The recent Wannacry cyber hack hit thousands of organisations worldwide, including the NHS, and brought the reliance on the internet and technology into sharp focus. While the events were more about hackers holding large organisations to ransom, many individuals could be concerned about whether their personal data might be at risk as a result of the hack.
So how well do you know the web?
The many layers of the web
If you’re serious about cybersecurity, it’s important to understand the different layers of the web – the surface web, the deep web and the dark web – and how your personal information might be found and traded.
This infographic from Equifax, the credit referencing agency, illustrates the scale of the dark web
(blog continues below infographic)
What is the dark web?
The surface web is any content that can be catalogued by search engines. This includes the types of websites we all use every day, which search engines like Google ‘index’ by following hyperlinks and tracking keywords.
Content in the deep web is not necessarily completely hidden or anonymous, but it cannot be indexed in the same way as the surface web. This includes content that is behind firewalls, and other types of protection, or things like a website’s internal search results.
The dark web is a section of the deep web that is deliberately hidden and cannot be accessed with regular web browsers. It was developed by the US government to allow intelligence to be shared around the world without fear of interception, by encrypting a user’s location and the information they send or receive. Inevitably a community of users grew that exploited this security for illicit means – giving rise to ‘the dark web.’
Research from Intelliagg* released in 2016 showed that the dark web is made up of around 30,000 websites, but 48% of the content could be deemed illegal. 40% of this illegal activity was categorised as ‘leaked data’ or ‘financial fraud’ – suggesting that the dark web is an important tool for criminals looking to compromise or abuse personal financial details, such as credit card numbers or bank log-in details.
Criminals on the dark web often sell packages containing people’s personal data, such as credit card numbers, including the CVV2 code and their name. Thieves steal financial details in a number of ways, including ‘phishing’ and malware, usually via emails or visiting unsafe websites, skimming card details or company data leaks.
Lisa Hardstaff, identity fraud expert at Equifax“The better consumers understand how the internet and various new technologies work, the better armed they will be against the threat of fraud. There’s no room for complacency in this connected world.”
How to keep data safe from the dark web
At the heart of keeping personal data safe is the keys that unlock the information – passwords and PINs. Equifax is, therefore, offering tips to consumers who might be worried that their identity could be at risk. “Online research** of over 2,000 people in 2016 found that more than a quarter (27%) change their online passwords less than once a year and 23% never change their passwords without being prompted” added Lisa Hardstaff. “The fact that people now have so many passwords to remember could be a reason why they don’t regularly update their passwords. But anyone concerned about the security of their financial information should think about changing their passwords and PINs.
“Choosing safe passwords has become a fixture in modern security, and as security becomes more complex so do the methods criminals will use to get past it. Criminals on the dark web often sell packages containing people’s personal data, such as credit card numbers, including the CVV2 code and their name. So understanding what makes a password strong can help keep information safe.
“In addition to ensuring you have a strong password to reduce the risk of falling victim to identity fraud and other cybercrimes, it is also worth considering subscribing to a service like Equifax Identity Watch Pro which will alert you if your credit / debit card or personal information is found on websites used by fraudsters”.
For more information on choosing secure passwords and keeping your data safe, check out How to choose a secure password and stay safe online.