Cyber Hygiene and Dark Web Monitoring


Cyber Hygiene

def. Cyber Hygiene is a reference to the practices and steps that users of computers and other devices take to maintain system health and improve online security. These practices are often part of a routine to ensure the safety of identity and other details that could be stolen or corrupted.

Cyber Hygiene and Dark Web Monitoring Process
USA Cybersecurity's Cyber Hygiene and Dark Web Monitoring process uses an Artificial Intelligence (AI) engine to scan the dark web and index our customer’s data.

Crawling

  • Crawls and finds out what breached data exists on the dark web
  • Continuously crawls the dark web to search for new breached data
  • Tracks locations of known breached data for referencing

Indexing

Our process indexes the breached data it has located. Our platform learns and understands the breached data and then indexes the breached data. We only index breached data relevant to our customer.

Serving

We provide notifications and alerts to customers’ organizations whose data is found and indexed on the dark web. You will receive routine reports indicating what breached data was found.

  • Emails
  • Passwords
  • DOB
  • Usernames
  • SSNs
  • Where the data was breached
  • Domain account that were affected in the data breach
  • Other

Remediation

We provide written remediation steps based on the NIST (National Institute of Standards) Cybersecurity Framework (CSF).

F.A.Q.'s: Cyber Hygiene and Dark Web Monitoring 


Q: What is the Dark Web?

A: The Dark web is a vast sub-layer of the internet that is inaccessible by common browsers to allow anonymity that promotes illegal activities like trading in stolen data. It is continually growing and so is the scope and extent of bad things that are happening there. Put simply, it is the “playground” of cybercriminals.

Q: How is stolen data exposed and sold on the Dark Web?

A: Cybercriminals acquire and sell stolen data. The most sought after information includes corporate email addresses, passwords, credit card numbers and other sensitive Personally Identifiable Information (PII). The data is sold using marketplaces within the dark web to bad actors. The information is then used to commit fraud and other illegal activities.

Q: Is it possible to keep my data out of the Dark Web?

A: While it is possible to take a number of steps to try and keep your corporate data off the Dark Web, unfortunately you cannot be guaranteed that your data will not end up in the dark Web. Modern business practices require that you share your PII with other corporate entities. In most cases data is stolen through 3rd party breaches; incidents at other companies that have your data in their databases. We recommend the following practices to reduce the chances of your data ending up on the dark web and mitigate the effect if you do:

  • Use Password Manager
    These secured apps are designed to “lock” your passwords in a safe place and keep them from being stolen.
  • Multi-Factor Authentication 
    This is a very valuable way to prevent any stolen Password from being used in isolation and make it difficult for the “bad guys” to function with the credentials they steal. Take advantage of it when dealing with any account that offer it.
  • Strong Password Policy
    Put a strong password policy in place and ensure using unique non-corporate password at 3rd party sites.
  • Dark Web Monitoring
    Finally and perhaps most importantly, make sure you use a good and reliable dark web monitoring service that will constantly check the dark web for your data and alert you immediately anything is found on you, so that you can take action to prevent your data in the dark web from being used to breach your network.
Q: How does Dark Web monitoring work?

A: We use a proprietary and highly sophisticated Artificial Intelligence (AI) engine designed to probe deep into the Dark Web using just your company Domain name to find any information associated with your Domain. Human Intelligence also supplements this AI engine in cases where there is a need for it. Our AI engine only needs your corporate Domain information instead of email addresses, and it prevents our client’s emails from being exposed/confirmed on the dark web.

Q: What do I do when I get an alert from the monitoring service?

A: When you get an alert from the monitoring service that a new breach was found, it is important that you immediately address this by changing the password on the compromised account and / or if possible suspend the account and create a replacement account. USA Cybersecurity provides you with a list of remediation steps to follow.

Q: Can my information be removed from the Dark Web?

A: Data posted on the Dark Web is traded by cybercriminals and impossible to remove. The Dark Web is unregulated and has no formal control over any data that makes it there. It is important to know as soon as possible when your corporate data gets on the Dark Web so that preemptive action can be taken to mitigate any further and future damages.