Please fill in the form below to subscribe to our blog

4 Dark Web Threats Businesses Need to Watch

March 16, 2023
dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Every Business Needs to be Aware of these Dark Web Threats

The dark web is constantly evolving to present a thorny ticket of hazards for businesses. The point of origin for many of today’s most nasty and damaging cyberattacks, the dark web is the world’s third-largest economy and unlike many of the world’s industries, constantly growing dark web threats. Cybersecurity Ventures predicts that global cybercrime costs will grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025. That’s good news for cybercriminals and bad news for businesses. Dark web threats abound, endangering businesses from a myriad of vectors. These four dangers are just a few of the hazards that businesses face from today’s bustling dark web.   

Excerpted in part from our eBook The IT Professional’s Guide to the Dark Web DOWNLOAD IT>>

Cybercrime-as-a-Service is a growth industry & the top dark web threat 

The Cybercrime-as-a-Service gig economy is the main driver of economic growth on the dark web and it is getting bigger every year. The growth of that industry is the biggest dark web threat that businesses face today. Cybercrime specialists typically sell their goods and services on dark web message boards, Discord servers and Telegram channels, and are generally paid in cryptocurrency. An estimated 90% of posts on popular dark web forums are from buyers looking to contract someone for cybercrime services. Now this industry is experiencing even more explosive growth thanks to the success that AI tools like Chat GPT and GPT-3 bring to the table, especially for phishing scams.   

Malware-as-a-Service or Ransomware-as-a-Service  

Malware-as-a-Service (MaaS), or its offshoot Ransomware-as-a-Service (RaaS), is a thriving sector of the dark web service economy. This type of operation offers pay-and-use malware for conducting cybercrime. Think of it as bad actors adopting the Software-as-a-Service revenue model. Malware authors develop and maintain software for prospective customers, much like any other software company. And like any other business, hiring specialists and service providers often makes good business sense for major cybercrime groups and nation-state threat actors. It is estimated that 300,000 new pieces of malware are created daily.  

Get tips & advice to help you build a smart incident response plan in our guide. GET YOUR GUIDE>>


According to Microsoft researchers, a Phishing-as-a-Service (PhaaS) group’s subscription prices depend on a host of factors, but in general, the service can cost about $800 per month. Many of these operators offer what amounts to a one-stop shop for phishing, with phishing kits available for as little as $30. These groups feature everything from DIY kits to full-service contracting. It’s easy and cheap for a cybercrime group to hire a PhaaS practitioner who will take care of everything — build and host a phishing site, create and install a phishing template on the site, configure the domain and take care of every technical aspect, send emails to victims and collect credentials or other desired data.  

Cybercrime affiliations 

Cybercrime gangs are a major dark web threat. Most ransomware gangs recruit affiliates to conduct the actual attacks. In a common affiliate relationship scenario, the boss gang provides the affiliates with the proprietary malware used in the incident and access to specialized resources if needed. The affiliates typically handle the day-to-day business of the attack, sometimes turning the operation over to the boss gang when it’s time to negotiate the ransom. Affiliates are generally on the hook to pay the gang that recruits them an estimated 10% to 25% of the total take. Interestingly, many gangs operate formalized affiliate programs with terms and conditions that affiliates must abide by, like not attacking children’s hospital, and they’ll disavow affiliates that break those rules quickly.  

a white woman smiling at a desk with data readouts behind her in a Managed SOC

Kaseya’s Security Suite makes keeping businesses out of cybersecurity trouble easy & affordable. SEE HOW>>

3 More Big Dark Web Threats

Cybercriminals are interested in many things to power their operations, like these three dark web threats.

Stolen credentials 

One of the biggest dark web threats to businesses is credential compromise. Initial access brokers specialize in selling credentials that unlock the door to companies. A legitimate corporate credential can go for $2-$4,000. Sometimes they gain those credentials from malicious insiders or former employees. In other cases, bad actors buy or obtain huge lists of credentials stolen in other breaches. Stolen credentials cost businesses a fortune – by the end of 2022, credential theft had cost companies $4.6 million, up from $2.79 million in 2020.

They are often used in credential stuffing attacks — a cyberattack in which bad actors pelt a company’s defenses with thousands of credentials quickly in the hope that someone at that company has recycled a compromised password. There are more than 24.6 billion complete sets of usernames and passwords in circulation on the dark web, which is four full sets of credentials for every person on Earth. 

Insecure operational technology or industrial control systems  

Bad actors are hungry for information about business’ operational technology (OT) or industrial control systems. Every time that type of data falls into their hands, it makes it easier for them to conduct cyberattacks against infrastructure and manufacturing targets. Nation-state threat actors are interested in this data for their own purposes. Mandiant analysts discovered that one in seven cyberattacks gives the bad guys access to sensitive information about a business’s operation technology or industrial control systems.   

Malicious insiders 

It may not seem like it at first glance, but malicious insiders are a major dark web threat. When an employee wants to harm their employer or make money fast, the dark web is one of the first places they turn. Malicious insiders have many profitable options on the dark web, including selling their legitimate credentials or peddling their company’s proprietary data, customer lists or intellectual property. Malicious insider actions are responsible for an estimated 25% of confirmed data breaches.   

See how security awareness training stops the biggest security threats! GET INFOGRAPHIC>>

How Can I Mitigate Dark Web Risk Affordably? 

Kaseya’s Security Suite can help protect businesses from dark web threats effectively and affordably.  

Security awareness training plus phishing simulation          

BullPhish ID is the ideal security and compliance awareness training solution for companies of any size.  This powerhouse is the channel leader in phishing simulations.    

  • An extensive library of security and compliance training videos in eight languages        
  • Plug-and-play or customizable phishing training campaign kits        
  • New videos arrive 4x per month and new phishing kits are added regularly           

Dark web monitoring            

Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.           

  • 24/7/365 monitoring using real-time, machine and analyst-validated data             
  • Fast alerts of compromises of business and personal credentials, including domains, IP addresses and email addresses           
  • Live dark web searches find compromised credentials in seconds        
  • Create clear and visually engaging risk reports           

Automated, AI-powered antiphishing email security       

Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.        

  • Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast          
  • Cloud-native security harnesses machine learning to inform AI using a patented algorithm.         
  • 3 layers of powerful protection at half the cost of competing solutions         
  • Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance     

Managed SOC   

Get the top Managed SOC that leverages our Threat Monitoring Platform to give you access to an elite team of security veterans hunt, triage and work with your team when actionable threats are discovered   

  • Detect malicious and suspicious activity across three critical attack vectors: Endpoint, Network & Cloud   
  • Patent-pending cloud-based technology eliminates the need for on-prem hardware   
  • Discover adversaries that evade traditional cyber defenses such as Firewalls and AV  


Datto Endpoint Detection and Response (EDR) gives MSPs the edge that enables them to detect and respond to advanced threats. 

  • Provide insight into the suspicious behavior that has been detected and stopped on your customers’ endpoints 
  • Highlight smart recommendations for security best practices to make security standard compliance easy 
  • Our click-to-respond feature supports your team in taking action against cyber-attacks as quickly as possible to reduce potential damage

Schedule your demo of Kaseya’s Security Suite solutions today!

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!