According to ITProPortal, the cybercrime economy could possibly be larger than Apple, Google and Facebook combined. The has matured into an organized market that’s probably more profitable than the drug trade.
Criminals use innovative and state-of-the-art tools to steal information from large and small organizations and then either use it themselves or, most common, sell it to other criminals through the Dark Web.
Small and mid-sized businesses have grown to be the prospective of cybercrime and data breaches because they don’t have the interest, time or money to create defenses to protect against an attack. Many have thousands of accounts that hold Personal Identifying Information, PII, or intelligent property that could include patents, research and unpublished electronic assets. Other smaller businesses work directly with larger organizations and may serve as a portal of entry similar to the HVAC company was in the mark data breach.
A number of the brightest minds are suffering from creative ways to prevent valuable and private information from being stolen. These information security programs are, for the most part, defensive in nature. They basically set up a wall of protection to help keep malware out and the info inside safe and secure.
Sophisticated hackers discover and utilize the organization’s weakest links to set up an attack
Unfortunately, even the very best defensive programs have holes in their protection. Here are the challenges every organization faces in accordance with a Verizon Data Breach Investigation Report in 2013:
76 percent of network intrusions explore weak or stolen credentials
73 percent of online banking users reuse their passwords for non-financial websites
80 percent of breaches that involved hackers used stolen credentials
Symantec in 2014 estimated that 45 percent of all attacks is detected by traditional anti-virus meaning that 55 percent of attacks go undetected. The result is anti-virus software and defensive protection programs can’t keep up. The criminals could already be in the organization’s walls.
Small and mid-sized businesses can suffer greatly from a data breach. Sixty percent go out of business within a year of a data breach in line with the National Cyber Security Alliance 2013.
What can a business do to protect itself from a data breach?
For dark web links advocated the implementation of “Best Practices” to protect personal identifying information within the business enterprise. You can find basic practices every business should implement to meet up the requirements of federal, state and industry regulations. I’m sad to say hardly any small and mid-sized businesses meet these standards.
The second step is something new that most businesses and their techs haven’t heard about or implemented to their protection programs. It involves monitoring the Dark Web.
The Dark Web holds the secret to slowing down cybercrime
Cybercriminals openly trade stolen info on the Dark Web. It holds an abundance of information which could negatively impact a businesses’ current and prospective clients. That’s where criminals head to buy-sell-trade stolen data. It is easy for fraudsters to gain access to stolen information they need to infiltrate business and conduct nefarious affairs. A single data breach could put a business out of business.
Fortunately, you can find organizations that constantly monitor the Dark Web for stolen information 24-7, 365 days a year. Criminals openly share this information through boards, blogs, websites, bulletin boards, Peer-to-Peer networks and other black market sites. They identify data since it accesses criminal command-and-control servers from multiple geographies that national IP addresses cannot access. The amount of compromised information gathered is incredible. For example:
An incredible number of compromised credentials and BIN card numbers are harvested on a monthly basis
Approximately one million compromised IP addresses are harvested every day
This information can linger on the Dark Web for weeks, months or, sometimes, years before it really is used. A business that monitors for stolen information can see almost immediately when their stolen information shows up. The next thing is to take proactive action to clean up the stolen information preventing, what could become, a data breach or business identity theft. The information, essentially, becomes useless for the cybercriminal.
What would happen to cybercrime when most small and mid-sized businesses take this Dark Web monitoring seriously?
The effect on the criminal side of the Dark Web could possibly be crippling when the most businesses implement this program and make use of the information. The goal is to render stolen information useless as fast as possible.
There won’t be much effect on cybercrime until the majority of small and mid-sized businesses implement this kind of offensive action. Cybercriminals are counting on hardly any businesses take proactive action, but if by some miracle businesses awaken and take action we’re able to see a major effect on cybercrime.
Clearing up stolen credentials and IP addresses isn’t complicated or difficult knowing that the information has been stolen. It is the businesses that have no idea their information has been compromised that may take the biggest hit.
Is this the easiest way to slow down cybercrime? What can you this is the easiest way to protect against a data breach or business identity theft – Option one: Await it to happen and react, or Option two: Take offensive, proactive steps to find compromised info on the Dark Web and clean it up?