What an MSP can do to Protect Their Clients from the Dark Web
Not familiar with the term “Dark Web”? That’s okay, even some of the most sophisticated individuals in the tech space have no idea what the dark web is and how it’s accessed. As an MSP or MSSP, you are doing your part to secure and monitor your client’s network and provide a seamless user experience. However, through no fault of your own, your client’s and their employees are not making your job easier by creating credential-based blind spots that until now were hard to detect and mitigate.
Criminal organizations, hacktivists and social hackers obtain and sell hundreds of thousands of stolen credentials on the dark web daily. Increasingly the result of breached networks, compromised databases and human error creates vulnerabilities for the Small and Medium Business Clients you are tasked with protecting!
To understand what the dark web is, you must first understand that there is a large portion of the internet that is not indexed by common search engines like Google, Bing and Yahoo. This is the “Deep Web.” The US Government created this hard to access area of the Internet. Because the traffic flowing through the deep web was encrypted, it quickly became a preferred communication channel for privacy-conscious individuals, organizations and governments to share data, without detection.
It did not take long for nefarious individuals and organizations to begin using the deep web as a platform for exploit. The term “Dark Web” was coined to describe the pockets of the deep web that are used to buy, trade and exploit illegally acquired data or illegal items.
How the dark web impacts your client’s security and what you can do to help them.
The volume of data breaches has reached epidemic proportions and shows no signs of slowing down. When malicious individuals or organizations are successful at compromising data, they quickly move to monetize their heist and place it up for sale on dark websites. On an average day, hundreds of thousands of login credentials (email addresses and passwords), along with social security numbers, dates of birth, financial information and other personally identifiable information are added for exploit. This information often and unsuspectingly leads to your client’s identity theft and is also used to enhance the effectiveness of social engineering campaigns and ransomware attacks – further perpetuating the exploit cycle.
Compounding this epidemic is the fact that 80% of your client’s employees will use the same or a derivation of the same password across all the systems they access, both on and off their employer’s network. If your client’s internal requirement is to have a capital letter and special character, it’s a common practice for employees to use a password they are familiar with and add a capital letter and explanation mark. For example, the exposed password on a 3rd party site is “cowboys.” The new variation will be “Cowboys!” Hackers can apply brute force scripts that run hundreds of variations of passwords to find a match.
Start protecting your clients from dark web exploits in a matter of minutes.
To help you protect your clients from the dramatic rise in credential-based exploits, we’ve developed an automated monitoring platform called Dark Web ID. In less than 5 minutes, you can begin monitoring, reporting and mitigating credential-based exploits that, even with the most robust security defenses in place, can be used to access your client’s data.
Dark Web ID will notify you when it discovers compromised data that matches your client’s email domains and show you how the data was discovered, including 3rd party data breaches, keyloggers, malware or phishing exploits. As the associated passwords are often discovered in “clear-text” (meaning unencrypted), you are able to automatically compare it against your client’s internal password criteria (minimum character lengths, number of letters, numbers, special characters, and capital letters) to focus on exposures more quickly that have a higher probability of being used to exploit or breach your clients network. Hashed or (encrypted) password can be just as damaging because there are now dozens of free websites that can be used by criminals to decrypt hashes within seconds.
In addition to how the data was discovered, our analysts will often provide where it was discovered. Some of the areas that are identified include:
ID Theft Forums – hard to access Internet Relay Chat (IRC) forums, hacking sites, and private member-only sites where criminals go to buy, sell, and trade personal and financial data.
Social Media Sites – social networks including recently exploited sites like LinkedIn, Twitter as well as legacy, but still active platforms like Myspace.
3rd Party Web Sites – exploited sites like Dropbox, major hotel brands and other commonly accessed sites that your clients will register with, using their employer issued email address out of convenience or negligence.
Dark Web ID is quickly becoming the industry standard among MSPs and MSSPs globally. Our solutions give you the ability to increase your monthly recurring revenue quickly and cost-effectively, customer stickiness and increase your new client conversion rates through our search tools. Leverage Dark Web ID to enhance your security offering, provide security and phishing awareness training and sell much-needed add-on solutions like 2-factor authentication.
Contact us today to learn more about our Partner Program, to protect your clients from harmful cyber threats!