Skip to content
NeoGuard

Dark Web

A part of the internet only accessible through specialized software (like Tor), where stolen credentials, personal data, and hacking tools are frequently traded on anonymous marketplaces.

The dark web is a segment of the internet that requires specialized software (most commonly the Tor browser) to access. It is not indexed by search engines and provides anonymity to its users. While it has legitimate uses (whistleblowing, censorship circumvention), it is also where stolen data, credentials, and hacking tools are bought and sold.

Why the Dark Web Matters for Your Security

When a company suffers a data breach, the stolen data typically ends up on dark web marketplaces within hours. This includes:

  • Login credentials: Email/password combinations from breached services, sold in bulk for credential stuffing attacks
  • Personal data: Names, addresses, phone numbers, Swiss AHV numbers, used for identity fraud
  • Financial data: Credit card numbers, banking credentials
  • Corporate data: Internal documents, client lists, trade secrets, sometimes posted as leverage in ransomware double extortion

Dark Web Monitoring

Some security services scan dark web marketplaces and forums for your organization’s data:

  • Password managers like 1Password and NordPass include breach monitoring that alerts you if saved credentials appear in known breaches
  • Dedicated dark web monitoring services watch for your company domain, employee emails, or specific data patterns
  • The BACS and industry-specific ISACs (Information Sharing and Analysis Centers) share relevant threat intelligence

Protecting Yourself

The goal isn’t to monitor the dark web yourself. It is to ensure stolen data is useless to attackers:

  • Unique passwords everywhere: A password manager eliminates password reuse, so one breach doesn’t cascade
  • 2FA: Even if credentials leak, 2FA blocks account access
  • Encryption: Encrypted data exfiltrated in a breach is worthless without the decryption key
  • Rapid response: If monitoring detects a leak, rotate affected credentials immediately

Scale of the Problem

Billions of credentials circulate on dark web marketplaces. Switzerland is not exempt: Swiss company data regularly appears in international breach compilations, and BACS reports consistently flag credential trading as a top threat vector for Swiss organizations.

Related Terms

Password ManagerEncryptionCredential Stuffing