Dark Web Monitoring

Publications for Download

In this document, we provide information on what Dark Web monitoring is and why it is an important aspect of an overall cyber security strategy.

How does our Dark Web Monitoring service work?

Our Dark Web Monitoring service regularly scans for compromised data that has been recently published on the Dark Web.

We will then notify you, so you can minimise the risk of any compromised data being used for ransom, extortion, identity theft, data breaches, or other crime.

It is also a requirement under the new Privacy Act 2020, that if a data breach may result in serious harm, that the Office of the Privacy Commissioner and affected individuals be notified.

There are two main types of data we monitor:

  1. Digital credentials such as usernames and passwords that connect you and your employees to critical business applications, as well as online services. Cyber criminals sell compromised usernames and passwords on the Dark Web, which in turn can be used to launch an attack on your information systems.
  2. Data leaks including company files and personally identifiable information. Recent research suggests that up to 50% of ransomware incidents has also involved the theft of data before encryption occurred. The cyber criminals threaten publication of this data in the ransom demand, and typically also post a sample onto various Dark Web leak sites to prove they have the data. They then threaten to release the information on the Clear Web (which is easily accessible as opposed to the Dark Web) if the ransom is not paid.

Our Dark Web Monitoring services uses human & machine intelligence to shine light on the Dark Web including: 

  • Dark Web data leak sites
  • 640,000+ botnets
  • Hidden chat rooms 
  • Unindexed, private, and black market sites
  • Peer-to-peer (P2P) networks 
  • IRC (internet relay chat) channels 
  • Social media platforms