Blog / Dark Web Scans
What they are and why you want one.
If you’re at all connected to the IT and cybersecurity world, you’ve almost certainly heard of the dark web scans and the dark web in general already. For those of you who aren’t hooked into IT though, the dark web is essentially what it sounds like; a darker, meaner version of our everyday world wide web. It’s a hotbed of criminal digital activity, including buying and selling people’s identities, banking information, login credentials, and more. Ransomware software sales and Ransomware-as-a-Service (yes, it’s what it sounds like) can be found there as well.
Aside from the illegal nature of most of what happens there, the dark web differs from the everyday web in a few key technical aspects also. Dark websites can’t be indexed by search engines, and can only be accessed through a specialized browser known as Tor. The Tor browser (and other similar tools) anonymizes traffic through a network of proxy servers around the world, making it virtually impossible to trace and identify your IP address.
A few clarifications
Before we go further, we’d like to clear a few things up.
First, while the majority of the dark web is used for criminal activity, accessing it isn’t actually illegal, nor is the Tor browser itself. It’s what you’re doing there that usually catches law enforcement’s attention. Nevertheless, there can be legitimate reasons to browse privately.
Secondly, even though we just pointed out that it’s not necessarily entirely evil, the dark web’s still not a place for your average person. If you don’t know what you’re doing, don’t go onto it. It’s the digital equivalent of walking down a dark alley behind a seamy bar in the rough part of town late at night; it’s not illegal and you’re not guaranteed to get robbed, but you’re still just better off staying away, especially if you don’t know how to defend yourself.
And finally, just a bit of terminology clarification, specifically regarding the terms dark web and deep web, which you may also have heard around. The deep web is primarily business and professional sites, such as company intranets, banking and medical records, and membership-only content. Anything hidden behind a paywall or requiring private credentials to sign in is part of the deep web, which, according to CSO, actually comprises anywhere between 96 and 99% of the internet. Like the dark web, pages on the deep web aren’t indexed by search engines, although they can be read by normal browsers instead of Tor, and don’t anonymize your IP address. The point is they’re easy to get mixed-up but not actually the same thing.
What are dark web scans?
Now that we’ve established what the dark web is, let’s talk about scanning it, which is straightforward in concept but much harder to actually do. In their simplest form, dark web scans check the dark web for information, and alert you if it’s found on one of the dark web’s sites. Just remember, the dark web is a massive collection of unindexed websites running on a network of proxy servers used to anonymous data so it can only be accessed through a specific browser, which makes actually scanning it substantially more difficult than it sounds.
Because of the technical nature and specific software involved, dark web scans should only be performed by professional cybersecurity experts. You’ll need to provide your MSP with the specific data you’re concerned has been leaked. That data is checked against known data dumps (lists of data that’s been stolen) that are up for sale on the dark web’s black market. If a match is found, you’ll be alerted and can take appropriate action.
There are a few limitations to be aware of. The lists often include information about hundreds of thousands if not millions of people, and there are many lists so searching them all can be time-consuming. Also, no scan of any web, dark or otherwise, will be able to scan every byte of stolen data. That doesn’t mean they have no value. Indeed, if you believe you’ve been compromised a scan is a great starting point for finding out. Just understand that a clean scan isn’t a guarantee your information is out there in a private database or unknown marketplace.
Why does my business need one?
Hopefully the value of a dark web scan is clear by now. Finding out if the business credit card number or login credentials are for sale can help you get ahead of security breaches before they happen by locking cards and changing passwords before they can be used against you. Remember also that it doesn’t have to be your business that gets breached in order for your information to wind up on the dark web. Software vendors and other organizations often keep credit card numbers or login information as well. All it takes is for one of them to get breached and your information is out there.
If you’d like to know what the dark web knows about your business or organization, contact a TRINUS account manager to inquire about our dark web scan services. Dark web monitoring (repeated scans of list in both common and new marketplaces for near real-time alerts) is also available. The peace-of-mind that comes with knowing your business data isn’t up for sale is just part of our commitment to providing stress-free IT.
Sincerely,
The TRINUS Team
trinustech.com