Your Data in the Deep Web
There is a good analogy to be made between the Internet and space, and ultimately how it affects consumer data. Most of our everyday online experience, the sites and services we use, is merely the tip of a much larger iceberg, known as the surface web. What lies beneath is the massive body of the deep web, which contains billions of websites that are not accessible to search engines.
Baryonic matter, meanwhile—that is, matter composed of atoms, from this months’ old chocolate next to my computer that I’m still going to eat, to all the stars and galaxies—accounts for the majority of ‘stuff’ we usually imagine in our universe. Taken within the entirety of the universe’s composition, however, this ‘ordinary’ matter only makes up 4.6 percent. Everything else falls under what cosmologists these days are calling dark matter and dark energy.
The point of this is to show how what we and every person throughout history might experience, what we take for unfathomable vastness, is in truth just a small part of the whole. Most of us, after all, probably don’t find ourselves frequenting many TOR network or onion sites. From this perspective, you might say the deep web is the digital dark matter of our cyber universe.
One particular portion of the deep web, known as the dark web, which, for all it secrecy and anonymity, should be of interest to everyday consumers. It’s not exactly news that when data breaches occur, people’s stolen information usually winds up on some dark web marketplace. We looked at the going rates of some hot commodities here a while ago, from medical records to credit card information. Well, I think it’s time for an update.
These days, your credit card data is being offered for around $30-50. Email and social media login credentials are often priced over $100. Oh, unless it’s a corporate email account, in which case it can go for $440. IP addresses can also be bought for $80.
Hackers can even buy their tools of the trade at these places on the cheap. For just $5, Remote Access Trojans give them the ability to hide within legitimate software so they can hijack a user’s system. You can even get a Crypter to fudge with normal antivirus operations for as low as $70.
The reality is that there is such a wealth of stolen data out there, it’s never been so readily available for black market buyers. What measures, then, can consumers take to intelligently manage their information, beyond just trusting that the companies storing it do a sufficient job? Frustrating those illicit attempts to gain your data comes in a few forms, such as using different passwords across different accounts. It’s a tried and true strategy. This way, if one set of credentials is compromised, the thief can’t automatically gain access to other accounts that use the same login. Checking the privacy settings on all social media accounts is also worthwhile, as the answers to your security questions can be used together with data obtained from a breach to do you damage.
So, like I said, even though the data-storing companies have a mandate to guard their caches, consumers should still exercise vigilance and monitor their information. Who has access to it, where it’s stored, whether it’s been part of a breach, and so on. Once it’s out there in the vast, digital expanse of deep web space, the risk of identity theft and other types of fraud looms ever closer like a cyber black hole. Don’t let it pull you in.