Frequently Asked Questions About the Dark Web

In Cybersecurity by Ken Nero

WHAT IS THE DARK WEB?

The dark web is a hidden universe contained within the “deep web”— a sub-layer of the internet that is hidden from conventional search engines. The surface web today makes up only 4% of the internet. It stores only 19TB of data. Imagine how tiny it is in comparison to the dark web, which has an estimated 7,500TB of data. The dark web is estimated to be 550 times larger than the surface web and growing*. Because you can operate anonymously, the dark web holds a wealth of stolen data and illegal activity.

HOW DOES DARK WEB ID HELP PROTECT MY ORGANIZATION?

Our service is designed to help organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. IKON’s Dark Web Scanning Tool leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, websites and bulletin boards, peer-to-peer networks, forums, private networks and other black-market sites 24/7, 365 days a year, to identify stolen credentials and other personally identifiable information (PII).

HOW ARE STOLEN OR EXPOSED CREDENTIALS FOUND ON THE DARK WEB?

IKON’s Dark Web Scanning Tool focuses on cyber threats that are specific to our clients’ environments. We monitor the dark web and the criminal hacker underground for exposure of our clients’ credentials to malicious individuals. We accomplish this by looking specifically for our clients’ top-level email domains. When a credential is identified, we harvest it. While we harvest data from typical hacker sites like Pastebin, a lot of our data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor over 500 distinct internet relay chatroom (IRC) channels, 600,000 private websites, 600 Twitter feeds and execute 10,000 refined queries daily.

DOES THE IDENTIFICATION OF MY ORGANIZATION’S EXPOSED CREDENTIALS MEAN WE ARE BEING TARGETED BY HACKERS?

While we can’t say definitively that the data we’ve discovered has already been used to exploit your organization, the fact that we are able to identify this data should be very concerning. Organizations should consult their internal or external IT and/or security teams to determine if they have suffered a cyber incident or data breach.

IF YOUR PERSONAL DATA IS FOUND ON THE DARK WEB, CAN IT BE REMOVED?

Once the data is posted for sale within the dark web, it is quickly copied and distributed (resold or traded) to many cybercriminals within a short period of time. It is generally implausible to remove data that has been disseminated within the dark web. Individuals whose PII has been discovered on the Dark Web are encouraged to enroll in identity and credit monitoring services immediately.

ARE THERE ANY SPECIAL CREDENTIALS NEEDED TO INVESTIGATE THE DARK WEB?

You do not need special permission to access the deep or dark web. However, accessing the deep or dark web requires the use of a “TOR” browser and should only be done using a VPN/ 10042017 encrypted tunnel. In general, we advise against attempting to access the dark web.

CLICK HERE to schedule your free dark web scan from IKON Business Group.