Dark Web Criminals

Dark Web Criminals are Profiting from Your Data: Why Credentials are a Commodity and How to Keep Your Data from Being Traded and Sold.

For most of us, the Dark Web is a mysterious world that we’ve all heard of but don’t understand. We know it’s a marketplace for illegal activities, and that it’s pretty scary, but as most of us don’t use it, wouldn’t even know how to access it, we don’t truly consider the implications it could have on our lives.

Blog supplied by our Trusted Partner Crossword Cyber Security

The reality is, while the Dark Web is a place where you can order drugs, or guns, and engage in a range of illegal and nefarious activities- one of its most enterprising commodities is one that impacts the vast majority: the buying and selling of personal and professional data and vast numbers of user login details frequently obtained through 3rd party data breaches. There are over 24 billion username and password combinations on the Dark Web- a number that has increased by 65% since 2020, which means it’s almost inevitable that every person reading this has probably had data leaked and shared in some way.

Personal data is highly valuable, no matter who you are. When criminals have access to it, there is almost no end to what they can do with it. From making purchases with your payment details to using your National Insurance number to apply for benefits, these criminals will take every opportunity to exploit whatever angle they can with the informational that they have. And it doesn’t stop there, the data possessed by criminals can be used to orchestrate corporate cyber breaches, which in the simplest terms possible means: your login credentials could be used in an attack against your place of employment.

When breached credentials are used to access a corporate system, the cybercriminals are privy to all kind of sensitive information like client and personal data, and even financials. They can access email communications, which makes it easy to attempt things like invoice fraud, or masquerade as a senior level employee or client in order to instruct or authorise payment transfers.

Data breaches have a rippling effect too as it's not just the organisation that's getting compromised that's suffering; the data that's being lost is constantly being weaponized against other future targets, so every time information is stolen, the problem gets bigger for all of us.

How can businesses protect themselves from being vulnerable to attack?

There are many preventative steps that you can take to protect your systems from cyber attacks:

1. To avoid invoice fraud, have a process that prevents payments to new or updated payee account details without rigorous checks and balances, even if the request is from someone well known, such as a senior manager or trusted supplier. Never rely on an email being genuine; it could be someone manipulating the system from outside of the organisation.
2. Keep all your IT patched and up to date. Malware takes advantage of software flaws that are fixed by vendors, but if you don’t patch your software, flaws remain exposed. If you work in retail – don’t forget your Point of Sales systems which are frequently neglected.
3. Implement two-factor authentication on systems like email whenever possible.
4. If you have public-facing web applications, have them independently checked for security vulnerabilities.
5. Have a recovery plan. Know that you can restore your files and systems if you get hit by ransomware. It’s here for the long haul so be prepared.
6. If the worst does happen - don’t forget to communicate. Nobody wants to be attacked, but that’s what it is – an attack. Organisations who quickly and transparently communicate an attack are often applauded by industry. Organisations who bury the news rarely enjoy the same admiration when the news eventually comes out. There are lots of specialists available who can help you handle your incident if you need them.

Consider how to stay aware and on top of breached credentials. Data beaches happen on a nearly daily basis so having constant visibility of stolen credentials available on the dark web is really helpful in reducing your security risks.

SWCRC has secured a free offer for members using Our Trillion™, a breached account mining platform that continuously tracks, correlates and analyses billions of stolen usernames and passwords, hunting for digital identities that could belong to your employees and alerts you if it discovers email accounts that might affect your organisation. As a part of your SWCRC membership you can sign up to receive the results of the credentials scan as a report for free so you can better understand the threats to your organisation.

Thank you Crossword Cyber Security for this helpful blog.