Does the Dark Web Matter to Enterprises?

What is the Dark Web?

We discuss this in more detail in our Guide to the Dark Web, but to put it simply, the dark web is a hidden layer of the internet that can only be accessed through specialized browsers like Tor. These browsers render dark web users anonymous and untraceable, allowing them to carry out activities covertly. As a result, the dark web is home to many websites and individuals that engage in the sale of illegal goods and services.

The Cybercrime Connection

With the cost of cybercrime damages estimated to reach $10.5 trillion by 2025, it’s no surprise that 65% of enterprises said they would increase their cybersecurity spending in 2023. This looming financial threat underscores the urgent need for businesses to bolster their defenses against an ever-evolving array of cyber risks. Vulnerability to cybercrime not only jeopardizes a company's bottom line but also its reputation and customer trust.

What does the dark web have to do with this?

The dark web ecosystem is exactly where this kind of cybercrime thrives. A space for criminals to thrive and make profit, it is within this hidden realm that stolen data, compromised credentials, malware-as-a-service (MaaS), and illicit activities are readily available to the highest bidder. The dark web's pivotal role as the breeding ground for cybercrime is what makes it of paramount concern to businesses.

Risks to Enterprises on the Dark Web

Now that we’ve established that role that the dark web plays in cybercrime, we take a closer look at some of the major threats that enterprises in particular should be aware of, as well as financial damages they can cause.

1. Data Breaches
   Cybercriminals often sell stolen corporate data, login credentials, and financial information on the dark web. This data can then be used for identity theft, fraud, or corporate espionage. As per IBM’s Cost of Data Breach Report, the average cost of a data breach has reached an all time high of $4.45 million.  

2. Cyberattacks
   Malware, hacking tools, and services for hire are readily available on the dark web. This makes it easier for hackers to launch targeted attacks on enterprises, potentially leading to system compromises and data theft. Malware installations per 1,000 devices can range from $1,200 for high quality to $4,800 for premium quality, while DDoS attacks average $750 per month. 

3. Illicit Marketplaces
   The dark web hosts underground marketplaces where cybercriminals find buyers for stolen intellectual property, proprietary software, and counterfeit products, and other illegal goods and services, which can ultimately harm businesses' intellectual assets and brand integrity. Before it was shut down, the famous Hydra Market earned over $5 billion in revenue.

4. Ransomware
   Ransomware-as-a-Service (RaaS) is often promoted and distributed on the dark web. Enterprises can fall victim to ransomware attacks that can paralyze their operations and lead to extortion attempts. At the rate they are going, ransomware gangs are projected to earn at least $900 million in 2023 alone.   
   ‍
5. Supply Chain VulnerabilitiesDark web marketplaces sometimes offer access to compromised supply chain networks, enabling attackers to infiltrate an enterprise through its vendors or partners. The well-known SolarWinds incident is an example of this, costing the affected companies an average of $12 million each in incident related expenses.

Top Industries Targeted by Cyber Criminals

While all enterprises should be aware of the risks and threats posed by the dark web, there are specific industries that are particularly vulnerable to cyber attacks compared to others. In this section, we discuss some of these industries as well as some of the major attacks they’ve experienced in recent years.

Healthcare

The healthcare industry is notably information-intensive, a characteristic further amplified with the digitization of patient records becoming the norm. Coupled with this, the industry is heavily regulated, to the extent that a data breach can incur million-dollar fines for providers. Unsurprisingly, the IBM Cost of Data Breach Report 2023 revealed that the healthcare sector has the most expensive average cost of a data breach, pegged at $10.3 million. Cognizant of these factors, cybercriminals and hackers increasingly target healthcare organizations, either enticed by the prospect of lucrative ransoms, or by the allure of selling high-value patient data on the dark web.

