Dark Web Monitoring
Many of us are just now learning about the dark web. The dark web is essentially a hidden network of websites that requires different resources to access. This is where data stolen from hacks, malware and data breaches is bought, sold and traded.
Think of the Internet as having 3 basic layers, the public internet is that which can be browsed and searched. For example if you search for Tesla Model 3, you will find tons of information, pictures and video’s of the Model 3, Elon Musk and everything Telsa.
What you won’t find is any internal data about Telsa’s vendors, purchases, technical discussions, backup data, production schedules or who has put their $1,000 down for a new car. This data, private corporate, educational and government data is considered the deep layer of the internet and comprises approximately 90% of the internet.
The Dark Web is a hidden network of websites that requires different resources to get to hidden IP addresses. Masking software and encryption is activated to keep search engines from tracking and cataloging it’s information.
It’s not surprising that the dark web is used for illicit activity, including buying and selling of all sorts of stolen personal information captured through data breaches, phishing and other malware.
If you or your company if ever been a victim of a data breach this is often where that stolen data resides.
Credit Card information, Social Security numbers, passwords, DOB, account numbers are all there.
There are several companies that have penetrated the dark web and offer monitoring services that will monitor the dark web for stolen data from your domain. The initial report will list users and passwords that are floating around. A report we ran recently showed passwords for not only internal users but of some of their clients that were logging into their website to make reservations.
The monitoring company will alert you whenever information from one of your domains is found.