As I’ve mentioned before Jeff and I joined a peer group 2 years ago. The group consists of a dozen other IT business owners from around the country. Every quarter we meet as a group in a moderated session for two days to discuss ongoing IT trends, any issues or items that we want to brainstorm and meet content sponsors that discuss available services. Many of the topics that I cover in these blogs come from conversations or content that I’ve been able to see at these meetings.
A year ago, I was exposed to some detailed information on the Dark Web and how the current trend for malware is to create an “as a service” business model for people who want to steal other people’s money. For a monthly fee you can get access to hacking tools that allow you to infect other people’s computers and phones. Exploiting those devices to steal data and access to their bank accounts or to encrypt their data and ransom it to earn money.
This trend has only accelerated since last year and this year we’ve decided to partner with ID Agent to do live Dark Web monitoring for ourselves and some of our clients. So, what is Dark Web monitoring and why is it important? Our employees use the internet every day at work. But they also use it at home. Services like Amazon, Staples, Ebay, Dropbox, Quickbooks, Bank of America, Yahoo, ADP, Salesforce, Adobe, Verizon are all things that they create logins for and access.
When they do many of them are using the work email address that we provide for them. Every one of the above listed services and many others have had security breaches where they had user names and passwords stolen. Millions and millions of user names and passwords stolen and then offered for sale on the Dark Web. The danger is that my employees, like myself and nearly everyone else tend to use the same passwords for multiple websites / services.
If their Amazon account credentials get stolen and sold on the Dark Web, there is a good chance that someone buying those credentials can use social media to determine where they bank and what other services they use. They can then try the same credentials at those other locations to potentially steal money, transfer funds or encrypt important files to ransom.
Dark Web monitoring scans the Dark Web for instances of our employee’s user names and email addresses and reports back what it finds in real time. So, if there is a breach at Amazon or Verizon or wherever else it might happen, and those user names and passwords become available for sale we get notified. We can then make sure to change the passwords that have been compromised at every other service or website that share that user name or password.
It hit home for me when my dad came to me with an email that demanded he pay $840 or they were going to send inappropriate materials to his contacts. The email said they had access to his computer and his contact list and to prove that they did it contained a real password that my dad used for years. He was understandably concerned. It turns out that a security breach at an on-line vendor contained his email address and that password which was in turn sold on the Dark Web.
They didn’t have access to his computer or his contact list, but they did have a real email address and a real password. Fortunately, that password wasn’t being used anywhere any longer and we were able to ignore the threat, but these types of things are happening more frequently as people find ways to make money off of other people’s lack of security and the fear they can create by having real information. Now we monitor the Dark Web and proactively make changes to user credentials when they do find there way to the Dark Web.
Chief Executive Officer