Is Monitoring the Dark Web the Best Way to Slow Down Cybercrime?

 

Small and mid-sized empire market mirror businesses have ended up being the target of cybercrime and data breaches because they do not have the interest, time or money to create defenses to safeguard against an attack. Many have a large number of accounts that hold Personal Identifying Information, PII, or intelligent property that could include patents, research, and unpublished electronic assets. Other small businesses work directly with larger organizations and can serve as a portal of entry much such as the HVAC company was in the Target data breach.

A few of the brightest minds allow us creative ways to prevent valuable and private information from being stolen. These information security programs are, for the absolute most part, defensive in nature. They basically set up a wall of protection to keep malware out and the data inside safe and secure.

 

Sophisticated hackers discover and use the organization's weakest links to create an attack

 

Unfortunately, even the best defensive programs have holes in their protection. Here would be the challenges every organization faces according to a Verizon Data Breach Investigation Report in 2013:

 

76 percent of network intrusions explore weak or stolen credentials

73 percent of online banking users reuse their passwords for non-financial websites

80 percent of breaches that involved hackers used stolen credentials

Symantec in 2014 estimated that 45 percent of attacks are detected by traditional anti-virus and thus 55 percent of attacks go undetected. The result is anti-virus software and defensive protection programs can't keep up. The bad guys could already be within the organization's walls.

 

Small and mid-sized businesses can suffer greatly from a data breach. Sixty percent go out of business in just a year of a data breach based on the National Cyber Security Alliance 2013.

 

So what can an organization do to safeguard itself from a data breach?

 

For quite some time I've advocated the implementation of "Best Practices" to safeguard personally identifying information within the business. You will find basic practices every business should implement to meet the requirements of federal, state and industry rules and regulations. I'm sorry to say hardly any small and mid-sized businesses meet these standards.

 

The second step is something new that many businesses and their techs haven't been aware of or implemented to their protection programs. It involves monitoring the Dark Web.

 

The Dark Web holds the secret to slowing cybercrime

 

Cybercriminals openly trade stolen info on the Dark Web. It holds the success of information that may negatively impact a business’s current and prospective clients. This really is where criminals head to buy-sell-trade stolen data. It is straightforward for fraudsters to access stolen information they should infiltrate business and conduct nefarious affairs. An individual data breach could put an organization out of business.

 

Fortunately, you can find organizations that constantly monitor the Dark Web for stolen information 24-7, 365 days a year. Criminals openly share these records through chat rooms, blogs, websites, bulletin boards, Peer-to-Peer networks, and other black market sites. They identify data as it accesses criminal command-and-control servers from multiple geographies that national IP addresses cannot access. The quantity of compromised information gathered is incredible. For instance:

 

An incredible number of compromised credentials and BIN card numbers are harvested every month approximately one million compromised IP addresses are harvested every day.

 

These details can linger on the Dark Web for weeks, months or, sometimes, years before it's used. An organization that monitors for stolen information can easily see almost immediately when their stolen information shows up. The next thing is always to take proactive action to completely clean up the stolen information and prevent, what could become, a data breach or business identity theft. The data, essentially, becomes useless for the cybercriminal.

 

What might eventually cybercrime when most small and mid-sized businesses take this Dark Web monitoring seriously?

 

The effect on the criminal side of the Dark Web could possibly be crippling when nearly all businesses implement the program and take advantage of the information. The goal is always to render stolen information as useless as quickly as possible.

 

There won't be much effect on cybercrime until nearly all small and mid-sized businesses implement this type of offensive action. Cybercriminals are relying on hardly any businesses take proactive action, but when by some miracle businesses awaken and take action we will see a significant effect on cybercrime.

 

Cleaning up stolen credentials and IP addresses aren't complicated or difficult knowing that the data has been stolen. Oahu is the businesses that don't know their information has been compromised which will take the largest hit.

 

Is this the best way to slow down cybercrime

? What do you this is the best way to safeguard against a data breach or business identity theft - Option one: Await it to take place and react, or Option two: Take offensive, proactive steps to get compromised info on the Dark Web and clean it down?