The closest many of us get to the dark web is watching hackers surf it in television shows or movies. However, it is a very real place that contains lots of stolen data. This data, along with compromised systems, devices, and more are often sold in underground marketplaces that exist on the dark web. One type of marketplace is called a remote desktop protocol (RDP) shop, which provides access to stolen systems for a small fee. Found in one of these RDP shops by McAfee’s ATR team: a major international airport’s security and building automation systems, which could be purchased for only $10 USD.
You might be wondering – what does “access” mean in this scenario? Just like Spotify and Apple Music sell access to artist’s songs, or a gym sells access to their exercise machines, the dark web can sell remote access to hacked machines through these RDP shops. Once access is purchased, crooks can obtain logins to a victim’s computer system and essentially have full control of it.
Now, the McAfee ATR team is not exactly sure how the cybercriminals got their hands on these systems. But they do know that once something like an airport security system is purchased, crooks can do serious damage. This access could allow cybercriminals to do essentially anything they want – create false alerts to the internal security team, send spam, steal data and credentials, mine for cryptocurrency, or even conduct a ransomware attack on the organization.
So, what happens if your information was potentially compromised in the sale of one of these systems on the dark web? To protect your personal data from larger cybercriminal schemes that originate from RDP shops, be sure to follow these tips:
- Be selective about what you share. The best way to control where your information goes is by reducing the sources you share it with. That means not providing your personal information to every app, network, or system that asks for it. Be strict and diligent, and only provide something with information when it’s crucial to the service or experience it provides.
- Set up an alert. Compromised information could potentially include financial data. Therefore, it’s best to proactively place a fraud alert on your credit so that any new or recent requests undergo scrutiny. This also entitles you to extra copies of your credit report, so you can check for anything suspicious. If you find an account you did not open, report it to the police or Federal Trade Commission, as well as the creditor involved so you can close the fraudulent account.
- Invest in an identity theft monitoring and recovery solution. If enough personal data becomes compromised by cybercriminals accessing stolen systems, users could be potentially faced with the possibility of identity theft. That’s precisely why they should leverage a solution tool such as SOS Total Security, which allows users to take a proactive approach to protecting their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.