hands using laptop in low lighting

A consequence of many successful hacks and ransomware attacks is that sensitive company data ends up on the dark web. Sometimes it is being offered for sale as part of a large collection of stolen data, other time it is simply posted in plain text for anyone to read. Ransomware often threatens to leak business’s data if the ransom demand is not met. 

At best, this data could be just names and addresses, which are useful in themselves for identity thieves. At worst it could be your passwords, bank details, or credit card numbers. 

In this article we’re going to cover what the dark web is, and the risks of your data being posted there. We will also cover how to prevent this happening, and what to do if it does.

What Is The Dark Web?
Information hosted on the internet, but which cannot be accessed without specialised software like the Tor Browser. While much of the dark web is benign, there are large sections of it that are devoted to more unsavoury interests and illegal activities. This includes online marketplaces for hacking tools and leaked data.

Why Is It A Risk For My Business’s Data To Be On The Dark Web?
Having your data on the dark web increases your risk of suffering another cyberattack. Hackers looking for potential targets will be more likely to try hacking a business if they already have some of their passwords from a previous data breach. 

The very fact that your information has ended up on the dark web signals to hackers that your cybersecurity was not good enough to prevent a previous attack. You may not even realise that your data was leaked and so may not have updated passwords or improved your cybersecurity since your data was posted online.

How Can I Prevent My Data Ending Up On The Dark Web?
Your data ending up on the dark web is a symptom of poor data security. Properly securing your networks, your email, and your devices will reduce the chances of data being stolen in the first place.  

Much of the data which ends up on the dark web is stolen in ransomware attacks. Investing in ransomware prevention solutions can help to prevent data theft. Through a combination of ransomware protection software and effective firewall management, it is possible to block infected machines’ ability to exfiltrate your data. 

Using a password manager can help prevent your passwords being leaked. Password managers generate new, extra-strong passwords and store them in an encrypted online vault. This vault is itself secured by a long master password (many people may use an entire sentence). When you use a password manager, you do not need to remember your password. It is harder to accidentally reveal your password if you do not have it memorised.  

At Carden IT Services we offer ransomware protection, firewall management, and password managers as part of our comprehensive cybersecurity package.

How Do I Know If My Information Is On The Dark Web?
Warning signs that your data may be on the dark include; suspicious activity on your email accounts, unexplained charges on your company bank accounts, and customers saying they have received communications from you that you did not send. 

It is not advisable to load up the Tor browser and go poking around the dark web trying to find your data. You are more likely to expose yourself to even more risk. Instead, talk to a managed IT services provider like us. We use specialist software to conduct automated, AI-driven scans of the dark web for mentions of your organisation, your email addresses, and any associated data without the security and legal risk of actually accessing the dark we on your own machines.

Can I Remove Sensitive Information From The Dark Web?
Unfortunately, unlike Google, Facebook or YouTube, dark web networks aren’t in the habit of paying attention to takedown notices. If your data has appeared on the dark web, there’s very little you can do to get it taken down. However, you can assess what information is there and take steps to reduce your risk.  

You should immediately replace all passwords which have been leaked online. Not only should you replace passwords for accounts which have been compromised but you should do this for any other accounts which use those same passwords. It is a bad practice to use the same password for multiple accounts anyway, so now is a good time to overhaul your passwords.

Author: Jeremy Huson

Jeremy Huson is the founder and director of Carden IT Services LLC. He has nearly two decades of experience managing business’s IT networks and his areas of expertise are IT consultation and cybersecurity.

      Send Us A Message