By now, you have likely heard of the Dark Web. Linked to an ever-expanding list of high profile data breaches, identity theft, and other criminal activity, it’s a trending topic on news reports and technical blogs.
But what is the Dark Web, really? And is it different from the so-called Deep Web?
Are these shadowy corners of the internet something to actually worry about, or is the media making a big deal over nothing?
Because the Dark Web is so misunderstood by average technology users and remains a haven for cybercriminals looking to make a buck off of illegal goods like lists of stolen credit card numbers, it is critical that small business owners and managers understand the threats these criminals pose.
Here are some basics on what you absolutely need to know about the Dark Web and how you can keep your business safe.
You can’t search the Dark Web
One answer to the question, “what is the Dark Web?” is that it’s a collection of websites not “crawled” or indexed by traditional search engines like Google and Bing. That means you can’t search it or even locate it without a bit of effort and technical know-how.
The Dark Web exists beyond the edges of the traditional internet, and you can only access it with specialized browser software designed to encrypt and obscure user activity.
Because of its anonymous nature, the Dark Web makes it easy for criminals to hide and transact illegal business with much less risk of getting caught by law enforcement or government authorities. Tracking individual users is challenging at best, and the Dark Web itself morphs and changes as different marketplaces get taken down – sometimes in highly publicized FBI raids – and others crop up to take their places.
The Deep Web vs. the Dark Web
If anonymity and encryption online cause all these problems, why not just eliminate them? The problem is that we need them to transact real (non-criminal) business like banking and online shopping.
That’s where the Deep Web comes in. Also not indexed by search engines, the Deep Web or “invisible web,” is mostly used for harmless, everyday work and commerce. It actually makes up about 90% of the internet. Everything from test websites used by web designers to your bank accounts to your business’s cloud storage solutions makes up the Deep Web.
Confusingly, the Dark Web is also part of the Deep Web, and this leads people to sometimes use the names interchangeably. As we’ve shown, they are not the same thing.
The internet is like a city…
One way to better understand how these two areas of the web relate to one another is to imagine a real city. There are public spaces that anyone can visit like stores and museums – that’s similar to the traditional “visible” internet. Search engines are like a map to these places.
Next, there are the office buildings and private homes that make up most of the city environment. You can’t go to these places unless you have some authorization (you live there, work there, are a member of a club, are visiting friends, etc.), and you likely need a key or permission from the building’s owner or manager to get access. That’s the Deep Web – mostly accessible with passwords and other login credentials.
The Dark Web is like those hidden spaces that exist in real-life cities where people go to do illegal activities like selling drugs and trading stolen goods. As an average, law-abiding citizen, you probably realize these places are nearby, but you likely don’t know how to access them (nor would you want to). These dark nooks and crannies are a small percentage of the space in most cities, just as the Dark Web does not occupy all that much of the Deep Web or the wider internet itself.
Why is the Dark Web so dangerous
The main problem with the Dark Web is that the criminals who hang out there don’t just stay there. Like thieves in the physical world, hackers and cybercriminals prey on innocent victims throughout the larger “city” of the internet.
However, because the Dark Web is anonymous, in operation 24/7, and technically connected to everything on the internet, it represents a much bigger threat than real life criminals, who are limited by physical world barriers like surveillance systems, transportation challenges, the presence of police, and time.
Those barriers – including the amount of time it takes to launch large numbers of attacks simultaneously – don’t limit cybercriminals. And unfortunately, small businesses are the easiest, most profitable targets.
I’m not a criminal, why should I care about the Dark Web?
According to survey data from Travelers, a major provider of cyber insurance, 1 in 5 businesses experienced a data breach or other cyberattack last year, the rate of which had doubled since 2015. Cybercrime is on the rise, and it’s almost certain that your business will experience a breach in the not-distant future. In fact, in that same survey, 52% of business leaders indicated that they believed their business would be victimized by cybercriminals, yet they hadn’t yet taken productive steps to mitigate their risk – that’s scary!
Small businesses are at particular risk because hackers know that these organizations are less likely to have invested in cybersecurity resources and training for their employees. Both time and budgets are often spread too thin, which means there are simply fewer people with the capability to prevent a cyberattack in these organizations, making your company’s data an easy target.
How can I protect my business?
Luckily, there is much you can do to defend your business from inevitable cyberattacks. Investing in ongoing cybersecurity testing and training for your employees is a great first step, as we mentioned.
This includes teaching your team to use strong passwords and good password hygiene, among other technical skills, and assuring that everyone knows how to spot phishing attempts and malicious emails.
You might also consider purchasing a cyber insurance policy, though these can be prohibitively expensive and may not be a necessity in all industries at this point. (You can weigh the pros and cons of this type of protection with your business insurance broker).
Dark Web monitoring is a newer tool that scans the Dark Web for your information and alerts you to potential breaches or stolen information without you having to venture into that shadowy world yourself. The best way to get access to Dark Web monitoring and other proactive cybersecurity measures for your smaller business is to contract with an MSP, or managed IT service provider, in your local area.
Here in the Lancaster, PA region, EZComputer Solutions is ready to help you keep your business safe from Dark Web threats and other cybercrime. Give us a call today to receive a friendly quote and learn how we can help you protect your data, your employees, and your business.