I have written about the Dark Web in the past, and nothing has changed, but I did want to share a real life story. Now that we have access to the Dark Web to run reports on client data breaches, we have seen interesting results. Only once did the report come back clean with no data. This seems to be super rare since pretty much everyone has some form of data on the Dark Web.
Recently we ran a report for a client and it showed a list of logins and passwords that were found on the Dark Web. Many of them were real logins for their employees which is never a good thing. What made this report different from other clients’ is that one of the results showed that the login was leaked due to a keylogger running (this is a rogue app that captures your key strokes and sends them to the bad guys – in this case they captured the username and password for an application). Once the infected user with the security risk was known, the rogue app could be removed. The next question to ask was, how did they get infected? Turns out, the infection was caused by an internal web application that was hacked and silently infecting everyone. Yikes. Ultimately, everything was able to be cleaned up, but without the report from the Dark Web showing the details of the data breach, the client would have not known about any of it. Double Yikes.
Several of our clients have chosen to have their data monitored in real-time so they can catch any kind of Dark Web breach quickly. It is pretty inexpensive so I tell them to think of it like insurance: you hope you do not get a lot of activity, but when you do, you can react accordingly and minimize the risk quickly.
Got a question or a comment? Don’t hesitate to contact anyone on the Waident team!