Depending on who you ask, the dark web is either a terrible place full of the worst dregs of internet society, or it’s a useful safe haven for privacy advocates. The truth is that the dark web is somewhere in between those two extremes.
For privacy-minded individuals, using the Tor browser to connect to the dark web does offer many advantages. It can nearly eliminate attempts to track you and collect personal data on you, such as your browsing and shopping habits. It’s also been used by journalists and whistleblowers to leak information, such as journalists living under corrupt authoritative regimes where journalists fear for their life.
On the other hand, there is a dark side to so much privacy, and the dark web can also offer a safe haven to malicious groups engaging in illegal activity.
“We’ve all heard stories of how the dark web is full of drug marketplaces and unprohibited content. This is somewhat true to an extent, though these websites aren’t necessarily out in the open.”
Many of the dark websites running illegal activities are “invitation only” or locked behind paywalls, kind of like a mafia poker game. There’s a very slim chance of just “accidentally” stumbling into one. The same goes for blackhat hacker groups that buy and sell stolen information.
What do Businesses Really Fear on the Dark Web?
What really concerns businesses about the dark web is that it’s become a haven for cybercriminals to share and sell stolen data. Whenever you hear news about a massive data breach on companies, you may wonder what the criminals actually do with all of the stolen information like credit cards and social security numbers. The answer is that they typically sell it on the dark web.
This is because it is far easier to sell stolen credit cards, for example, than to actually try and use them. Using stolen credit cards to make purchases can be traced, and so cybercriminals would rather make easy money by selling stolen information than put themselves at larger risk by actually trying to use the information themselves.
Are Dark Web Monitors Useless in Preventing Data Theft?
It can be extraordinarily difficult to track down sources of data breaches. When free dark-web monitoring websites like HaveIBeenPwned detect stolen credentials on the dark web, it’s usually because the cybercriminals were unable to obtain a ransom for the stolen data, and simply publicly dumped the data in retaliation.
That doesn’t mean dark web monitoring services are entirely useless. Secure coding practices can alert a business (or individual) that their data has been publicly dumped, and alert the business/individual to change their login credentials before further damage is done. Also, some dark web monitoring services may actually have insight into the more secret “invitation only” or “paywall-access” parts of the dark web, and may be able to alert their customers that their data is being traded secretly before it hits the public dumps.
Business Identity Theft on the Dark Web
“So what businesses fear along with data breaches that steal their customer’s information, but data breaches where sensitive company information is stolen as well.”
Business identity theft is not the same as stealing sensitive information, but they can very often go hand-in-hand.
Business identity theft goes a bit under the radar because consumers are of course focused on personal identity theft, but business identity theft is a very real thing. Business identity theft is when criminals impersonate a real business for the purpose of, for example, applying for credit loans.
This is because businesses often have a much larger line of credit than individual consumers, and while a $2,000 loan taken out in an individual’s name would attract immediate attention from that individual’s bank, a criminal could possibly take out a loan as high as $10,000 without attracting any attention for a long time, because businesses don’t really notice until they perform audits and expense reports.
Also, Read Scariest Cybersecurity Threats