So, what is the Dark Web exactly?
The Dark Web is a hidden universe contained within the “Deep Web”- a sublayer of the Internet that is hidden from conventional search engines. Search engines like Google, BING and Yahoo only search .04% of the indexed or “surface” Internet. The other 99.96% of the Web consists of databases, private academic and government networks, and the Dark Web. The Dark Web is estimated at 550 times larger than the surface Web and growing. Because you can operate anonymously, the Dark Web holds a wealth of stolen data and illegal activity.
How does it protect my organization?
Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. Dark Web ID leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, Websites and bulletin boards, Peer to Peer networks, forums, private networks, and other blackmarket sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).
We Monitor: 24/7 x 365
- Hidden chat rooms
- Private websites
- Peer-to-peer networks
- IRC (internet relay chat) channels
- Social media platforms
- Black market sites
- 640,000 + botnets
How are the stolen credentials found on the “Dark Web”?
Our service focuses on cyber threats that are specific to our clients’ environments. We monitor the Dark Web and the criminal hacker underground for exposure of our clients’ credentials to malicious individuals. We accomplish this by looking specifically for our clients’ top-level email domains. When a credential is identified, we harvest it. While we harvest data from typical hacker sites like Pastebin, a lot of our data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor over 500 distinct Internet relay chatroom (IRC) channels, 600,000 private Websites, 600 twitter feeds, and execute 10,000 refined queries daily
If you find our credentials does that mean we’ve been hacked?
While we can’t say definitively that the data we’ve discovered has already been used to exploit your organization, the fact that we are able to identify this data should be very concerning. Organizations should consult their internal or external IT and/or security teams to determine if they have suffered a cyber incident or data breach.
How was the data obtained in the first place?
Tested: the compromised data was tested to determine if it is live/active;
Sample: the compromised data was posted to prove its validity;
Keylogged or Phished: the compromised data was entered into a fictitious website or extracted through software designed to steal PII;
3rd Party Breach: the compromised data was exposed as part of a company’s internal data breach or on a 3rd party Website;
Accidental Exposure: the compromised data was accidentally shared on a Web, social media, or Peer-to-Peer site;
Malicious / Doxed: the compromised data was intentionally broadcast to expose PII.
What can we do about it?
Sign up for our Credential Monitoring Service as well as our Security Awareness Training for your employees. The number one threat to your network is the user. Without proper training they will get phished; it’s only a matter of time. The damage can be catastrophic.
Sign up for our Complimentary Dark Web Scan to see your results.
Can I also protect my personal identifiable information?
Yes, you can get more information about our Identity Theft Protection Service here