For most of us, the Dark Web is a mysterious world that we’ve all heard of but don’t understand. We know it’s a marketplace for illegal activities, and that it’s pretty scary, but as most of us don’t use it, wouldn’t even know how to access it, we don’t truly consider the implications it could have on our lives.
The reality is, while the Dark Web is a place where you can order drugs, or guns, and engage in a range of illegal and nefarious activities- one of its most enterprising commodities is one that impacts the vast majority: the buying and selling of personal and professional data and vast numbers of user login details frequently obtained through 3rd party data breaches. There are over 24 billion username and password combinations on the Dark Web- a number that has increased by 65% since 2020, which means it’s almost inevitable that every person reading this has probably had data leaked and shared in some way.
Personal data is highly valuable, no matter who you are. When criminals have access to it, there is almost no end to what they can do with it. From making purchases with your payment details to using your National Insurance number to apply for benefits, these criminals will take every opportunity to exploit whatever angle they can with the informational that they have. And it doesn’t stop there, the data possessed by criminals can be used to orchestrate corporate cyber breaches, which in the simplest terms possible means: your login credentials could be used in an attack against your place of employment.
When breached credentials are used to access a corporate system, the cybercriminals are privy to all kind of sensitive information like client and personal data, and even financials. They can access email communications, which makes it easy to attempt things like invoice fraud, or masquerade as a senior level employee or client in order to instruct or authorise payment transfers.
Data breaches have a rippling effect too as it's not just the organisation that's getting compromised that's suffering; the data that's being lost is constantly being weaponized against other future targets, so every time information is stolen, the problem gets bigger for all of us.
How can businesses protect themselves from being vulnerable to attack?
There are many preventative steps that you can take to protect your systems from cyber attacks:
Consider how to stay aware and on top of breached credentials. Data beaches happen on a nearly daily basis so having constant visibility of stolen credentials available on the dark web is really helpful in reducing your security risks.
SWCRC has secured a free offer for members using Our Trillion™, a breached account mining platform that continuously tracks, correlates and analyses billions of stolen usernames and passwords, hunting for digital identities that could belong to your employees and alerts you if it discovers email accounts that might affect your organisation. As a part ofyour SWCRC membership you can sign up to receive the results of the credentials scan as a report for free so you can better understand the threats to your organisation.
Click to Open Code Editor