Posted by: TAZ Networks on December 7, 2018 at 8:00 am
What do business owners need to know about the dark web?
The Dark Web. It sounds like a scary movie for kids. And it’s often talked about like the next big cyber threat coming to destroy us all.
But what is the dark web? Is it different from the deep web? What do business owners need to know about the dark web?
First of all, one thing to clarify is that there is a difference between the deep web and the dark web.
What is the Deep Web?
Simply put, the deep web is made up of all unindexed web sites. An unindexed site is one that will not show up in conventional search engines such as Google, Bing, and others. One well-known example of the deep web is email. When you check your email, you are accessing the deep web. But all that means is that your emails won’t show up on Google. (And aren’t we all glad of that?)
Basically, the deep web is not necessarily evil or even unsecure. All it is web pages and other information unfindable by search engines.
However, the unindexed nature of the deep web means criminals can easily use it for predatory purposes. Which leads us to…
What is the Dark Web?
The dark web generally refers to unethical or downright illegal activity based in the deep web. Because they cannot be found by search engines, it’s easier for scammers and other low-lifes to operate in secrecy.
These dark web entities run many of the scams, ransomware attempts, and other cybercrime we face. The dark web is where your credit card and other breach information ends up available for sale or trade. Passwords and other access credentials end up here too. All of this information is for sale to be used for general or targeted attacks.
Who is at Risk From Dark Web Attacks?
All of us. You. Me. Every small business. Like we’ve said many times, never assume your business is too small to be affected. Some of these scammers look specifically for small and mid-sized business information. They know that many business owners assume they’re too small to matter to cybercrime and don’t take necessary precautions.
But no business is too small. Many of these scams are powered by bots — automated programs that don’t need a paycheck or a desk. So, any gain at all is almost pure profit for the scammers running the bots. There’s no need for them to only target the “big fish” anymore. Little fish add up and are often an easier target.
Here’s a chilling fact: It only takes one compromised user name and password set to give these dark web businesses the access they need to attack every person in that database.
What Security Items Help Protect Against Dark Web Attacks?
Here are a few basic and relatively easy security solutions to help protect against dark web attacks:
Require strong passwords that expire on a regular basis. If your staff has been accessing your sales database with the password “Password1” for the past ten years, there is an excellent chance that data is all over the dark web. Your IT team should be able to assist in setting advanced password requirements. As a business owner or manager, however, you might need or want to create a written policy for your staff as well.
Add another layer of protection to your most confidential information with multi-factor authentication (MFA). We also recommended this for many businesses using Microsoft’s Remote Desktop Services. After the user enters their user name and password, MFA sends a code to the user’s email or phone that they need to enter before gaining access to the system. Sure, it’s one extra step, but it’s quick and easy to use once set up. And MFA adds a powerful additional layer of security.
Mobile device management solutions add security to your system if your staff uses their own phones or tablets to access your business network.
Protect your email from spam, viruses, and bad attachments. Microsoft Office 365 has several strong security features. We’ll be pushing our clients to implement some of these built-in safeguards in 2019.
In this day and age, we hear almost weekly — or sometimes almost daily — about a new data breach. Marriott and Quora both reported huge breaches in just the past few days. Unfortunately, there is a good chance that some of your data is on the dark web. But relatively easy and common solutions are available to protect your network security.
Do you know what security protections your business needs? Do you know what you already have in place? When was the last time someone reviewed your network security? If you have questions, TAZ Networks can help – contact us today.