Deeper MSP And VAR Security Services Should include Dark Web Monitoring

October 18, 2017

By Kevin Lancaster, CEO at ID Agent, Article on MSP Insights

Recent studies show that 73 percent of the U.S. population (237,736,346) have at least one compromised credential and 18 percent (60,441,444) have a compromised social security number found within the Dark Web, the portion of the Internet that is hidden from conventional search engines. In 2016-2017, 4.2 billion email account credentialshave been identified for sale, not including fake data. The global cost of data breaches will reach $2.1 trillion by 2019.

Google, BING and Yahoo only search .04 percent of the Internet, while the other 99.96 percent of the web consists of databases, private academic and government networks and the Dark Web. The Dark Web is estimated at 550 times larger than the Surface Web and is growing. Because users can operate anonymously, the Dark Web holds a wealth of stolen data and illegal activity.

Once data is posted for sale within the Dark Web, it most likely is copied and distributed (re-sold or traded) to a large number of cyber criminals within a short period of time. While cyber breaches are no secret, many don’t realize that institutions and individuals are highly vulnerable to exposure of personally identifiable information (PII) on the Dark Web. This vulnerability of employees’ most valuable personal digital identity lends high vulnerability to valuable corporate systems.

Breaches most commonly happen through a cyber hack. Cyber criminals, typically aiming to profit using stolen credentials – an individual’s name and social security number, driver’s license number, medical or financial records – either hack into a user’s account with a login and password, trick a user into downloading malicious software or otherwise gain access to a company’s or consumer’s valuable data. Other causes of breaches include insider theft, accidental exposure, third-party breach or employee negligence.

Clearly, the frequency and sophistication of cyber attacks is getting worse. Most U.S. businesses don’t have the knowledge or resources to protect themselves, and they are being violated by malicious actors. Although exposed credentials don’t signify that an organization is being directly targeted, the information is still readily available on the Dark Web, leaving an organization vulnerable in the future if preemptive steps are not taken.

As a service provider or reseller, are you offering the deepest and broadest coverage of security services to help ensure the integrity of your customers’ business assets, networks and systems, as well as employees’ information? Dark Web monitoring services are allowing IT service providers, MSPs and MSSPs to educate their clients about the high risk of the Dark Web and protect them from the dramatic rise in credential-based exploits.

Dark Web monitoring solutions scour millions of sources including botnets, criminal chat rooms, peer-to-peer networks, malicious websites and blogs, bulletin boards, illegal black market sites and other private and public forums. Additionally, these services – providing an opportunity for MSPs to stand out in a crowded marketplace where it’s hard to differentiate – identify and monitor for an organization’s compromised or stolen employee and customer data, even when the most robust security defenses are already in place.

Credential exposures can also provide MSPs a door-opener to speak about other services and capabilities, showing customers the many ways they can protect their valuable assets. Delivering affordable, add-on services with 24/7/365 alerting and monitoring for signs of compromised credentials, allows MSPs to quickly and cost-effectively increase monthly recurring revenue, customer stickiness, dependence and satisfaction as well as attract and retain new customers.

It’s no secret that cybersecurity breaches are on the rise, particularly for the business and medical industries, though all, including education, government/military, banking and financial as well as individuals are at high risk. Exposed passwords, configurations, IP address assignments, administrative usernames and password formats – all increases attackers likelihood of gaining access to clients’ environments. With so many large, high profile breaches in the news – recently Equifax, Deloitte, SEC and many others – it’s reasonable to assume that it’s highly likely all clients have done work with an organization that has suffered a breach. So, it’s highly likely all of your clients have compromised data.

As such, MSPs should consider adding Dark Web monitoring services to their security portfolio so they are offering the latest, most comprehensive, protective security services to clients. Starting today when likely all your clients’ assets are already compromised could prevent catastrophes tomorrow.


KevinKevin Lancaster has served as Chief Executive Officer of ID Agent since its founding in 2015.  Kevin is an Executive Committee and Board of Directors member of the Maryland Tech Council and serves on the board of directors for the Navy Youth Hockey Association.