Dresner Group Blog
How Risky Can the Internet Be?
When you think about it, the Internet is pretty massive - just look at the billions of pages that pop up in less than a second, each time you click “Google Search.” However, what if I were to tell you that the Internet is even larger than you thought, much of it generally hidden?
What if I was to tell you that this hidden portion could have quite the impact on your business’ cybersecurity, and potentially, its success?
The Levels of the Internet
While we all may feel we have a pretty comprehensive grasp on the nature of the Internet, most would be mistaken. There are a few additional layers to the Internet that few people consider, beyond hearing about them in the news… usually in a scary commercial which mentions the “Dark Web” and scans. Let’s break these layers down briefly and add some clarity.
The Surface Web
The Internet that you are likely most familiar with is what is known as the surface web--a name which alone should tell you that this part of the web isn’t the largest. This part of the Internet is the part that you can find using Google, that the search engine has crawled and indexed. Again, I’d like to remind you of the quantity of websites that a Google search kicks back.
Make no mistake, even though it is open to all, it is this openness can allow your network to be compromised. This is why it’s important that your team receives security awareness training. Your first line of defense isn’t technology, it’s training, particularly when you consider that your biggest security risk is human error.
The Deep Web
The Deep Web is the part of the Internet that you have also had some experience with, although you may not have realized the difference at the time. The Deep Web is made up of all the content that can be accessed via the Internet that a search engine can’t examine, which makes it somewhere around four or five hundred times the size of the searchable surface web.
This includes things like file management systems and the accounts people have on certain websites. Basically, if it requires a password to access it, it’s a part of the Deep Web. It is this consideration that allows the size of the Deep Web to make sense in comparison to the surface web. After all, how many internal documents does your business store in the cloud? How many businesses do you think do this, and how many more files are businesses larger than yours handling? Thinking this way makes the 4-to-5-hundredfold size increase of the Deep Web make a lot more sense.
The terms “Deep Web” and our next section, “Dark Web”, aren’t the same, although they are often used interchangeably. Simply put, the Deep Web stores information you can’t locate with a consumer-grade search engine like Google, but must access directly such as your cloud account.
The Dark Web
Decreasing somewhat in size again, the next level of the Internet is the one that businesses need to be most concerned about. Like the Deep Web, the Dark Web cannot be crawled by search engines, and actually requires a special browser to access it at all (like the popular Dark Web browser, Tor). The Dark Web prevents any activity on it from being traced by design.
While the Dark Web has an iffy reputation, it isn’t all bad - many activists and whistleblowers seek its protection to tell their stories. In fact, Tor was originally created by the United States Navy and still receives funding from the government. However, it cannot be denied that a lot of the Dark Web’s reputation is well earned, as it has become the go-to place for cybercriminals to sell and exchange the spoils of their data hacks and other attacks. The Dark Web is the place where the data stolen in hacks is traded and sold.
Unfortunately, once your data is on the Dark Web, you can never remove it. There, it will live on...forever out of your control.
Why Does this Have Anything to Do with My Business?
Let’s put it this way… if you run a business today, you most likely leverage a few different layers of the Internet. You have the surface web, where your website can be viewed, and you have the deep web, where you likely have a lot of business data stored in online databases. It’s critical to develop a security plan to address each level of the web. A one-size-fits-all security solution will inevitably leave an opening for a cyberattack.
Remember: the right tool, for the right job.
Unfortunately, if you’ve been the victim of a cyberattack, the perpetrators are likely using the Dark Web to disperse your data for cryptocurrency-enabled profit. As noted, once that happens it’s too late. Not only is your data now out in the wild, you will likely have to utilize your data back-up to recover your data if (or when) you find you have to purge your system to remove the intrusion.
In no uncertain terms, if this is the case, chances are pretty good that it was the result of an action by one of your employees. All the cybersecurity solutions in the world won’t help you if an employee let a cyberthreat in past your security software, or handed the perpetrator exactly what they needed to do so themselves. This is precisely why we recommend security training as one of the most cost-effective investments you can make to help maintain your business’ security.
As one of Maryland’s expert providers in computer security services, we’ve seen businesses feel the impacts of their security issues far too often. This has given us the perspective to know that the Dark Web is no place for the unprepared. This means that, as a business, you need to ensure your staff can’t access it from your network. Sure, on the surface web, you might be able to get by using industry-standard security best practices, but, the deeper you go, the more impressive your Internet security solutions will have to be.
A breach to your database, shared across the Deep Web, can not only embarrass you but even potentially close your business. Of course, you still have plenty of threatening factors and websites to deal with on the surface web. A team member could easily click on a phishing email and put your network at risk.
That being said, let’s face facts: if you had to ask what the Dark Web was, it probably isn’t a place you should go. Don’t forget what curiosity did to the cat.
Preventing Security Threats
In order to contend with these potential issues, problematic behaviors, and electronic security weaknesses, you need to take a multi-pronged approach. A solid strategy would be to implement a Unified Threat Management device, eliminating many risks by preventing your employees from accessing unsafe sites in the first place. Beyond cybersecurity products, however, you also need to reinforce security best practices among your workforce.
The Dresner Group can assist you with that. After identifying your weak points through a network security audit, we can provide your team with the training they need to boost their security awareness, and with it, your business’ resistance to threats. To learn more, reach out to us by calling 410-531-6727.