As tensions continue to rise in the Ukraine, the FBI and Biden administration warns the United States private sector to be prepared for possible Russian state-sponsored cyber attacks. While critical infrastructures are likely targets, rogue threat actors continue to use stolen personal data to sell on the dark web or even worse, set the stage for a future crippling cyber incident.

According to Gemini Advisory, 115 million stolen debit and credit card numbers were posted to the dark web in 2020 with 87 million originating from the U.S. Not everything on the dark web is illegal, but there are precautionary steps every organization should take to protect from potential threats.

What is the Dark Web?

The internet is comprised of three layers. The surface web is what many of us refer to as the World Wide Web, and only makes up a small portion of accessible digital content. The deep web is typically password-protected, and the dark web is a hidden marketplace where private computer networks can communicate and conduct business anonymously without divulging identifying information. Sites on the dark web use encryption software so visitors and owners can remain anonymous and hide their locations, and ultimately why the dark web is riddled with so much illegal activity.

Security Measures to Consider

As a business leader, consider these questions to help assess how your operations and supply chain vulnerabilities might be affected.

  1. Does your risk management group or IT Security teams monitor darknets for activity related to your organization?
  2. Have you had a breach and if so, do you know if company data has been published on darknets?
  3. Do you know if your employees reuse passwords that have been published in other companies’ data breaches?

Policing the Dark Web

Using a dark web monitoring service can help businesses stay ahead of cyber threats. Stinnett’s Data Privacy and Cybersecurity team monitors threat intelligence for clients that include:

  • Investigating threat actors
  • Searching for bitcoin wallets and addresses
  • Assessing darknet brand exposure
  • Identifying threats on darknet forums
  • Monitoring for leaked credentials
  • Seeing inside authenticated chat rooms
  • Tracking vendors on marketplaces
  • Accessing historical darknet records

Interested in setting up continuous monitoring or even a one-time research project? We’d be happy to discuss your cybersecurity defense strategy.