What is the Dark Web?

 The Dark Web, or Darknet, is a term for a collection of websites on an encrypted network with hidden IP addresses. Because they are not indexed by traditional search engines, you can only access them with special anonymity browsers, such as I2P, Freenet, and the most common, The Onion Router (TOR) bundle.

What can I find on the Dark Web?

. You can buy credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. This data includes access to Trojans, keyloggers, Credentials. Phishing information, Customer data, Operational data, Financial data. Intellectual property/trade secrets, Other emerging threats.

What we Do? 

We watch the Dark Web for your information. If we find your own information on the dark web, there’s precious little you can do about it, but at least you’ll know you’ve been compromised, and can take appropriate action.

Types of Network Security we do?

There are quite a few different networking security tools we incorporate intoour security suite. The following list is by no means exhaustive, but available security tools can include:

Access control. Controlling which users have access to the network or especially sensitive sections of the network.

Antivirus and anti-malware software. Our antivirus software will monitor network traffic in real time for malware, scan activity log files for signs of suspicious behavior or long-term patterns, and offer threat remediation capabilities.

Application security. We ensure that all programs be kept up-to-date and patched to prevent hackers from exploiting vulnerabilities to access sensitive data.

Behavioral analytics. Behavioral analytics software help us identify common indicators of abnormal behavior, which can often be a sign that a security breach has occurred.

Data loss prevention. Can prevent actions that could potentially expose data to bad actors outside the networking environment.

Distributed denial of service prevention. DDoS prevention tools scrubs incoming traffic to remove non legitimate traffic that could threaten your network,

Email security. Numerous threats, like scams, phishing, malware, and suspicious links, can be attached to or incorporated into emails. Email security software works to filter out incoming threats and can also be configured to prevent outgoing messages from sharing certain forms of data.

Firewalls. Function as a gatekeeper between a network and the wider internet. Firewalls filter incoming and outgoing traffic by comparing data packets against predefined rules and policies, thereby preventing threats from accessing the network.

Mobile device security. The vast majority of us have mobile devices that carry some form of personal or sensitive data we would like to keep protected. This is a fact that hackers are aware of and can easily take advantage of. Implementing mobile device security measures can limit device access to a network, which is a necessary step to ensuring network traffic stays private and doesn’t leak out through vulnerable mobile connections.

Network segmentation. Segmented networks make it easier to assign or deny authorization credentials for employees, ensuring no one is accessing information they should not be.

Security information and event management. SIEMs are similar to intrusion prevention systems (IPS), which scan network traffic for suspicious activity, policy violations, unauthorized access, and other signs of potentially malicious behavior in order to actively block the attempted intrusions.

Web security. Limits internet access for employees, with the intention of preventing them from accessing sites that could contain malware.

Types of cyber threats

So, how do malicious actors gain control of computer systems? Here are some common methods used to threaten cyber-security:

Malware: A hacker often via an unsolicited email attachment or legitimate-looking download, gets you to click on a link that will infect your computer and potential spread to your business network.

Virus: A self-replicating program that attaches itself to clean file and spreads throughout a computer system, infecting files with malicious code.

Trojans: A type of malware that is disguised as legitimate software.

 Spyware: A program that secretly records what a user does, so that cybercriminals can make use of this information.

 Ransomware: Malware which locks down a user’s files and data, with the threat of erasing it unless a ransom is paid.

Adware: Advertising software which can be used to spread malware.

Botnets: Networks of malware infected computers which cybercriminals use to perform tasks online without the user’s permission.

SQL injection is a type of cyber-attack used to take control of and steal data from a database.

Phishing: when cybercriminals target victims with emails that appear to be from a legitimate company asking for sensitive information.

Man-in-the-middle attack: where a cybercriminal intercepts communication between two individuals in order to steal data.

Denial-of-service attack: where cybercriminals prevent a computer system from fulfilling legitimate requests by overwhelming the networks and servers with traffic.

Romance scam:  cybercriminals using dating sites, chat rooms and apps. Perpetrators take advantage of people seeking new partners, duping victims into giving away personal data or money.

Emotet malware: As well as being a maalware and viruse itself. It covers its tracks by also downloading a whole si=uite of additional viruses.. Nortec picked up a new major client as a result of an Emotet recovery.

JobKeeper: cybercriminals send an email masquarding as the ATO asking for confirmation of your personal details to get Job Keeper or job seeker.

There are many thousands more. For our managed clients we offer containing education free of charge on cyber security topics.