Gone are the days when the dark web conjured up images of hoodie-clad hackers who work on behalf of sinister organizations to coordinate trades in weapons or narcotics. The dark web has emerged as the seedy underbelly of the internet where cybercriminals can buy stolen critical business data, user credentials and the tools that facilitate cybercrime. The resources available on the dark web help cybercriminals plan operations and conduct attacks against businesses. As information floods into dark web markets and data dump every day, the risk that a business cloud falls into trouble because o dark web exposure grows every day.

• The world’s third-largest economy is booming:

The dark web is replete with information that can damage businesses like stolen critical business information, ransomware, malware and hacking services. An estimated 60% of the information available on the dark web could potentially harm enterprises. Those commodities are commonly traded on dark web message boards. It’s the world’s third-largest economy, and it is growing fast. Cybersecurity Ventures estimates that the dark web will inflict about $6 trillion in damages worldwide in 2021, placing the dark web economy just behind the United States and China, the top two world economies.

Business data and credentials are major revenue drivers and valuable resources for cybercriminals. Those commodities are sold, traded and harvested in dark web markets every day. How does information like that make its way to the dark web? Through a variety of pathways, including:

1. Data hack: Hackers take advantage of weak network security to enter into an organization’s network and rob them of their precious data.
2. Phishing: Phishing has become the most used and dreaded attack vector through which threat actors steal business data. They send emails to the victims, purporting to be from a trusted source and attach a malicious file, such as a Word or Excel document referred to as a maldoc, a JS file or a portable executable (PE) file. Phishing attacks aim to steal sensitive data like credit card and login information or install malware on the victim’s machine.
3. Malware: Hackers inject malware on some legitimate websites that their targets usually frequent. Once the user clicks on the malware, cybercriminals take control of their systems to steal their user credentials and other critical information.
4. Keylogging: It is the action of recording the keystrokes of an unaware user. Cybercriminals use keystroke recorder programs to retrieve the data. Keylogging is often used for stealing passwords and other confidential information, which is then sold on the dark web for monetary gain.

• The market for data is thriving:

According to the 2022 Dark Web Product Price Index, the dark web data market has grown significantly in both the volume of data that is added, sold or traded and the variety of information that is available. It’s also grown more competitive. Many cybercriminals are offering discounts and other specials to lure potential clients these days. The most expensive item included in the data set is premium malware, which costs about $5,500 per 1,000 installs, However, bad actors can buy stolen data by spending less than $1, and sometimes it’s even free. Other data sets in the report include PayPal account details, Netflix logins and stolen credit card details (complete with a CVV) that are all available for less than $20.

Credentials are the keys to the kingdom for businesses and huge quantities of them are floating around on the dark web. At this moment, more than 24.6 billion complete sets of usernames and passwords are currently in circulation on the dark web, which is four full sets of credentials for every person on Earth. Many of those credentials made their way to the dark web in the same way that other information does. Most commonly, credentials end up in dark web markets after they’re stolen in a data breach.

Another path to credential exposure is more unpleasant for businesses to consider: malicious insiders. Disgruntled employees can easily sell their credentials, and other data about their company like lists of credentials, on the dark web for a profit. Malicious insider actions like selling credentials result in an estimated 25% of data breaches. The higher level of privilege a credential has, the more money they’ll make. An average legitimate corporate network credential sells for around $3,000, and an average legitimate privileged network credential can go for as much as $120,000.

Source: ID Agent