Please fill in the form below to subscribe to our blog

Categories

Tags

Australia BullPhishID BullPhish ID Canada commercial credential stuffing cyberattack cybercrime cybersecurity Dark Web dark web credential loss Dark Web ID dark web monitoring dark web threat Data Breach Data Breach Alerts data compromised data loss prevention data theft France hacking healthcare insider threats Japan MSPs MSP Solutions MSP Space nation-state hackers Passly passwords phishing phishing resistance phishing resistance training ransomware remote working retail security security awareness training SMB cybersecurity stolen credentials supply chain risk The Week in Breach third party risk United Kingdom United States

The Thriving Dark Web Economy is Bad News for Businesses

January 12, 2023
an ominously dark image of a hacker in a blue grey hoodie with the face obscured.

Every Business Needs to be Aware of Dark Web Danger

The dark web has become a mainstream topic in recent years due to a significant rise in illegal activities on several dark web forums. A likely explanation for this sudden rise is the increased bandwidth of The Onion Router (Tor) browser, savvier cyber-criminals and the continued success of cybercrime. The dark web holds the world’s third-largest economy, and that economy is growing, which is bad news for businesses.

See how security awareness training stops the biggest security threats! GET INFOGRAPHIC>>

What is the dark web?

The world wide web (commonly known as the web) comprises three sections: the Surface Web, the Deep Web, and finally, the Dark Web. The contents of the surface web, which consist of 10% of the total content of the web, can be accessed using standard search engines such as Google, Bing and others. The deep web consists of the other 90% of the web’s content hidden that is typically gated behind a password or paywall, such as company intranets, online banking and most social media. Regular search engines cannot index the information on the deep web. You need the Tor browser to navigate the extent of the Dark Web by cloaking them with a veil of anonymity. 

Take a look at traffic patterns on The Onion Router (TOR), the most popular dark web browser.  

TOR… 

Where in the World Are Dark Web Users? 

Country   Mean daily users   % of Total 
Russia 35546 46.98 % 
United States 7128 9.42 % 
Germany 3372 4.46 % 
Iran  2639 3.49 % 
France  1925 2.54 % 
Netherlands 1864 2.46 % 
United Kingdom 1765 2.33 % 
China 1427 1.89 % 
Belarus 1342 1.77 % 
India  1331 1.76 % 

Source: TOR

Like the Bermuda Triangle – a small region in the western part of the North Atlantic Ocean where many aircraft and ships are said to have disappeared – the dark web is also a tiny and infamous portion of the deep web, which is a hotbed of all the nefarious activities. For a layman, it is an unexplorable area, but for wicked cybercriminals, it is their workplace — a lucrative space for money-making. Cybersecurity Ventures predicted that the dark web would inflict about $6 trillion in damages worldwide in 2021, and they were on the mark.

Learn how a new integration between BullPhish ID & Graphus saves time & money. SEE THE DETAILS>>

What happens on the dark web?

Although the dark web offers a legitimate space for identity protection to journalists and political bloggers living in countries with the threat of censorship and political imprisonment, those aren’t the only people using the dark web. Dark web forums are hotbeds of criminal activity. Popular activities on dark web sites and forums include trafficking in illegal goods, guns, drugs, intellectual property, stolen data and cybercrime tools and services like black hat hacking.

Among the services bought and sold on the dark web, 90% are from people looking to hire hackers who can infiltrate websites and steal databases. Another 7% of people on the dark web are hackers who offer Hacking as a Service (HaaS) to potential buyers. Many of these service providers provide exciting offers to their clients as there has been a significant rise in the forums offering HaaS in recent years. The remaining 4% of dark web traffic comes from the people frequenting dark web forums for hacking services related to website hacking and malicious code injection and meeting with like-minded professionals 

What’s next for MSPs? Find out in the Datto Global State of the MSP Report: Looking Ahead to 2023 DOWNLOAD IT>> 

Cybercrime as a Service is a booming industry

Cybercrime as a Service (CaaS) is a booming business with many branches including  Phishing as a Service (PhaaS) and Ransomware as a Service (RaaS). Hiring cybercrime contractors is cheap and easy. PhaaS follows the Software as a Service model (SaaS) that many legitimate tech companies use. In a PhaaS scenario, bad actors engage cybercriminals developers to cook up the elements of a phishing campaign like false sign-in page development, website hosting,  spoofed emails and credential parsing. PhaaS operators can also perform a wide variety of smaller a la carte services like hosting a single phishing site or providing a template for a one-time send. A PhaaS group’s subscription prices vary dependent on a host of factors, but in general, the service can cost about $800 per month. That’s a worthy and affordable investment for ransomware groups looking to score hundreds of thousands of dollars in ransom money every month.

While many assume highly skilled programmers are behind ransomware or other malware, many cybercrime groups don’t write their own code; they might not even have personnel on board who know how to write it. Instead, these days malware is commonly packed as plug-and-play software complete with a user manual. An estimated 300,000 thousand new pieces of malware are created daily. Malware as a service (MaaS) and it’s offshoot Ransomware-as-a-Service(RaaS) is a business model that offers the usage of ‘pay-and-use’ malware for conducting cybercrime. The dark web is set to be a significant contributor to the rise in global ransomware damage cost, which is predicted to exceed $265 billion annually by 2031.

What worries security pros? The Kaseya Security Insights Report 2022 tells you. GET YOUR REPORT>>

It’s cheap and easy to buy stolen data

With the significant growth of the dark web, the dark web markets have everything from social media credentials, business credentials, and critical business information to credit card details. According to the Dark Web Price Index 2022, cybercriminals can acquire credit card details and online banking login information for as little as $50 from various dark web marketplaces, forums, and websites. The same research revealed that hackers on dark web forums sell a variety of stolen data, such as:

  • Credit card information for between $17-$120
  • Online banking account information for about $65
  • A hacked Facebook priced at $45
  • Cloned VISA with a PIN has a price tag of $20
  • Stolen PayPal account details with a minimum $1000 balance are sold at $20
  • A full range of documents and account details for identity theft can be obtained for $1,010

Scammers can buy all the necessary credit card details, such as CVV number, card number, and associated dates, enabling them to perpetrate digital fraud quickly and easily. With the rapid growth of the cryptocurrency market, many dark web forums also sell digital wallets of platforms such as LocalBitcoins and Coinbase for less than $250. Credentials are also a hot commodity. Cybercriminals can quickly get their hands on vast quantities of credentials that have been snatched or stolen in cyberattacks, sometimes without spending a dime. Researchers at Digital Shadows have determined that right now there are 24.6 billion complete username and password sets available on the dark web. 

This infographic helps IT professionals get the most out of a security awareness training solution. DOWNLOAD IT>>

Protect your business from dark web threats with Dark Web ID

There is no stopping the growth of the dark web, but you can mitigate a company’s dark web danger with an innovative dark web monitoring solution like Dark Web ID

Dark Web ID is an award-winning dark web monitoring platform that uses human and machine intelligence to find passwords, data, and other sensitive things that could put a business at risk for a cyberattack or data breach. The intuitive and automated monitoring platform uncovers your compromised credentials in dark web markets, data dumps and other sources before they can harm your organization. If we find a red flag, we quickly alert organizations to the danger – giving defenders time to address vulnerabilities or mitigate damage. SEE A DEMO VIDEO OF DARK WEB ID>>

  • 24/7/365 monitoring using real-time, analyst-validated data      
  • Monitoring of business and personal credentials, including domains, IP addresses and email addresses      
  • Gain priceless peace of mind about dark web dangers 

Companies can’t afford to miss potential risks from the dark web. Get the most accurate picture with Dark Web ID, the always-on solution that knows what to look for to find real threats in real-time to keep data and systems safe. SCHEDULE A DEMO OF DARK WEB ID>>

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>

Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!

SCHEDULE IT NOW>>