You are here: Blog Josh Coppage Even the Most Diligent Individuals Are Not Immune to Data Breaches

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Illuminating the Concept of the Dark Web

Voyage Technology Blog Security
Illuminating the Concept of the Dark Web

Let’s say, for a moment, that somewhere out there is a diligent employee—John—who works for a small business. While John means well, he has the unfortunate habit of using the same password for everything… including the marketing tool his employer has him sign up to use.

A year or two goes by. The company hasn’t touched that marketing tool in months. John has completely forgotten he has an account with it. Meanwhile, that tool experiences a significant data breach, and suddenly, the credentials to almost everything John has ever accessed are now available on the dark web.

Sounds pretty bad, right? Let’s talk about how this happens and how you can help keep it from impacting your business, as it would poor John’s.

What is the Dark Web, Anyways?

To understand the dark web, we need to understand how the Internet as a whole is built.

The Internet is Like the Icebergs that You See In Photos

What you consider “the Internet” can be classified into three (or two and a half, if you want to be technical) different parts:

  • The first part is the surface web, which is everything you can access directly by a search engine without a login or payment. While this portion of the Internet may seem vast, it accounts for only about five to ten percent of the functional Internet.

  • The second part is the deep web, which includes all the pages that cannot be searched for or require a login or payment to access, such as email inboxes or account pages on various websites, including internal company sites and private, protected pages. The deep web makes up anywhere from 90 to 95 percent of the Internet as a whole… just like the vast majority of an iceberg hides beneath the surface.

  • The third (or, since it technically resides in the deep web, the second and a half) part is the dark web. Sites on the dark web are accessible only through a specific browser and built on anonymity, providing a place for various activities to take place. While many of these activities are illegal—sales of stolen materials, illicit services, and other contraband are common—the dark web is also a place where information can be shared without fear. While some of this information is stolen data, some of it is news being shared by activists, whistleblowers, and journalists who are unable to publish it along traditional means for various reasons.

This Anonymity-First Portion of the Internet is the Hacker’s Favorite Fence

So, instead of the trendy speakeasy where secrets are exchanged in dark corners, you can almost picture the dark web as a giant, silent auction.

Let’s return to our hypothetical friend John for a moment. As soon as his credentials were stolen in that marketing tool’s breach, they became part of a unique and frustrating supply chain. It basically plays out like this:

  • John’s marketing tool is breached by a hacker, who takes millions of users’ credentials. This includes those belonging to our friend John.

  • The hacker turns to the dark web and offers a cache of stolen user credentials in bulk, requesting payment in some form of cryptocurrency to maintain anonymity.

  • Other cybercriminals on the dark web purchase the hacker’s collection and attempt to use the compiled credentials on various websites, from business to retail to social media.

So, in relatively few steps, John’s one stolen credential could suddenly open the door to the rest of his professional and personal life. You also need to remember that this credential might not have been stolen directly from John. If John uses the same credentials to log into a social media platform or other large business, any breach of these entities could easily have the same result.

Using this Data, Hackers Engage in Credential Stuffing

Credential stuffing is the cybercrime equivalent of throwing everything at a wall and seeing what sticks. By using automation, a cybercriminal in possession of one of these credential collections can input them into thousands of other websites, including email platforms, banking accounts, and business software such as customer relationship management platforms.

Many people—like our fictional example John—habitually repeat their passwords across different platforms and accounts, and this can ultimately lead to a breach of your business, even if you’ve done everything in your power to secure it. If your business’ information winds up on the dark web, your security will be about as effective as a tightrope made out of tissue paper.

So, what can be done?

Being Forewarned is Being Forearmed

Obviously, the ideal situation is not to have any of your passwords discovered in the first place. However, since you don’t have complete control over them, this is unfortunately impossible for you to ensure. The next best option is knowing that a username and password combination has been breached, so you can change it, mitigating the damage that a compromised set of credentials can cause. This is where our dark web monitoring services truly shine.

In simple terms, we have tools that allow us to scan the dark web for any sign of your company’s email domains. We’re then alerted if John’s (or another employee’s) credentials appear.

Keep in mind, this isn’t a way to recover your password. It’s simply a warning system to tell you that a password is no longer secure, so you can potentially change it before a cybercriminal uses it.

While the Dark Web Isn’t Inherently Bad, It Offers Nothing Good for Your Business

We can help you proactively monitor it to ensure your organization isn’t compromised by individuals using the dark web for scams and other cybercrimes. Learn more about our proactive monitoring by calling Voyage Technology at 800.618.9844.

