Tech Insights: Six Questions Your Organization Should Be Asking About the Dark Web

Joe Howland, Chief Information Security Officer

The information contained in this article is not intended as legal advice and may no longer be accurate due to changes in the law. Consult NHMA's legal services or your municipal attorney.

The Dark Web is a term that is used often as cybersecurity conversations pick up. But, why does it matter to your organization?

What is the Dark Web?

In simple terms, it’s the part of the Internet that is only accessible with special tools and users can remain anonymous. Unfortunately, that creates an environment that is ideal for illegal activity to occur.

What information is on the Dark Web?

When hackers steal information through cyber attacks like data breaches and phishing, they often put it on the Dark Web. This information is primarily compromised of login information, Social Security Numbers, credit card numbers, and other personally identifiable information (PII). It is common for an organization to be totally unaware of its stolen information on the Dark Web.

What can happen if your organization’s information is on the Dark Web?

It can impact your organization’s finances, operations, and reputation. For example, a hacker could:

  • Block access to your primary software applications;
  • Use personal information to send more convincing phishing attacks;
  • Access and publish sensitive customer or resident information.

Compromised credentials become especially problematic. Employees often mistakenly use the same password to login to different services. Hackers can quickly use breached credentials to try and access other systems.

How do I know if my organization’s information is on the Dark Web?

Dark Web scans and ongoing monitoring can uncover the information. The scan identifies discovered compromised account login information associated with your domain (e.g. vc3.com). However, the Dark Web is growing and evolving every day. So, the tools and companies that perform these scans have an uphill battle to keep pace with its rapid expansion. As a result, the accounts found with a scan do not necessarily constitute all the compromised accounts associated with your domain on the Dark Web. Because that gap exists, it’s important to have ongoing Dark Web monitoring. You and your organization need as much information as possible to enhance the protection of your organization and its employees.

What should I do if my data is on the Dark Web?

Immediately change compromised passwords and NEVER use that password again professionally or personally. This often leads to a good conversation with employees to ensure they are using unique passwords at work and at home to maximize protection.

Once information is on the Dark Web, it cannot be removed. The toothpaste is out of the tube. As a result, you may notice some of the compromised information is old and no longer relevant. This could include past employees or old login information.

What’s my long-term plan?

Ongoing monitoring is only part of a strong cybersecurity plan. Its value depends on strong employee awareness training paired with login monitoring and multi-factor authentication.

You need to take corrective action on compromised credentials and then proactive training to avoid future issues. Login monitoring will help detect atypical login behaviors to prevent the use of a compromised credential before it becomes a major problem. Multi-factor authentication combats the use of stolen credentials because hackers need more than a user name and password to access an appropriately configured service.

If you don’t have a cybersecurity plan in place, speak with a professional. Cybersecurity is a specialized component of Information Technology (IT) and, as a result, often requires assistance beyond your current IT team.

About VC3

Joe Howland is Chief Information Security Officer for VC3. VC3 is a leading managed services provider with a focus on municipal government. Founded in 1994 with offices across the east coast, VC3 forms partnerships with municipalities to achieve their technology goals and harness their data. In addition to providing comprehensive managed IT solutions, VC3 offers cybersecurity, website design, custom application development, and business intelligence services. Visit www.vc3.com to learn more.