Dark Web, How Does it Impact Small Businesses?

Dark Web is a term that has surfaced in recent years in connection to cybercrime and cyber security.  Identity theft is an unfortunate occurrence that is all too familiar with most business owners, but do those individuals know where the compromised data will end up? Often, these business owners are unaware of the virtual marketplace where stolen data is purchased and sold by cybercriminals; a place known as the Dark Web.  An article on Lexology explores what the Dark Web is, what information is available for purchase there and how it impacts small businesses.

What is the Dark Web?

The Dark Web, which is not accessible through traditional search engines is often associated with a place used for illegal criminal activity. While cybercriminals tend to use the Dark Web as a place to buy and sell stolen information, there are also sites within it that do not engage in criminal activity. For many, the most appealing aspect of the Dark Web is its anonymity.

What is for sale on the Dark Web?

Information sold on the Dark Web varies, and includes items such as stolen credit cards, stolen account information from financial institutions, forged real-estate documents, stolen credentials and compromised medical records. Even more alarming, the Dark Web contains subcategories allowing a criminal to search for a specific brand of credit card as well a specific location associated with that card. Not only can these criminals find individual stolen items on the Dark Web, but in some cases, entire “wallets” of compromised information are available for purchase, containing items such as a driver’s license, social security number, birth certificate and credit card information.

What is stolen personal information used for?

When stolen information is obtained by criminals, it can be used for countless activities like securing credit, mortgages, loans and tax refunds. It is also possible that a criminal could create a “synthetic identity” using stolen information and combining it with fictitious information, thus creating a new, difficult to discover identity.

Why are stolen credentials so valuable? 

Stolen user names and passwords are becoming increasing popular among cybercriminals, but why? Identity thieves will often hire “account checkers” who take stolen credentials and attempt to break into various accounts across the web using those user names and passwords. The idea here is that many individuals have poor password practices and are using the same user name and password across various accounts, including business account such as banking and eCommerce. If the “account checker” is successful, the identity thief suddenly has access to multiple accounts, in some cases allowing them the opportunity to open additional accounts across financial and business-horizons. 

Why should small businesses be concerned about the Dark Web?

Since the Dark Web is a marketplace for stolen data, most personal information stolen from small businesses will end up there, creating major cause for concern. With the media so often publicizing large- scale corporate data breaches, small businesses often think they are not a target for cybercriminals, however that is not the case. Cybercriminals are far less concerned about the size of a business than they are with how vulnerable their target is. Small businesses often lack resources to effectively mitigate the risks of a cyberattack, making them a prime target for identity theft as well as other cybercrime.

At a recent Federal Trade Commission (FTC) conference, privacy specialists noted that information available for purchase on the Dark Web was up to twenty times more likely to come from a company who suffered a data breach that was not reported to the media. The FTC also announced at the conference that the majority of breaches investigated by the U.S. Secret Service involved small businesses rather than large corporations.

How can you reduce the risk for your small business?

To reduce the risks of a cybercriminal gaining access to your company’s information/network, you must ensure you have proper security measures in place. The FTC has a webpage that can assist with security options for businesses of any size.  In addition, it is crucial that your employees are properly trained on security, including appropriate password practices. There is also talk of a government-led cyberthreat sharing program which would help enhance security across all industries by sharing cyberthreat data.


Network Security

How Much Is Your Network Security Actually at Risk?

Over the past year, we have heard more about hacking and hackers than ever before.  Thanks to the 2016 Presidential election, we realized that anyone and everyone can be hacked.  From the discussion of security with Hillary Clinton’s personal email servers, to the Democratic National Committee being hacked by Russians (or a 400 lb hacker) network security has been at the forefront of our national discussion… but what exactly does that mean for your business?
It’s easy to watch TV and blow off the fact that other people are being hacked, but when you realize that we are talking about some of the most secure networks and systems in the world you’ll quickly see that your network security is at an extremely high risk.
According to  CNN Tech, 47 percent of all adults in America were hacked in 2014.  Yes, 47 percent!  Since that time, technology has changed a little, but there has been exponential growth in the hacking community.  More and more hackers means more and more challenges for them to crack.
Who can forget the celebrity photo hacking from Apple’s iCloud.  Keep in mind that Apple is one of the most technologically advanced organizations in the world.  Heck, they even create a lot of the encryption and software that is used to protect us from hacking.  So when they were hacked, it was a bad sign.  All they could do to stop the hacking at the time was release a statement on how bad it was.
“When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source,” Apple said.
It’s good to know that Apple got to work and improved their technology, but don’t think that hackers haven’t improved theirs as well.  It’s a game for hackers to try to break into bigger named businesses and secure areas that they have never been before and so they will do anything to get in.
So what does this mean for you?  Think about it this way:  Hillary Clinton, the DNC, and Apple represent some of the most powerful and technologically advanced IT systems on the planet… and they were hacked.  Think about how easily then your network security could be breached.
Also think about the target on your company’s back that has been placed there by hackers.  Your business is growing and as such, getting more and more recognition in not only your community, but the world.  The larger your business gets and the more attention that it garners, the better chance that a hacker will target you, just “for the challenge of it.”
So yes, your network security is seriously at risk.   But that doesn’t mean that you’re a sitting duck.  You just need the help of a quality IT service provider to help you protect yourself from potential threats.  A good service provider is up to date on all the latest technology, software and even hacking techniques that will help protect your business from outside threats and potential breaches in your security.  And even if your security is breached, the service provider will have a plan in place to restore and recover your system so that it will have minimal, if any, impact on your business.
Summary:  Hacking has been at the forefront of the news cycle over the past few years.  From the Democratic National Committee to Apple and celebrity photos, it seems like no network is safe.  Your network is definitely at risk, but if you hire a quality IT service provider, you can rest easy knowing that your business either will be protected by hackers or wouldn’t be affected if they breach your network.