Tweet
Tags:
Data Passwords Privacy

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Privacy Workplace Tips Phishing Google Email Computer Workplace Strategy Collaboration Hosted Solutions Small Business Users Backup Ransomware Managed Service Mobile Device Productivity Microsoft Passwords Quick Tips Saving Money Communication AI Cybersecurity Data Backup Smartphone Data Recovery Disaster Recovery Android Upgrade VoIP Business Management Smartphones Mobile Devices communications Windows Social Media Browser Managed IT Services Microsoft Office Network Current Events Tech Term Internet of Things Remote Automation Artificial Intelligence Facebook Information Holiday Miscellaneous Compliance Cloud Computing Covid-19 Training Gadgets Server Outsourced IT Managed Service Provider Remote Work IT Support Spam Encryption Employee/Employer Relationship Windows 10 Office Business Continuity Data Management Government Wi-Fi Business Technology Bandwidth Windows 10 Blockchain Virtualization Apps Managed Services Two-factor Authentication Mobile Office Data Security Vendor Employer-Employee Relationship Tip of the week Voice over Internet Protocol Chrome Networking Mobile Device Management Budget Gmail Apple WiFi BYOD App Access Control Computing Information Technology Hacker Conferencing Avoiding Downtime Office 365 Marketing Managed IT Services How To BDR HIPAA Physical Security Applications Operating System Health 2FA Help Desk Risk Management Computers Retail Healthcare Website Office Tips Analytics Augmented Reality Storage Password Bring Your Own Device Router Big Data Virtual Private Network Paperless Office Windows 11 Cybercrime Infrastructure Monitoring Customer Service Excel Document Management Remote Workers Managed IT Service Telephone Scam Data loss Cooperation Free Resource Project Management Firewall Windows 7 Patch Management Save Money Microsoft 365 Remote Monitoring End of Support Vulnerability The Internet of Things Vendor Management Solutions Going Green Social Display Printer Content Filtering Holidays Customer Relationship Management YouTube Data Storage Smart Technology Supply Chain Cryptocurrency Video Conferencing Machine Learning Managed Services Provider Hacking Presentation Saving Time Virtual Machines Professional Services Virtual Desktop Wireless Technology Data storage LiFi Maintenance Downloads Antivirus iPhone Outlook Licensing Money Entertainment Word Vulnerabilities Humor Data Privacy Images 101 Sports Multi-Factor Authentication Robot Mobility Mouse Telephone System Cost Management Safety Administration IT Management VPN Employees Meetings Integration User Tip Modem Processor Settings Computer Repair Mobile Security Printing Wireless Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Hosted Solution Typing Tactics Development Hotspot Transportation Small Businesses Websites Mirgation Hypervisor Displays Shopping Knowledge Nanotechnology Optimization PowerPoint Google Drive Competition SharePoint Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing Chatbots Navigation Management PCI DSS 5G Lenovo Gig Economy Experience Screen Reader Writing Distributed Denial of Service Workplace Google Docs Unified Communications Bitcoin Running Cable User Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Private Cloud Identity Evernote Paperless Google Wallet Server Management Regulations Compliance Superfish Bookmark Identity Theft Smart Tech Memes Co-managed IT Windows 8 IP Address Laptop Download Net Neutrality Twitter Alerts SQL Server Technology Care Error History Business Communications Drones Financial Data Browsers Smartwatch Connectivity IT Social Engineering Break Fix Scams Halloween Recovery Upload Procurement Remote Computing Azure Hybrid Work Cyber security Multi-Factor Security Tech Human Resources Hard Drives Social Network Telework Domains CES Tablet IoT Communitications Dark Web Cables Hacks Scary Stories Trends Supply Chain Management Alert Fun File Sharing Regulations Dark Data Google Calendar Term Google Apps Refrigeration Managed IT Customer Resource management FinTech Deep Learning Public Speaking Data Analysis Star Wars IT Assessment How To Microsoft Excel IT Maintenance Lithium-ion battery Gamification Flexibility Notifications Staff Value Business Intelligence Entrepreneur Travel Social Networking Legislation Shortcuts Education Organization Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Ransmoware Mobile Computing Content Remote Working Wearable Technology Memory Vendors Search Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Undo Health IT Best Practice Unified Threat Management Directions Videos Assessment Electronic Health Records Permissions Workforce Buisness Wasting Time Threats Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Legal IT solutions Business Growth User Error Microchip Internet Exlporer Software as a Service Fraud Meta Managing Costs Amazon Application Username Cortana Point of Sale eCommerce Black Friday SSID Alt Codes IBM Database Surveillance Virtual Assistant Outsource IT Tech Support IT Technicians Virtual Machine Environment Media Downtime Network Management

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015