November 11, 2024
How to Prevent Your User Credentials from Being Sold on the Dark Web
The dark web is full of online forums where stolen user credentials are shared and sold illegally. What measures can organizations implement to reduce their risk of being affected?
The black market of stolen credentials on the dark web
Any website that is indexed in search engines is considered part of the surface web; easily accessible to anyone. If a website is accessible to anyone but is not indexed by search engines, then it is considered part of the deep web. The dark web, on the other hand, is a part of the internet where different private networks exchange information while keeping the identity of its users anonymous.
Although it’s been used by activists and journalists working on just causes that might put themselves at risk, it is naturally also the perfect home for many forums where illicit transactions happen and illegal activities are planned. Cybercriminals will typically buy user credentials in one of these illegal forums, most of the time using cryptocurrency.
How do credentials end up on the black market in the first place? Very often, they are scraped from browsers by infostealer malware or stolen as the result of a lack of cybersecurity awareness, e.g., when someone who uses guessable or reused passwords for their professional and personal accounts falls victim to a phishing attack.
Organizations should promote cybersecurity awareness and have a robust user authentication strategy
The more employees an organization has, the more difficult it is to prevent credentials from getting leaked. When companies train their workforce to use and maintain strong passwords, and enforce additional identity-based protections, it is more likely that by the time the credentials are sold on the black market, they are no longer working – you change the lock, and the burglar’s key becomes useless.
Receive an alert when your credentials hit the black market
There are currently services that can help you be aware when your credentials are being sold on the dark web, such as CDW’s Managed Compromised Credential Monitoring Service.
This service is powered by an industry-leading cyberthreat intelligence platform that looks for indicators of user credentials that might have been stolen. Such alerts are turned into events within CDW’s security operations centre (SOC) and assessed by a security analyst, who then raises this threat to the customer and provides a list of recommended actions.
For managed XDR customers, where the SOC has the authority to act, the investigating analyst can take further actions to contain and eradicate the potential threat, such as force resetting user credentials, disabling privileged access or isolating at-risk devices.
Rely on CDW’s cybersecurity experts
In 2023, CDW Canada was recognized as the No. 1 Canadian Solution Provider of the Year on Channel Daily News’ Top 100 Solution Providers list, and has been serving Canadian organizations for over 20 years.
We have a team of cybersecurity professionals across the country who can help protect and defend your organization’s sensitive data.
Our managed services are delivered following the highest IT practices and standards. We maintain ISO 27001 and PCI certifications, are aligned with the National Institute of Standards and Technology (NIST) and ensure that our managed services operations are SOC2 compliant.
We also offer full-stack technology services, which means we’ll provide you with a holistic solution tailored to your organization’s needs.