Article Read Time
Your password and the Dark Web are not a good mix. The Dark Web…sounds like something out of Star Wars. No, wait, that’s the Dark Side.
The Dark Web IS the dark side. It is the dark side of the internet.
It requires special tools to access, so you cannot just Google it and go there from your regular browser. That is, you can’t accidentally stumble into it.
It is primarily used as a platform for activities to evade law enforcement. One of these activities is the selling of stolen personal/private information. The data is stolen through data breaches (cyber attacks) of organizations with large databases of such information. This data may include names, Social Security numbers, birthdates, credit card information, health records, and other sensitive information. These are sold for identity theft or credit card fraud.
One of the most significant uses is to sell email addresses and passwords. The purpose isn’t so that you can receive spam emails. That would be frustrating for sure. But it’s much more treacherous than that.
Cyber criminals count on users to reuse the same password for multiple accounts. Then, with your email address and password, a cyber criminal can access your accounts. Let’s say, for example, from the LinkedIn breach, your username (Wile.E.Coyote@Acme.com) and password (DieRoadRunner) are on the dark web. You may have changed your LinkedIn password. However, you didn’t update it on your bank account or work account. The cyber criminal knows you work at Acme from your email. So they try to log in to your work account using your password. Once they’re in, they can access anything you can access. Or they can send an email from your account. If you’re the CEO, they could send an email to the finance officer (as you) directing her to wire $1M to an offshore account.
All it takes is one hit for a criminal to gain access to your company, just one employee to use the same password on their work account that they use on other accounts. One hundred employees may practice good cyber hygiene, but it does not apply to all of them.
It is estimated that 76% of employees and executives reuse passwords across personal and professional accounts.
Criminals can also go after you. They can try to log in to various bank accounts to see if that username and password work. Again, once in, they can drain your personal bank account.
All this just because you didn’t take the time to use different passwords on your accounts.
In 2020 alone, 22 million new records were added to the Dark Web.
A short-term solution is to use multi-factor authentication (MFA). Even if the criminal has the username and password, they still cannot gain access because they don’t have the one-time code required via the MFA device. Studies show that MFA can stop 99% of password-based cyber attacks.
Do you prioritize the safety and security of your organization? Allow Commonwealth Sentinel to be your partner in risk reduction and ensuring the well-being of all. Our comprehensive services encompass a range of solutions, including software and hardware, as well as training and policy implementation. Contact us at (502) 320-9885 to learn more about how we can help you achieve peace of mind. You can schedule a free consultation by clicking here.