In what is considered to be a major cybersecurity event in the healthcare industry, US-based medical insurer Anthem Inc.’s database was breached in 2015. This resulted in the compromise of almost 80 million individuals’ Personal Identifiable Information (PII), including their names, addresses, birth dates, Social Security numbers, medical IDs, income and employment data. In response to this, victims filed a class action lawsuit against Anthem Inc, who later agreed to pay a record-setting $115 million in settlement fees to resolve the case.

Manufacturing

Topping the list as the most targeted industry by cybercriminals in 2022 is the manufacturing industry. While the advent of industrial IoT and the digitization achieved greater efficiencies for companies, it also expanded their attack surface and provided hackers with more entry points for system infiltration. At the same time, it’s no secret that the manufacturing sector holds high-value intellectual property such as blueprints, trade secrets, and product designs which can command hefty sums on the dark web. Moreover, the industry's interconnected nature means a single operational disruption can reverberate through the supply chain, inflicting significant financial losses on numerous companies.

In 2019, multinational aluminum manufacturer Norsk Hydro was hit by LockerGoga ransomware, locking files and computers of its 35,000 employees in 170 sites across 40 countries and severely disrupting operations. As a result, a number of its manufacturing plants were forced to shut down, while its smelters were shifted to manual operations. While the company did not pay the ransom, the recovery costs from the incident were estimated to be from $63.5 million-$75.0 million.

Financial Services

With its direct access to funds and vast amounts of sensitive data, the Financial Services sector is another obvious target for hackers and other cybercriminals. Relative to other sectors, the potential for monetary gain when attacking financial institutions is huge. These establishments hold high-value data that when stolen, can be leveraged to commit fraud or theft, control payments, or launch crippling ransomware attacks. Consequently, such data can fetch particularly large sums when sold on the dark web or as ransom payouts, making the sector a lucrative target for cybercriminals.

In 2022, Flagstar, one of the largest banks in the United States, disclosed a data breach affecting over 1.5 million customers, with hackers obtaining sensitive data including social security numbers, personal details, and banking information. This attack came less than a year after the bank was hit by the Cl0p orchestrated Accellion breach that compromised customer data and resulted in $5.9 million in litigation fees. These consecutive incidents starkly highlight the financial sector's attractiveness as a target for cybercriminals.

How Enterprises Can Protect Themselves Against Dark Web Risks

Understanding what is at stake, there are several steps and proactive measures that enterprises can take to protect themselves against the risks that lurk on the dark web. 

1. Enhance Cybersecurity Measures
   Implement robust cybersecurity solutions, including firewalls, intrusion detection systems, and antivirus software, to safeguard against cyber threats emanating from the dark web.
   
   
2. Conduct Regular Security Audits
   Conduct regular security audits and vulnerability assessments to identify and address weaknesses in your network and systems.

3. Train Employees
   Educate employees about the risks of the dark web and train them on cybersecurity best practices, emphasizing the importance of strong passwords and recognizing phishing attempts.
   
   
4. Utilize Dark Web Monitoring Tools
   Invest in dark web monitoring services to proactively identify and track exposure or mentions of company, employee credentials, or sensitive data on illicit forums and marketplaces, which ultimately allows early detection of potential threats and data breaches.
   ‍
5. Regularly Patch Software
   Keep all software and systems up to date with the latest security patches to minimize vulnerabilities that could be exploited.

Enterprises and the Dark Web

As cybercrime continues to evolve, enterprises must face the reality of the dark web and its growing impact on businesses. From data breaches and cyberattacks to dark web marketplaces, the risks are real and substantial. At the same time, it’s not only financial losses that are at stake, but also the trust and reputation of stakeholders. Enterprises must acknowledge that the dark web isn't just a digital curiosity; it's a strategic imperative.

That said, by considering the dark web in their cybersecurity and employing more proactive measures, businesses can adequately build up their defenses. By taking these steps, enterprises can not only mitigate the risks of the dark web, but also navigate the depths of the dark web with confidence, safeguarding their operations and data in an increasingly complex digital landscape. Talk to us today to learn how you can protect your company against threats on the dark web.