Question? Call Us 858-777-0040
Logo 01

Tales from the Dark Web: Cybersecurity threats in the shadows

Dark Web Cyber Trouble
Get your CPA firm aquanted with new FTC rules.

Read our latest eBook "The Accountant's Guide to the FTC Safeguards Rule"

Creepy characters are lurking around your network without your knowledge. And they aren’t just looking around randomly. They know what they want: your data or your network itself.

These ghouls and goblins are out to destroy your business.

In the shadowy parts of the internet, a set of unlisted sites and databases contains illicit marketplaces. This is the “dark web,” a network where its shady denizens buy and sell sex, drugs, and weapons.

But it’s also a place for stolen data, intellectual property, and the tools of cybercrime. Three things for sale there can turn any aspiring cybercriminal into a pro: “zombie”/“bot” armies, malware (malicious software), and phishing email services.

Zombies For Hire

Zombies are on the move for dark web criminals, who hire or buy them by the thousands. But these are not the undead; zombies are computer services (bots) that wreak havoc through “distributed denial of service” (DDoS) attacks. Hundred of thousands of requests to your servers freeze or crash them since they cannot handle a large number of requests. That shuts your organization’s door to the world.

Hackers Wearing Costumes

Hackers can also use “credential stuffing,” the reuse of credentials for many login requests, to get into systems. They test a load of usernames and passwords against a database of stolen credentials. Credential stuffing can increase traffic to a website and can have an impact similar to a DDoS attack.

Hacktivists (activist hackers) could be some of the culprits in this crime; the purpose is to do financial or infrastructural damage to rogue governments. Other times, hackers of rogue nations are hitting western governments, organizations, and companies.

But sometimes criminals are extorting the organization to pay for the restoration of their network functionality, a ransom letter being sent to one in ten organizations who fell to DDoS attacks in January 2022. The FBI and Europol took down dozens of bot marketplaces and Webstresser, the world’s largest bot marketplace. That criminal enterprise served 130,000 users.

That is a scary enterprise.

The Ransomware Panic Room

Ransomware, a type of malware for sale on the dark web, can hold your company hostage. Cybercriminals use it to encrypt or steal your files or lock your network so its computers and files are inaccessible. They then demand a ransom to unlock or restore your data and computers. Most companies get little–or none–of their data back.

Thousands of companies have been held, hostage. SMBs and consumers are facing one ransomware attack every two seconds. Organizations suffer an average of six days of downtime for their networks, their business processes halted, with ransoms ranging from the tens of thousands to millions of dollars. Even if the organization survives that week out of work, it could also lose all its data. The legal problems are usually just beginning.

Email Tricks

Tricks sometimes come in disguises. Criminal hackers can send that phishing email that urges you to click on its links or open its attachment. It looks legitimate. It has the correct bank logo and convincing call-to-action text. But clicking or opening can download malware can start some bad things. In spite of warnings, according to Cisco, at least one person clicks a link in a phishing email in about 86% of organizations and about 90% of data breaches start with a phishing email.

If you have a good spam filter, it will pick up on the bogus from-line or the nasty attachment. But some people may not have theirs set up correctly. Learn the signs of a phishing email.

Halloween is Every Day

Of course, all these criminal methods aren’t just a Halloween phenomenon. If anything, criminal hackers perform more cyberattacks on an organization’s day off. And fifty percent of SMBs have no cyber defense. As we always note, sixty percent of SMBs go out of business within 6 months of a cyberattack.

It’s a season for trick-or-treating, but cybercriminals are nothing to laugh about. Cyber vigilance should be a year-long practice. The bad guys never take a holiday.

Neither do we.

Tech Kahunas is a San Diego Managed IT Services provider which provides IT support and services like 24/7 monitoring, data backup and restore, and malware protection.

Tech Kahunas will help you Defend Your Island. Set up a free 30-minute Strategy Session with us now.

Get your CPA firm aquanted with new FTC rules.

Read our latest eBook "The Accountant's Guide to the FTC Safeguards Rule"

Leave a comment

Your email address will not be published. Required fields are marked *

Peter Bondaryk
Peter Bondaryk

Business Owner's Guide
to Cybersecurity
ebook business owner's guide to cybersecurity
Latest posts
Follow us

Get Our FREE Accountant's Guide to the FTC Safeguards Rule Ebook!

The New FTC Requirements
That Will Change the Way You
Do Business

Get Your FREE Copy!​

Sign up to learn how you can protect against cybercrime

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

If today your business was hacked and you were at risk of losing it all...
Do you have a plan?
We will not spam, rent, or sell your information.

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue