Cyber threats are on the rise worldwide, with attacks in 2021 causing an estimated $6 trillion in damages. That figure is only expected to rise further in the years to come, costing an estimated $10.5 trillion in damages to businesses worldwide by 2025. These damages affect businesses large and small, and in every flavor and type of industry — no one is immune.
For managed services providers (MSPs), it is more important than ever against this landscape to help clients defend themselves against the latest attacks and risk vectors. This likely will involve a full set of cybersecurity services, from firewall implementation to device patching to monitoring for threats to cybersecurity awareness training. Each of these can help an MSP serve as a trusted advisor to its customers.
These attacks take many different forms in how they can cause harm to a business. Some types of attacks target a business’s operations, perhaps unleashing malware like ransomware that encrypts a company’s data and grinds operations to a halt until a ransom is paid. Other attacks steal an organization’s important data, taking it to the “dark web” to sell, or using it to compromise subsequent customer, company, or employee accounts.
Further reading 5 Cybersecurity Attacks MSPs Should Know
When information ends up on the dark web, what does that mean? The dark web takes many different forms and is accessible in multiple different ways, but it is essentially a secondary web where cybercriminals can conduct their business anonymously, including selling stolen information from data breaches. In most cases, the average individual would not end up on the dark web throughout their everyday life, but it is common for cybercriminals and attackers to buy or sell stolen data.
The dark web, while it can be a risky area of the web for many different reasons, can also present a new opportunity for MSPs. One newer area that more advanced MSPs may consider adding onto their existing cybersecurity offerings, for instance, is dark-web monitoring services for customers. This is a more advanced cybersecurity offering that an MSP can consider that may differentiate it from other cybersecurity service providers in the market and layer on to premium services.
While services like this can help an MSP better protect its customers, as well as flag any potential signs of a data breach, it can also open new opportunities for the business. Specialized services like dark-web monitoring can open new streams of revenue for an MSP, as well as help them to reinforce retention with customers who realize they can’t live without its top-notch cybersecurity services.
What is the dark web?
What many of us are used to using when surfing the Internet through our regular browser is called the “surface web.” For most of our purposes, this surface web provides plenty of functionality for our daily needs — allowing us to check the news, surf social media sites, look for information, and much more.
Many surface websites are easily accessible through search engines, such as Google or Bing. Meanwhile, the deep web is a segment of the overall Internet that is not searchable by search engines. This portion of the world wide web represents much of the worldwide web overall — as much as 95 to 99 percent, according to some estimates. A small section of this non-searchable web (estimated to be 1 percent overall) is referred to as “the dark web.” It requires additional layers of protection or authorization to access it, such as custom software or special networks such as Tor that are specifically created to access it.
Browsers such as Tor, which allow users to access the dark web, leverage layers of encryption, intermediary servers, and other technologies for users to search the dark web completely anonymously and without tracking. In doing so, users can talk, blog, and share files without fear of being tracked, breaching confidentiality, or being caught by law enforcement.
There are many reasons a user might look to surf the web this way. As already mentioned, one reason might be to peddle data and information — credit cards, login information, etc. — stolen during cybercrime. There are also even more nefarious reasons that bad actors might use the dark web, such as child pornography, trafficking, or other reasons.
MSPs and the dark web
As MSPs work to protect their customers from the latest cyber attacks, it is worth their while to pay attention to the dark web. While it may only represent a small percentage of the overall Internet that an MSP’s clients might interact with, the MSP can provide some valuable services to customers around the dark web that can greatly reduce their risk and flag a potential data breach or security issue before they might otherwise have been able to do.
Perhaps one of the most common services for an MSP to offer relating to the dark web is dark-web monitoring. An MSP offering dark-web monitoring would search the locations on the dark web where data breach information is commonly bought and sold to flag any items that could be client data. In doing so, it can identify when customer data has been compromised (and is now for sale to criminals on the dark web).
There are several tools available on the market today that an MSP can choose from to build a dark-web monitoring service, either by white-labeling it as an add-on service or by incorporating it directly into a specialized cybersecurity services package for customers. No matter how it is ultimately packaged, third-party tools can be an easier way for an MSP to add on dark-web monitoring services without having to build the capability from scratch or hire the (often expensive) experts that have the capabilities to do it entirely in-house. In either case, offering a service like dark-web monitoring can help set an MSP’s offerings apart from its peers in the space who might now also be offering cybersecurity services, as well as potentially allow the MSP to charge additional fees for premium services above and beyond what it could charge otherwise.
Opportunity in risk for MSPs
For MSPs, the rising tide of attacks can create new risks and opportunities. On the one hand, customers are facing more risk than ever before, as well as MSPs themselves. These attacks can cause significant harm if not properly protected against. This puts new levels of responsibility on MSPs to protect themselves and their clients — a responsibility that grows greater and greater every day as cyber threats worldwide continue to grow.
Yet, on the other hand, the current threat landscape can also pose a new opportunity for MSPs to position themselves to take advantage. As customers face new threats, they inevitably turn to their MSP for help. MSPs that are prepared with the right cybersecurity expertise and services packages, as well as perhaps premium offerings such as dark-web monitoring, could see their revenue opportunities expand, as well as reinforce their value as trusted advisors for customers.
Leverage AWS, Wasabi, Backblaze B2, and local storage. Eliminate expensive hardware investments. Improve recovery time objectives.
About the author
Kurt Abrahams is the Vice President of Marketing at MSP360 with expertise in technology marketing, cybersecurity and AI based technology.