by Cody Lents, partner and customer steward, COVI, Inc.
Merriam-Webster defines the “Dark Web” as “The set of web pages on the World Wide Web that cannot be indexed by search engines, are not viewable in a standard web browser, require specific means (i.e., specialized software or network configuration) to access, and use encryption to provide anonymity and privacy for users.”
The Dark Web provides people with a level of privacy and anonymity that the internet we’re all used to does not. That may sound appealing. However, many risks are associated with using the Dark Web. It can be a hazardous environment unless you’re well prepared for the potential online dangers.
For nonprofit organizations, public trust is essential. It requires little to no skill or expertise for inexperienced hackers — often called “script kiddies” — to deface nonprofit websites, steal data, or leak confidential information, harming an organization’s overall credibility. As a result, nonprofit organizations must remain vigilant and take proactive steps to prevent cyber-attacks and protect their sensitive data.
Script kiddies are individuals who carry out cyber-attacks using pre-existing tools and scripts, often without a comprehensive understanding of the underlying technology. Some script kiddies obtain hacking tools by accessing the Dark Web, where they can find forums and marketplaces to exchange information or purchase services related to cybercrime. These tools can give them unauthorized access to nonprofit organizations’ servers and lead to the exposure of sensitive data, such as donor information.
It’s worth noting that not all script kiddies use the Dark Web. Many of them rely on more conventional methods to access the software they need to launch DDoS attacks or plant malware. Nevertheless, they remain a significant threat to non-profit organizations.
Distributed denial-of-service (DDoS) attacks are a common tactic used by script kiddies to disrupt the normal traffic of a targeted website. In a DDoS attack, a flood of internet traffic overwhelms the website, much like an unexpected traffic jam on a highway, preventing regular traffic from arriving at its destination. These attacks can cause websites to crash, resulting in a loss of donations, reduced visibility, and negative publicity.
The Dark Web comes with advantages and disadvantages, but using the space is never recommended.
Only about 4 percent percent of information can be accessed using search engines available on the conventional internet, also referred to as the Surface Web (what we’re all used to using all day, every day). The rest, which is not searchable on Google or Bing, is called the Deep Web.
The Dark Web is part of the Deep Web. The Deep Web consists of pages that are not indexed and can be accessed directly, while the Dark Web consists of pages and files that have been intentionally hidden and require specific software and protocols, such as the Tor network or the Freenet peer-to-peer platform, to access.
Anonymity is the main reason why people use the Dark Web. When you use the Dark Web, your information is protected from surface web spies, allowing you to browse without the worry of being traced or censored by authorities. Additionally, content found on the Dark Web cannot be found on the Surface Web, opening up a whole new world of content consumption for users.
You’ll likely hear a lot about Dark Web Monitoring around the holidays and commerce events such as Prime Day, Black Friday, and Cyber Monday. These are services that survey your information on the Dark Web and alert you when it is found. While there is value in knowing what has been leaked to the cybercriminal playground, these alerts often offer few, if any, actionable tasks to help you protect yourself.
For example, “Dear Mr. Covi, we’ve found your social security number on the Dark Web at example.org. Your information may have been released without your knowledge and is likely the result of a company’s data being hacked or breached.” – There is no actionable next step for you.
When the service or company you use for Dark Web Monitoring adds recommendations to your alerts, their value increases.
For example, “Dear Mr. Covi, there was a breach at www.thenexthackedcompany.com and your firstname.lastname@example.org email address was stored for that site. The breach included email addresses, passwords, and usernames. We recommend that you change your password for this site immediately and, if you use this password for other sites, change them as well.” – There are actions to be taken, but will you know how to take them and ensure that all necessary ones have been taken?
When the service or company you use for Dark Web Monitoring utilizes a layered approach to protecting your credentials and personal identifying information (PII), the alerts carry a similar value in and of themselves, but the management of the alerts elevates that value to protect your organization and your people by maintaining your cybersecurity risk posture and allowing everyone to stay focused on daily tasks and the meaningful work that aligns with your company’s mission and vision.
For example, “Dear Mr. Covi, there was a breach at www.thenexthackedcompany.com and your email@example.com email address was stored on the site. The breach included email addresses, passwords, and usernames. Our security team has sent links and instructions to the affected user(s) to reset their password(s) and has reviewed other known accounts for any repeated use, so that those can be reset, too.”
A layered approach to Dark Web Monitoring could look like this:
- Credential Management
- Dark Web Monitoring
- Credit Monitoring
- Fraud Protection
- Complex Password Policy Management & Enforcement
- Multi-factor Authentication (MFA) Enforcement with Single Sign-on (SSO)