Podcast version of this episode:
- 1:07 - What is the dark web?
- 2:15 - How is the dark web accessed?
- 2:50 - Who uses the dark web?
- 3:44 - How does the dark web affect my cybersecurity?
- 5:24 - What role does the dark web play in ransomware attacks?
- 6:38 - How can I protect my data from the dark web?
- 8:16 - What are dark web scans and are they safe?
Ken Lane [0:07]
Hello, everyone, and welcome to another episode of Business Solutions Academy by JD Young Technologies. My name is Ken Lane and in this episode, we're going to be looking at the dark web — what it is, and specifically, what role it plays on your organization's cybersecurity and customer data.
So, to do this, we're speaking with Damon DoRemus. Damon is the Chief Information Officer at JD Young Technologies. And he also heads up the Managed Network Services Division. So, for those of you that are joining us, in this video via podcast, or via video, there's really no need to take any notes. We'll be publishing a full transcript of this conversation. You can simply look in the description information for this episode for a link to the corresponding article in our very helpful Resource Center at jdyoung.com/resource-center. So, Damon, thanks again for taking the time to talk with us. We know you're a busy guy.
Damon DoRemus [1:04]
Howdy. Thanks for having me.
Ken Lane [1:07]
So, Damon, to kick this off — what exactly is the dark web? We hear about it in the news a lot and it sounds very ominous, but what is it essentially?
Damon DoRemus [1:17]
Well, so the dark web — it sounds super scary, but really, and it does have some bad things in it for sure, but it's less ominous than you know, CNN makes it sound. So, basically, it's the onion unindexed portion of the web — which is a lot. In fact, the majority of the web is actually something that we call the deep web, and sometimes that gets confused with the dark web.
So the majority of the web is unindexed, meaning it's behind a paywall, or it's behind a login screen. So if you think about, say, anything that's put on Facebook, that's not indexed. You can't Google, typically most data that's inside say, Facebook — and that would be deep web. But the dark web is essentially non-indexed content on the internet. So you can't really get there by Googling, right? So it can be bad stuff, but you're not going to find it a major search engine.
Ken Lane [2:15]
Okay. So if someone wanted to access the dark web, how would they go about it? How do people access the dark web essentially?
Damon DoRemus [2:23]
Well, typically, you would use a Tor Browser. And a Tor browser is gonna allow you to anonymously surf the web in general, as well as the dark web or dot-onion domains — which are, you know, unindexed part of the web that is only available via the Tor network. Most folks probably would not have a need for opening up a Tor browser or searching the dark web, but it's certainly there.
Ken Lane [2:50]
So who does use the dark web? And what exactly are they doing there?
Damon DoRemus [2:55]
So, tons of people use the dark web. Sure, there are bad guys that use the dark web. And there's an enormous amount of illegal or bad content or bad data in the dark web. There's also a lot of good stuff, too.
The dark web, or the Tor network, was really created to allow users to be able to surf the internet anonymously. So, there's lots of places in the world that, unfortunately, have censorship of speech. Or they may have political reasons why they don't want the internet to know what they're looking at or who they're communicating with. And that's how anonymous browsing and the Tor network really caught on. So, it's a mixture of bad folks and people that are using it for legitimate reasons.
Ken Lane [3:44]
Okay, so how does the dark web— if it does affect my company's cybersecurity? If someone were to say, "Okay, now I need to think about how secure my information is or something like that." What role does the dark web play in company cybersecurity?
Damon DoRemus [4:03]
So, the bad guys typically post data on the dark web for sale. Or sometimes they just post it because they think it's fun —for whatever reason, right? So, there's, there's all kinds of data that's out there that probably shouldn't be there. And they'll put it on the dark web because they can do so anonymously versus if it's on the traditional web and you could say "Google it." Well, you can probably figure out where the content was sourced, and you can shut it down pretty quickly. Well, onion sites, they pop up, they go away, they pop up, they go away. So, the data is really fluid. And it's much more difficult to figure out who actually posted the data or is selling the data.
So, there's all kinds of things that you could get on the dark web that you wouldn't find elsewhere — hacking tools, passwords, compromised sites, particular hardware like ATM skimmers, credit card skimmers, drugs. There's all kinds of bad stuff that's there. So, from a cybersecurity standpoint for your company, if any of your data is on the dark web, it's compromised. It's there. And, so it's a dangerous place — not just for being on the internet, but a dangerous place for hackers and other folks to take advantage of that and use it against you.
