hidden part of the internet that operates outside the bounds of conventional search engines and requires specialised software, configurations, or authorisation for access.
While the Dark Web is home to many legitimate companies, it also contains message boards, online marketplaces for drugs, as well as stolen financial and private data. Transactions within this economy are often made with cryptocurrency and are completely anonymous.
The Dark Web is infamous for its role as a hub for illicit activities, providing anonymity to users engaged in cyber crime, data breaches, and other nefarious deeds. It facilitates a vast market for stolen data, compromised credentials, and hacked accounts. With corporate credit cards, criminals can cause financial damage and make unauthorised purchases. The risk is more than just financial damage from stolen credit cards, with employee details criminals can launch more sophisticated and targeted attacks. Phishing attacks are one of the most common attack methods employed by cyber criminals, and could be the entry point for further compromise to your organisation.
The Dark Web is not just stolen credentials, it also harbours platforms where individuals can hire hackers for various malicious purposes, from launching cyber attacks to conducting espionage. If you can imagine it, it’s probably out there on the Dark Web.
Recent reports from sources like CSO Online and the University of Surrey underscore the growing prevalence of cyber criminal activities on the Dark Web, posing significant threats to enterprises and individuals alike.
Dark Web Risks: Using AI to Boost Your Cyber Security
With the growing influence of Artificial Intelligence (AI) on various facets of our lives, its profound impact on cyber security is undeniable.
Discover how AI is revolutionising traditional cyber security measures and shaping the landscape of cyber security strategies and practices. Read the whitepaper or watch the panel discussion below >
Recent Breaches on the Dark Web
Recent data breaches have highlighted the growing market for stolen data and credentials on the Dark Web.
Leicester City Council
The BBC reported that a ransomware group called INC Ransom has claimed responsibility for a cyber attack that has left Leicester City Council with data leaked on the Dark Web. A large amount of personal information has already been uploaded, with 25 files confirmed to be released already, with downloads confirmed of at least 120 times. The report also indicates that one theory is that the stolen data will be sold to criminals making fake passports.
NHS Scotland
The INC Ransomware group is also claiming responsibility for another large data theft, with NHS Scotland announcing the theft and public release of sensitive data on the Dark Web. The attack exposed patient records and confidential information on the Dark Web as evidence of the successful breach, with the cyber crime group issuing a ransom demand, threatening to disclose the entirety of 3 terabytes worth of stolen data online, unless their demands were met. (Source: CPO Magazine)
boAt
Business Insider reported an incident that involved boAt, an Indian consumer electronics brand, where data of approximately 7.5 million customers was leaked on the Dark Web. According to a report by Forbes India, the leaked data included sensitive information such as names, email addresses, and phone numbers, raising concerns about potential identity theft and fraud.
AT&T
In another alarming incident reported by the BBC, personal data belonging to 73 million current or former AT&T customers has been leaked online. The data, including addresses, social security numbers, and passcodes, was published on the Dark Web, prompting concerns over potential misuse. AT&T has initiated an investigation into the breach, although they have not identified evidence of the data being stolen. As a precautionary measure, the company has reset customers’ passcodes and urged them to monitor their account activity and credit reports. The leaked data, which dates back to 2019 or earlier, encompasses information from 7.6 million current customers and 65.4 million former account holders. While financial information was not included in the leak, details such as full names, email addresses, and dates of birth were compromised.
How to Protect Your Data
If your data has made it on to the Dark Web, acting quickly to assess the risk and mitigate the potential damage is essential. But how do you know if your data is out there? Dark Web Monitoring allows you to monitor any instances of your organisation’s data on the dark web and receive proactive notifications if any information from your domain is found. The platform engine monitors hidden chat rooms, private websites, P2P networks, IRC channels and thousands of botnets.
Continually scanning Dark Web databases for your company’s domain-specific data means you can act quickly if your sensitive information is made available on the Dark Web. With intelligent algorithms, sifting through the vast amounts of information, accurately identifying any instances of your company’s data. When such a potential threat is detected, it provides real-time alerts, enabling you to take immediate action to protect your business.
Few organisations have the right tools, people, and processes in-house to manage their security program around-the-clock while proactively defending against new and emerging threats. As such, organisations should consider getting an assessment of their cyber security posture to identify weaknesses. Another consideration is implementing advanced technologies for threat detection or partnering with a Managed Security Services Provider (MSSP) for services such as Managed Detection and Response (MDR).
In Conclusion
The Dark Web remains a formidable challenge in today’s digital landscape, serving as a haven for cybercriminals to exploit vulnerabilities and trade stolen data. The recent data breaches reveal the sheer scale of data that is vulnerable to being exposed on this digital black market, and underlines the importance of implementing robust cyber security controls and strategies.
By pro-actively and regularly assessing their estate for vulnerabilities, implementing robust detection and response capabilities, continuously monitoring Dark Web channels for any exposed data or credentials, and fostering a culture of cyber awareness and vigilance, organisations can better protect themselves and their informational assets against the ever-present threats posed by the Dark Web.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance. Book your free 30-minute guided posture assessment with a CyberLab expert.