What is the Dark Web?
The Dark Web is a hidden universe contained within the “Deep Web”- a sublayer of the Internet that is hidden from conventional search engines. Search engines like Google, BING and Yahoo only search .04% of the indexed or “surface” Internet. The other 99.96% of the Web consists of databases, private academic and government networks, and the Dark Web. The Dark Web is estimated at 550 times larger than the surface Web and growing. Because you can operate anonymously, the Dark Web holds a wealth of stolen data and illegal activity.
How does the Dark Web ID help protect my organization?
Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. Dark Web ID leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, Websites and bulletin boards, Peer to Peer networks, forums, private networks, and other blackmarket sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).
How are the stolen or exposed credentials found on the Dark Web?

Dark Web ID focuses on cyber threats that are specific to our clients’ environments. We monitor the Dark Web and the criminal hacker underground for exposure of our clients’ credentials to malicious individuals.

We accomplish this by looking specifically for our clients’ top level email domains. When a credential is identified, we harvest it. While we harvest data from typical hacker sites like Pastebin, a lot of our data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor over 500 distinct Internet relay chatroom (IRC) channels, 600,000 private Websites, 600 twitter feeds, and execute 10,000 refined queries daily.
Some of the results show may include employees that are no longer working for us. Does this mean we are Not at risk?
While employees may have moved on from your organization, their company issued credentials can still be active and valid within the 3rd party systems they used while employed. In many cases, the 3rd party systems or databases that have been compromised have been in existence for 10+ years holding millions of “zombie” accounts that can be used to exploit an organization. Discovery of credentials from legacy employees should be a good reminder to confirm you’ve shut down any active internal and 3rd party accounts that could be used for exploit.
Where do we find the data?
  • Dark Web Chatroom: compromised data discovered in a hidden IRC;

  • Hidden Theft Forum: compromised data published within a hacking forum or community;

  • P2P File Leak: compromised data leaked from a Peer-to-Peer file sharing program or network;

  • Social Media Post: compromised data posted on a social media platform;

  • C2 Server/Malware: compromised data harvested through botnets or on a command and control (C2) server.

  • Dark Web Chatroom: compromised data discovered in a hidden IRC;

.
Is it safe to say cloud storage is a serious concern for data breach? With most of our software tools moving to cloud hosting, does this create more riski for my Company's IP?
There can be as much risk to your data within a Cloud environment as there is when it resides locally within your own servers. When researching Cloud providers and data centers, make sure you understand their compliance and certification with the security standards and protocols that impact your industry. CSO Online maintains a thorough list of security laws, regulations and guidelines by type, follow this link
If your personal data is found on the Dark Web, Can it be removed?
Once the data is posted for sale within the Dark Web, it is quickly copied and distributed (re-sold or traded) to a large number of cyber criminals, within a short period of time. It is generally implausible to remove data that has been disseminated within the Dark Web. Individuals whose information has been discovered on the Dark Web are encouraged to enroll in an identity and credit monitoring service immediately.
Are there any speical credentials needed to investigate the Dark Web?
You do not need special permission to access the deep or Dark Web. However, accessing the deep or Dark Web requires the use of a “TOR” browser and should only be done using a VPN encrypted tunnel. In general, we advise against attempting to access the Dark Web, as you do not want to expose your computer or organization to more loss of data.