News
New research found a 76% surge in dark web activity during the holiday season
December 2024 by NordLayer
New research from NordLayer, a multi-level network security solution for businesses, found the dark web to reach its peak during the most celebrated holidays of the year. Data shows that the number of illicit posts on various dark web forums has increased by 76% during November, December, and January when compared to the summer months.
Post volume by time
According to Andrius Buinovskis, a cybersecurity expert at NordLayer, the dark web’s peak activity during the busiest time of the year is no coincidence.
"The period from November to January is the busiest for most businesses, driven by the surge in transactions during Black Friday, Thanksgiving, and Christmas. Cybercriminals use these hectic months as an opportunity, fully aware that overwhelmed employees who process countless email orders and promotional offers are more likely to inadvertently click on phishing links, putting their network security at risk," says Buinovskis.
Distribution of illicit activity topics
The research found that leaked user data, combining unauthorized access credentials (emails and passwords) and stolen personal information, is the most popular category in discussions on the dark web, making up 36.5% of all illicit posts. These posts contain leaked information and data that if acquired by bad actors can act as a catalyst for cyberattacks.
"Being less cautious during the festive season and paying less attention to how you handle personal and company devices may lead to giving away your login credentials or personal information to cybercriminals who use such information to access the organization’s network and may cause irreversible damages," says Buinovskis.
How to protect organizations during peak cybercrime seasons
To prevent the hectic holiday period from becoming even more chaotic, Buinovskis shares the main tips for organizations to defend themselves against cyberattacks.
• Employee awareness. User error is the main reason for cybersecurity breaches — to minimize this risk, training employees about phishing, credential stuffing, and other popular attack methods is key.
• Be in the know. Constantly monitor the dark web for potential data leaks using threat management solutions like NordStellar, which monitor and detect any cyber threats as they emerge. This will help assess and manage the problem as quickly as possible, preventing major losses.
• Rethink network segmentation. The more access an employee has to the company’s network, the more damage a potential data leak could cause. It’s important to ensure that users only have access to the parts of the network that are vital for their day-to-day work.
• Never trust, always verify. Adopt a Zero Trust model because strict user authentication and continuous validation are essential to ensure no unauthorized users can breach the network and access sensitive data.
Research methodology
The data from over 80 clear, deep, and dark web forums discussing illicit activities between June 2023 and October 2024 was obtained by NordStellar, a threat exposure management platform. NordStellar used a fine-tuned AI model to categorize dark web posts into 67 tags, which were then grouped into 10 broader categories.
