Dark Web Investigations coming up Short?

10818501281?profile=RESIZE_400xAccording to a recent report, cyber threat intelligence professionals believe they could not find private data leaked from their organizations on the dark web.  Most security professionals in US organizations are concerned about threats from the dark web, a large portion still do not take risks from the criminal underground seriously.  A recent survey shows that a third of people responsible for managing cyber vulnerabilities in their day-to-day work say they are not very concerned about threats emerging from the dark web.

While 69% are very or somewhat concerned about dark web threats, that still leaves many US companies blind to the dangers lurking in the dark corners of the Internet.  The cybercrime underground is constantly changing. What organizations refer to as the dark web today does not cover the entire cybercrime landscape.  By monitoring cybercrime sources for contextual intelligence, organizations can detect dangerous threats and prevent them from becoming cyber-attacks that cause major financial and reputational damages.

Over half of security professionals who participated in the survey say they would not be surprised to find their organization‘s private data posted on the dark web.  Researchers link these results to a high probability that organizations do not have the tools to monitor criminals underground on the dark web.  If detected on time, action can still be taken to take down the leaked information before any malicious actors get to it.  Cyber professionals state that teams need to act fast.  Knowing what you do not know is an everyday challenge.[1]

The survey shows that almost 30% of the respondents said they were not very likely to detect their organization’s private data on the dark web if it was leaked. The survey’s authors say these findings show that while security professionals are aware of the risk of a data breach, they might not feel able to prevent it from happening.  The survey shows that security professionals are concerned about all types of data being released on the dark web. However, 18.7% of respondents, the largest portion, fear customer data appearing on the dark web. Loss of intellectual property was a close second with 16.7%.

Most security teams are aware of the risk underground cybercriminal activity poses, 48% of respondents said their organizations have no dark web threat intelligence policy to guide their threat response.  Organizations with a policy in place most often (23.5%) outsource their dark web threat intelligence to a service provider. A similar share (23%) uses purpose-built dark web monitoring software to scout for leaked data and gather intelligence.  Some teams use threat intelligence tools that monitor the dark web for keywords without direct access or tools that directly access the dark web, such as the TOR browser.

According to the report, only 41% of respondents said their security program is effective at monitoring the dark web. According to the report‘s authors, relatively low satisfaction with existing security programs might result from poor training and organizations trying to catch up with sudden changes within the field of cybersecurity. Almost a fifth of those who view their security programs as effective said that‘s because analysts were provided with specific training on conducting dark web threat intelligence investigations.  The second most common reason (17.7%) for program effectiveness respondents pointed to having a separate internet connection from the corporate network to conduct investigations. Security professionals say that the biggest challenge for dark web monitoring is an acute lack of system isolation, which puts the system at risk of compromise. Lack of training was the second challenge respondents mentioned most often.

Survey respondents often pointed to private forums and messaging groups when asked which parts of the dark web they lack access to.  49% said they are not satisfied with their dark web visibility. Of the 51% who are satisfied with their dark web access, 39% said they still would not be able to prevent an attack. The report shows that while organizations take cyber threats seriously, they do not always know what to do to combat them.  Four hundred twenty-six security professionals from the US took part in the survey. All of the respondents are directly responsible for gathering cyber threat intelligence.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com    

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings



[1] https://cybernews.com/news/dark-web-too-shady-for-pros-monitoring-the-underground/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!