Why the Darknet has a beat on you (and you don’t realize it)
by Secutec
By Geert Baudewijns, CEO & Founder Secutec
It is high time we all become more vigilant on the internet. People and their personal data are easier to find online than they think, and hackers lie in wait on the Darknet. Now more than ever, it is necessary to be careful with passwords, personal data and multi-factor authentication.
The Darknet (or Dark Web) is often talked about as if it were a myth. A land, far far away, that is intangible and with which we never come into contact. A place where illicit activities, illegal practices and sinister things take place that should never see the light of day. Unfortunately, people who think are completely disconnected from it are deceiving themselves. Because it is here where our very own data are the subject of illegal trade.
The Darknet, for those who need to be reminded, is the place where arms dealers, drug dealers and illegal porn sellers, among others, offer their wares. You need a special browser to navigate this part of the internet; not even the great Google can help you here. Here you will find everything you do not want, cannot or dare to buy through regular channels, including login details and passwords, and you might even stumble upon your own bank account information.
Darknet: The invisible internet
To give you an idea of its impact: as recently as June 2023, 500,000 Belgian login details[1] were leaked when a criminal market platform on the Darknet itself was hacked (that’s right: the hackers were hacked). The information mainly dated back to 2020 and included logins of people from universities and public institutions. That still counts as recent data, which means that a lot of those data will, in all likelihood, still be usable.
Last year, at Secutec, we also found a list of over 4,000 Belgian IP addresses, linked to a critical Microsoft Exchange leak. If a hacker manages to link those impacted addresses to actual company data, they can then look for login details of people at those companies and walk right in. And those data are plentiful.
We did the test and managed to easily link about a thousand companies to the IP addresses involved. In no time, using our specialized tools, we found the necessary login credentials to break into those companies and were, theoretically, able to unleash ransomware on the entire organization (which, of course, we did not do).
Even better: in July 2023, we found login data of 658 customers of a physical security provider on the Darknet. This data allowed us to generate a PIN for ourselves that would allow us to enter a competitor’s building – on top of unlimited access to security cameras. This goes to show that even if you, as an organization, are fully compliant, that is not always the case for your suppliers, partners or customers.
The invisible problem
The issue is this: it is not always the end user’s fault when sensitive data are leaked. It is not always a phished employee or individual who is at the root of a hack. Sometimes an application has major security holes which can be exploited. Sometimes, an organization is insufficiently concerned with timely updates, which leads to people working with outdated security solutions. Invariably, insufficient caution with sensitive data is the cause of a hack.
That makes it all the more important to take control of what you do have control over: redundancy, extra layers of security and prudence. This is still easiest to achieve by, for instance, checking the origin of every e-mail, always using unique passwords and setting up a multi-factor authenticator. Always, everywhere.
If you don’t, sooner or later you will be caught out. With relatively simple searches, you can find endless lists of leaked passwords, e-mail addresses, telephone numbers, insecure IP addresses, etc. On the Darknet, you do not need to be Sherlock Holmes to put together the pieces of the puzzle and launch an attack on the unfortunate victims and, worst case, their companies.
The burden of responsibility
While employees are not always the cause of their organization’s hack through their accounts, they do bear a great responsibility. It is everyone’s responsibility to ensure the security of their data by exercising caution and seek advice if needed.
Hackers are increasingly utilizing a threefold approach: not only are they demanding larger ransoms for encrypted data, they are threatening to make customer data public as well. Or they immediately start destroying backups so that an affected organization has a hard time getting back on its feet. The risks are mounting, our collective awareness must follow as quickly as possible.
Whenever I give a seminar on hacker groups or on how cyberattacks work, and how easy it is to turn someone’s life upside down, too often I still see jaws dropping. This knowledge should be commonplace from here on out. And for those who don’t believe me: please come and talk to our security experts.
Geert Baudewijns,
CEO & Founder Secutec