Ken Lane [5:24]
Okay, before we had spoken about ransomware, and its role in cybersecurity — or. I guess the impacts of it. Does the dark web have anything to do with ransomware? And do they talk to each other. What's the relationship there possibly?
Damon DoRemus [5:41]
Well, it's a piece. A common scenario is an end user gets phished, or there's a spear phishing attack and they're tricked into giving their password out. Or their password is stolen from — and it's a common password — stolen from another site that has been hacked, or has had a password theft. And then, those passwords are known on the dark web, so, a hacker, bad guy, pirate takes that password and uses it against you in order to try to trick you to installing some software that encrypts all of your files on a server or on a desktop. And then, of course, they charge a ransom in order for you to unencrypt or decrypt those files so that you get access to your data again.
So, it's a piece of the puzzle as part of the sort of the thread that happens. But the dark web by itself is not a cause for ransomware — it just is a step on the way.
Ken Lane [6:38]
Okay. So, let's say that my data is out there or I'm really trying to protect my data. How can I protect my data from the dark web, if that's even a possibility?
Damon DoRemus [6:51]
So, sort of a common theme that IT professionals will continually tell you is, "the moment you put it on the internet, it's on the internet."
You can do everything you can to have secure passwords. [Have] good password policy. Don't use the same password on multiple sites. If there is a data breach, do whatever you can to mitigate it by either removing the data from wherever it's publicly visible. But really, once it's on the dark web, or once it's on the internet, it's extremely difficult to remove. You'll find that the data sort of pops up and goes away pops up goes away on the dark web because those onion lists or site lists are dramatically changing, because they're always trying — as a kind of a whack a mole of folks trying to remove data, or trying to be in an environment where their data can't be shared, right?
So, whenever we're doing a dark web scan, which is probably where we're going with next question, we're looking for that data that's on the web. So, we're looking for data that might be associated with your company's name, or company email addresses. And when we do find that scenario, we help you mitigate the removal of that data if we can, or more likely help you change passwords and put in better layers of security so that it doesn't happen again.
Ken Lane [8:16]
Okay. And so we did touch on what a dark web scan is from an established IT professional doing a dark web scan for a client or an organization, so to speak, to see if if that information is out there. Are these dark web scans, are they very safe for the average person?
Damon DoRemus [8:35]
So, you probably don't want to load up Tor and just start poking around on the dark web unless you feel comfortable in that space. And if you did, certainly do it on a different computer other than your main computer. It's easy to get into a bad place on the web and install something that you shouldn't install.
So, I would rely on an IT professional to do those scans for you. We typically do them for free for our Managed [Network] Service Customers, so, there's not really any cost there. So, it's not that Tor or the dark web is particularly evil, or that it's got all this bad stuff on there. But you should be cautious probably doing it without some experience.
Ken Lane [9:18]
Okay. Well, thank you, Damon, for making the time to chat with us today. For those tuning in, if you learned something new today, or you feel that others could benefit from this information, we always appreciate when you give us a thumbs up on YouTube, or hitting that subscribe button so you don't miss another helpful episode, as well as sharing this information with your friends on social media.
Damon DoRemus [9:40]
One last tip for the home users there, Ken —sorry.
Ken Lane [9:43]
No, don't [hesitate]. Feel free.
Damon DoRemus [9:44]
So, for those users out there, and this is true for some small businesses, but there's a great website, which we can put in the show notes today, called haveibeenpwned.com. And it allows you to put in your email address, and it actually scours the dark web for you to see if your email address has been used on a compromised website or passwords have been compromised associated with your email address. And if you were to use a password manager like say 1Password or LastPass — LastPass is my personal favorite — it'll do those scans for you as well and do them for free. So, it's a way for you to do those sort of dark web scans for data that's associated with you, personally, or your your personal email address without having to pay an IT professional to do that work for you.
Ken Lane [10:33]
Sounds great. And is that "pwned" or "owned" — because I've heard two different pronunciations.
Damon DoRemus [10:39]
No, it's a play on the word "owned," like the passwords been owned. So it's pwned. So, it's pw — specifically, haveitbeenpwned.com.
Ken Lane [10:50]
Okay, this double-checking. So, if you guys want to learn more about cybersecurity threats, or any other business solutions related latest topics, you're invited to check out the Resource Center at jdyoung.com/resource-center. Or you can search for the Business Solutions Academy by JD Young Technologies in your favorite podcast player where we'll be putting this up there as well. So, thanks for stopping by. We'll see you again next time. Thanks again, Damon.
Damon DoRemus [11:24]