The Courier

Personal details of thousands of workers from Tayside firms being sold on dark web

A Perth-based cyber security firm has warned that thousands of employee email addresses and passwords linked to Tayside firms are being traded anonymously on the ‘dark’ web.

Security specialist m3 Networks conducted an investigation into more than 600 businesses which are members of Dundee and Angus Chamber of Commerce.

It found almost 24,000 breaches – an average of 39 per company – on the dark web, a lawless part of the internet that is accessed by specialist software and is completely anonymous.

Mark Lamb, technical director of m3 Networks, said many firms were oblivious that their information had been compromised.

Outlining the investigation, Mr Lamb said: “The dark web is where your stolen password and personal data ends up after a data breach.

“It doesn’t need to be your own system – any website you use can be breached and your password can be leaked as a result.

© Supplied
Mark Lamb, Technical Director of m3 Networks.

“We have tools that can trawl more than 600,000 forums and websites on the dark web.

“We looked at Dundee and Angus Chamber of Commerce members and stripped out the sole traders and multinationals and banks. Of the 611 remaining businesses, 57% appeared on the dark web with breached credentials.”

Mr Lamb said while major data breaches make the news, many small and medium size businesses tend to try to cover up the incident, fearing damage to reputation and possible fines.

He said that typically a hacker will trade the information on eBay-style websites on the dark web to people who have the computing power required to unlock encrypted information.

“Sometimes businesses get hacked and sometimes their websites can be interrogated,” he explained.

“There are also phishing emails and key logging software.

“The people who are nimble and skilled enough to make the breach typically don’t have access to the raw computing power to break (decrypt) the information they stole and make use of it.

“So the information is then traded on the dark web.

“Some people who break information work both sides – they give the hacker the information but also publish it in other sources on the dark web to let people know their data has been stolen and broken.

“That’s one of the ways we find out. Otherwise information gets bought and traded so many times that it just gets dumped on the dark web in forums. They call those paste bins.

“That means that all the juice has been squeezed out of the data and it’s almost worthless by that point.”

The effects of a cyber attack can be devastating – with 60% of small companies going out of business within six months of an attack.

M3 Networks offers a dark web monitoring service to alert when a firm has been compromised so that passwords can be changed quickly.

“Financial loss, damage to reputation and permanent data loss are the three things that can wipe businesses out,” Mr Lamb added.

“A strong password is helpful but it’s no guarantee. You could have the strongest password in the world but if the company doesn’t store it in a strong format then it could be broken.

“Knowing your password has been breached as soon as possible is critical – you need to change it in all the locations it has been used, before it is used against you.

“I would advise people to not use the same password in multiple places.”

Mr Lamb will reveal his findings as part of a cyber security business breakfast event held by Dundee and Angus Chamber of Commerce at Forbes of Kingennie today.

Alison Henderson, chief executive of Dundee and Angus Chamber of Commerce, said many chamber members may be unaware of the information on the dark web.

She said: “The world of cyber security is constantly evolving and it can be difficult for businesses to keep up and be fully covered against all eventualities.

“There’s clearly a significant risk to many local businesses in dark web breaches and it’s very important to know if your business has a breach.”