Every Business Needs to be Aware of these Dark Web Threats

The dark web is constantly evolving to present a thorny ticket of hazards for businesses. The point of origin for many of today’s most nasty and damaging cyberattacks, the dark web is the world’s third-largest economy and unlike many of the world’s industries, constantly growing. Dark web threats Cybersecurity Ventures predicts that global cybercrime costs will grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025. That’s good news for cybercriminals and bad news for businesses. Dark web threats abound, endangering businesses from a myriad of vectors. These four dangers are just a few of the hazards that businesses face from today’s bustling dark web.

Cybercrime-as-a-Service is a growth industry & the top dark web threat

The Cybercrime-as-a-Service gig economy is the main driver of economic growth on the dark web and it is getting bigger every year. The growth of that industry is the biggest dark web threat that businesses face today. Cybercrime specialists typically sell their goods and services on dark web message boards, Discord servers and Telegram channels, and are generally paid in cryptocurrency. An estimated 90% of posts on popular dark web forums are from buyers looking to contract someone for cybercrime services. Now this industry is experiencing even more explosive growth thanks to the success that AI tools like Chat GPT and GPT-3 bring to the table, especially for phishing scams.

Malware-as-a-Service or Ransomware-as-a-Service

Malware-as-a-Service (MaaS), or its offshoot Ransomware-as-a-Service (RaaS), is a thriving sector of the dark web service economy. This type of operation offers pay-and-use malware for conducting cybercrime. Think of it as bad actors adopting the Software-as-a-Service revenue model. Malware authors develop and maintain software for prospective customers, much like any other software company. And like any other business, hiring specialists and service providers often makes good business sense for major cybercrime groups and nation-state threat actors. It is estimated that 300,000 new pieces of malware are created daily.


According to Microsoft researchers, a Phishing-as-a-Service (PhaaS) group’s subscription prices depend on a host of factors, but in general, the service can cost about $800 per month. Many of these operators offer what amounts to a one-stop shop for phishing, with phishing kits available for as little as $30. These groups feature everything from DIY kits to full-service contracting. It’s easy and cheap for a cybercrime group to hire a PhaaS practitioner who will take care of everything — build and host a phishing site, create and install a phishing template on the site, configure the domain, and take care of every technical aspect, send emails to victims and collect credentials or other desired data.

Cybercrime affiliations

Cybercrime gangs are a major dark web threat. Most ransomware gangs recruit affiliates to conduct the actual attacks. In a common affiliate relationship scenario, the boss gang provides the affiliates with the proprietary malware used in the incident and access to specialized resources if needed. The affiliates typically handle the day-to-day business of the attack, sometimes turning the operation over to the boss gang when it’s time to negotiate the ransom. Affiliates are generally on the hook to pay the gang that recruits them an estimated 10% to 25% of the total take. Interestingly, many gangs operate formalized affiliate programs with terms and conditions that affiliates must abide by, like not attacking children’s hospitals, and they’ll disavow affiliates that break those rules quickly.

3 More Big Dark Web Threats

Cybercriminals are interested in many things to power their operations, like these three dark web threats.

Stolen credentials

One of the biggest dark web threats to businesses is credential compromise. Initial access brokers specialize in selling credentials that unlock the door to companies. Sometimes they gain those credentials from malicious insiders or former employees. In other cases, bad actors buy or obtain huge lists of credentials stolen in other breaches. They are often used in credential stuffing attacks — a cyberattack in which bad actors pelt a company’s defenses with thousands of credentials quickly in the hope that someone at that company has recycled a compromised password. There are more than 24.6 billion complete sets of usernames and passwords in circulation on the dark web, which is four full sets of credentials for every person on earth.

Insecure operational technology or industrial control systems

Bad actors are hungry for information about business’ operational technology (OT) or industrial control systems. Every time that type of data falls into their hands, it makes it easier for them to conduct cyberattacks against infrastructure and manufacturing targets. Nation-state threat actors are interested in this data for their own purposes. Mandiant analysts discovered that one in seven cyberattacks gives the bad guys access to sensitive information about a business’s operation technology or industrial control systems.

Malicious insiders

It may not seem like it at first glance, but malicious insiders are a major dark web threat. When an employee wants to harm their employer or make money fast, the dark web is one of the first places they turn. Malicious insiders have many profitable options on the dark web, including selling their legitimate credentials or peddling their company’s proprietary data, customer lists or intellectual property. Malicious insider actions are responsible for an estimated 25% of confirmed data breaches.

How Can I Mitigate Dark Web Risk Affordably?

Kaseya’s Security Suite can help protect businesses from dark web threats effectively and affordably.

Security awareness training plus phishing simulation  

BullPhish ID is the ideal security and compliance awareness training solution for companies of any size.  This powerhouse is the channel leader in phishing simulations.

  • An extensive library of security and compliance training videos in eight languages
  • Plug-and-play or customizable phishing training campaign kits
  • New videos arrive 4x per month and new phishing kits are added regularly

Dark web monitoring   

Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.

  • 24/7/365 monitoring using real-time, machine, and analyst-validated data
  • Fast alerts of compromises of business and personal credentials, including domains, IP addresses, and email addresses
  • Live dark web searches find compromised credentials in seconds
  • Create clear and visually engaging risk reports

Automated, AI-powered antiphishing email security 

Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.

  • Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast
  • Cloud-native security harnesses machine learning to inform AI using a patented algorithm.
  • 3 layers of powerful protection at half the cost of competing solutions
  • Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance

Managed SOC  

Get the top Managed SOC that leverages our Threat Monitoring Platform to give you access to an elite team of security veterans who hunt, triage, and work with your team when actionable threats are discovered

  • Detect malicious and suspicious activity across three critical attack vectors: Endpoint, Network & Cloud
  • Patent-pending cloud-based technology eliminates the need for on-prem hardware
  • Discover adversaries that evade traditional cyber defenses such as Firewalls and AV


Datto Endpoint Detection and Response (EDR) gives MSPs the edge that enables them to detect and respond to advanced threats.

  • Provide insight into the suspicious behavior that has been detected and stopped on your customers’ endpoints
  • Highlight smart recommendations for security best practices to make standard security compliance easy
  • Our click-to-respond feature supports your team in taking action against cyber-attacks as quickly as possible to reduce potential damage

Speak with an IT Solutions Specialist today to learn more about these available tools!