By: Mark Sheldon Villanueva on November 10th, 2021
What to Do When You Find Your Information on the Dark Web?
It's an unnerving feeling, knowing that your or your clients' information is circulating openly around the web. You are most likely trying to wrap your head around the repercussions it will have for your organization. How will you tell your clients that their data got stolen? How do you keep it from causing harm to your business? If this scenario seems familiar, you're not alone.
The 10 biggest data breaches impacted more than 98.2 million people in the first half of 2021 alone. That's according to the Interstate Technology and Regulatory Council and the U.S. Department of Health and Human Services. The incidents resulted in the theft of information that included names, birthdays, credit card numbers, private health information, passwords, and more. With so many high-profile data breaches recorded this year, have you ever wondered what happens to all that stolen data? Where does it all go, and how do the criminals profit from it?
The answer is that any stolen data is likely going to end up selling for a pretty penny on the dark web. And by a pretty penny, we mean bitcoin.
At ITS, we've helped hundreds of businesses improve their security to protect their data. From our experience, data breaches can occur even with the best cybersecurity tools at your disposal. Whether it’s through phishing emails or social engineering tactics, cybercriminals are very crafty when it comes to getting sensitive information from your organization.
In this article, we'll guide you with what you need to do when your sensitive data is stolen and put up for sale on the dark web. To do that, we'll answer the following questions:
- What is the dark web?
- How do you find out if your data is on the dark web?
- What do you do if you find your information on the dark web?
What is the Dark Web?
Its name may sound nefarious, but the dark web is really just a part of the internet that search engines don't index. It's a collection of hidden websites that you can only access via a specialized browser. Individuals who want to get in often rely on browsers that encrypt their information, providing anonymity.
While it's not illegal to surf the dark web, the fact is that its anonymous nature attracts individuals looking to conduct dubious activities away from the prying eyes of the law. Many of these activities include cybercrime that may pose a danger to your business.
A study conducted by the University of Surrey in 2019 found that out of all dark web listings (excluding those selling drugs), 60% could potentially harm enterprises.
Many of these listings include the ones created by criminals peddling information taken from businesses such as credit card details, banking credentials, health records, passwords, and more. The prices for the stolen goods vary and could range from as little as $10 to thousands.
How to Find Out if Your Information is on the Dark Web
While you might be tempted to check whether any of your info is currently making the rounds in the dark web, we would highly advise you not to go there yourself. The dark web is a dangerous place to be in.
You can easily fall victim to hackers and social engineering tactics and give away sensitive information without your intention. There's also the risk that you might stumble upon illegal activity without even realizing it. The danger is that some of these illegal websites are already being monitored by relevant authorities, and even just being a bystander could land you on the wrong side of the law.
Instead, you should consider engaging a cybersecurity professional that offers dark web scans and dark web monitoring. They usually work by scouring collections of stolen personal information across the dark web and alerting you if your information is found. However, take note that it's impossible for a single company to scan the entirety of the dark web, so it won't be able to find everything.
Also, if a scan does find your info for sale, it won't be able to do anything about it other than alert you. That might discourage some from initiating a dark web scan, but you have to understand that just knowing your info is out there could buy you time to mitigate the potential impact. From there, you can freeze relevant bank accounts, change passwords and even notify authorities.
When it comes to data breaches, getting the right information is already half the battle.
What to Do if Your Information is on the Dark Web
Time is of the essence once you are alerted that your info is circulating on the dark web. Make sure to follow the steps below to mitigate the impact:
Change Your Passwords
SpyCloud's Breach Exposure Report found that almost 26 million passwords that belonged to employees at Fortune 1000 companies were available readily in dark web markets and data dumps. The report also noted that one of the biggest reasons these passwords were easily stolen was because of weak passwords and their rampant reuse across personal and professional accounts.
Instead of just changing passwords, consider using password managers to save and secure various strong passwords.
Notify Relevant Individuals and Organizations
If you find your information on the dark web, it's important that all necessary personnel and organizations know what is happening. For example, if your financial information was stolen, notify your bank or financial institution so they can help you with monitoring your financial statements, or you can freeze your account in case of dire situations.
Monitor for Unauthorized Changes
Check for any unauthorized changes across all relevant areas. Try to look for any activity that may seem suspicious, like random purchases, emails or messages sent to your team or your customers, etc. Doing that as quickly as possible can help prevent further damage.
Ramp Up Security Awareness
Knowledge and practice are some of the best ways to secure your information. Empower your team to recognize threats and to respond accordingly. The better informed your employees, the fewer chances cybercriminals have of getting to your data.
Try employing more effective cybersecurity awareness training methods and do it regularly. Conduct threat simulations and help your training resonate with your team by making it more personal. Let them know how good security practices can benefit them in their personal lives.
Use Multi-Factor Authentication
For an added layer of security, make sure to use multi-factor authentication (MFA) with any application that is compatible. MFA can decrease the chances of cybercriminals getting access to your information. Even if they crack your password, they will need to go through multiple levels of authentication before gaining access to your databases.
Test and Assess
Make sure to test and check your network, applications, third-party website policies, and procedural policies for possible vulnerabilities. With the help of an IT professional, try to initiate a thorough scan of your network. You can employ Security Information and Event Management (SIEM) tools to conduct a forensic investigation. This will allow you to determine where and how the breach happened, and what you can do to prevent it.
Once you’ve patched all possible vulnerabilities, test your solutions and adjust your incident response plan.
Ensure Your Backups are Safe
Check on your backups. You should have multiple backups, with at least one located offsite. If you don’t have any backups in place, you might want to consider getting one as soon as you can. It’s a vital aspect of any business longevity plan.
We recommend the 3-2-1 rule when it comes to backups. This strategy requires you to have three copies of your data (your production data and two backup copies) on two different media (disk and tape) with one copy off-site for disaster recovery.
Ready to Keep Your Information Safe?
Once your information surfaces on the dark web, there’s very little you can do about it. Copies of your data may exist where even a dark web scan can’t reach you. The best you can do is to mitigate the impact. You can change login credentials, patch the breach and bolster your cybersecurity efforts to prevent further incidents from happening again.
At ITS, we've helped hundreds of businesses bolster their cybersecurity. If you want to know how your efforts measure up, please fill out our form for a free IT security assessment.