Sharon Koehler

Artistic Stone Design

Recently, Reddit was breached. Hackers got in and gained access to some Reddit users’ information. As of this year, Reddit has 234 million unique users and 542 million monthly visits to the site. Reddit is ranked as the number three most- visited website in the U.S. and the number six most-visited website in the world. So this alarming breach follows a long list of recent breaches that includes Orbitz, Facebook, Panera, Under Armor and more.  If you have accounts at any of these places, change your passwords ASAP.

Security breaches to the places we visit and the sites we do business with are becoming more and more common. In order to protect yourself, you should become more vigilant about your passwords and general security procedures on the Internet. Obviously we aren’t going to stop using the Internet, so individuals and businesses as well need to be security conscience as they browse World Wide Web. 

Once a breach occurs and information or identities are stolen, do you ever wonder where it goes and what happens to it? A very high percentage of it goes to the Dark Web. Most of us have heard of the Dark Web, and we associate it with criminals and illegal activity. Rightly so, as most – not all– but most of the activity on the Dark Web is illegal. 

Illegal activity like buying and selling identities can flourish on the Dark Web because the Dark Web is anonymous. The funny thing is that for being such a dark and ominous place, the Dark Web is relatively easy to get to. All you need to do is download a Dark Web search engine like TOR (The Onion Routing Project) or I2P (Invisible Internet Project). Then you just follow a couple more simple steps, and BAM – you are in. You cannot access the Dark Web with Google, AOL or any other regular search engine. 

Tor and I2P will keep the user anonymous. This is what they are designed to do. Domain names are big clues as to whether you have actually made it to the Dark Web. While we are used to seeing .com on regular internet sites, most Dark Web sites end with .onion. (As in TOR, The Onion Routing Project.) 

Stolen personal information can be worth big bucks to the hackers. The average Social Security number sells for just $1 but a hacker can get tens of thousands of numbers at a time. Driver’s license numbers are going for $20 and your PayPal login can go for up to $200. Passports can be worth up to $2,000. 

Businesses can be affected by the Dark Web in a much different way. A ransomware kit can be purchased on the Dark Web for as little as $175 and they can make the purchaser thousands, if not millions in return. For those of you not familiar with ransomeware, it’s simple. The attacker gains access to your computer, often times with an innocent looking e-mail. Once the attacker is in your system, all your files and data are encrypted and you are locked out. A ransom demand is then made. At that point you have to decide whether to pay the ransom or lose all your computer data and files.  The thing is, statistics say that after a ransom is paid, only 33 percent of the victims actually get their files and data back. While this statistic holds out little hope for most victims, you have to remember that you are dealing with criminals. Do you really expect them to be trustworthy?

Ransomware attacks cost companies $5 billion in 2017, and that number is expected to rise to over $11.6 billion by next year. While the average payout is under $2,000, a large South Korean web hosting company paid out $1million in a ransomware attack just last year. As long as companies keep paying, ransomware attacks will continue to happen. 

Now, if you are thinking of jumping on the Dark Web and searching to see if your info is on there, don’t waste your time. Most stolen information is sold in big batches or bundles. The chances of you finding your own information are slim. Plus, what would you do if you did find it? Call the police? The FBI? You are dealing with a totally anonymous situation. There is no way to track anything. 

Leave the Dark Web scanning to professionals. There are any number of companies and sites that have the tools to scan the Dark Web on your behalf. They will then alert you if they find something and you can take the appropriate measures. 

As for ransomware, again, there is no sure-fire way to prevent it, but there are things you can do to make it harder for the attackers. Don’t open any unfamiliar e-mails or click on suspicious links. Keep your software current by installing updates. Most importantly, backup all your files daily. This step alone takes the power away from your attackers because you have all your files and data safely stored where they can’t get to it. 

And lastly: Beware the Dark Web!

Please send your thoughts on this article to Sharon Koehler at Sharon@asdrva.rocks.