Find Your Digital Risk

Uploaded on 2017-07-19 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

“The next best thing to knowing something, is knowing where to find it.” : Samuel Johnson.

This is quite a fitting quote from the author of A Dictionary of the English Language and equally fitting today when it comes to understanding your digital risk.

There’s a great deal of intelligence organisations can find on the deep and dark web. Credit card numbers, bank account information, patient information and intellectual property are widely known to be for sale on forums. Now some of the intelligence is more eye opening. We’re seeing W-2 forms , and employee credentials available, making any organisation ripe for tax fraud or account takeover, respectively.

One of the most popular marketplaces on the dark web for such information is AlphaBay. Not only is information related to a company’s assets available, but information about new techniques to compromise targets is for sale as well. One of the latest is a tool to bypass SMS account verification, making multi-factor authentication that relies on SMS vulnerable.

On such forums you can also find configuration files for credential stuffing tools, like Sentry MBA, that are created for account takeover of specific companies. There are dozens of marketplaces on the dark web and competition for business is steep.

In fact, some less popular market-places offer botnets devised to spam AlphaBay users with advertisements or special promotions in an attempt to entice them to switch forums. Not all dark web sources are as readily accessible as AlphaBay, of course. Some require human analyst expertise to also gain access to closed sources to get the most relevant view of the risks.

But for all the notoriety of these marketplaces, it is also important to remember that criminal activity isn’t limited to the dark web, particularly given the fact that some countries don’t extradite cyber-criminals. With minimal consequences, bad actors have no incentive to hide.

As a result, cybercrime is an Internet-wide problem, almost equally present on the deep and open web. Deer.io is a prime example. This all-in-one outsourced online shop provides hosting, design (based on WordPress-like templates) and a payment solution. Additional items for sale on the marketplace include:

• Bot-registered social media accounts (usually sold in bulk), typically with the intent of supporting social media spam and artificially increasing the popularity of other accounts/posts

• Stolen, legitimate social media accounts, which are advertised in small quantity but at higher prices compared to bot-registered accounts

• “Coupons” to services that artificially increase the popularity of social media accounts or posts

• Stolen accounts from other services including banks, payment, and gift and loyalty cards

• Dedicated servers and domain names
The point is that criminal forums exist everywhere so focusing only on the dark web won’t give you a comprehensive view of your digital risk. Furthermore, it isn’t enough to simply detect mentions of company assets and concerns. You need context behind the information you see posted to have a better understanding of the actual risk to your organization. This requires a combination of technology and people.

Automated collection technology can provide visibility into incidents with context, as they happen, wherever they happen – across the open, deep and dark web. For example, being able to see previous posts by other users on the marketplace on the same thread or post can provide a deeper understanding of how your company, employees or customers may be impacted. It can also provide an overview of the user in question, with their name, data joined, activity levels and reputation.

Data scientists and intelligence experts are able to gain access to some closed sources that collection technology alone can’t penetrate and they need to be involved in qualifying the data collected. With enhanced analytic capabilities and additional context, they can help determine the potential impact to the organisation, a possible timeline of events, and recommended action.

A comprehensive assessment of your digital risk starts with knowing where to find it. With an approach that combines technology and human experts looking across the open, deep and dark web, you can understand not only where and when you are mentioned online, but also why, by whom and the likely impact to your organisation.

This breadth and depth of coverage is essential to protect against threats associated with forums and marketplaces and, ultimately, to formulate a successful digital risk management strategy.

Security Week:

You Might Also Read:

Cybersecurity Has A Metrics Problem:

Time To Speak The Language Of Risk:

 

« Half Of US Firms Do Not Buy Cyber Insurance
British Businesses Are Unaware Of Data Protection Laws »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Intelligence-sec

Intelligence-sec

Intelligence-Sec is a fully integrated Conferences and Exhibitions Company managing and producing topical events for the security industry.

NICE Systems

NICE Systems

NICE Systems provide software solutions to ensure compliance, fight financial crime, and safeguard people and assets.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Cloud GRC

Cloud GRC

Cloud GRC is an innovative cybersecurity company with solutions and expertise in Cybersecurity Strategies & Frameworks, Threat & Risk Assessment, Cloud Security, and Regulatory Compliance Requirements

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

Kontron

Kontron

Kontron offers a combined portfolio of secure hardware, middleware and services for Internet of Things (IoT) and Industry 4.0 applications.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

Badge

Badge

Badge authenticates you on-demand for every application, on any device, without storing any secrets.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

EK3 Technologies

EK3 Technologies

EK3 Technologies mission is to provide comprehensive cybersecurity and IT solutions that allow our clients to focus on sustaining their business.