ISLAMABAD: Over the previous two years, the Kaspersky Digital Footprint Intelligence team has found around 40,000 posts on the dark web regarding the selling of confidential company information. Cybercriminals generate these posts, which are then used to buy, sell, or distribute data that has been obtained through hacks from other firms. Comparing this year to last, there were 16% more posts providing access to business infrastructure. Every third business in the world has a reference to them in dark web posts about access or data sales.
Experts from Kaspersky Digital Footprint Intelligence saw 1,731 dark web messages on average every month concerning the distribution, acquisition, and sale of internal company databases and documents. From January 2022 to November 2023, nearly 40,000 messages were viewed.
Disseminating messages on the Dark Web concerning the sale, acquisition, or dissemination of company data from January 2022 to November 2023
Corporate infrastructure access is another type of data that can be found on the dark web. Cybercriminals can buy pre-existing access to a corporation, which helps attackers focus their efforts. More than 6,000 dark web communications advertised such opportunities between January 2022 and November 2023, citing Kaspersky’s analysis. Access is currently being provided by hackers more and more; the average monthly message count increased by 16% from 246 in 2022 to 286 in 2023. Even though there aren’t a lot of messages, this doesn’t lessen how serious the problem could be. Given the likelihood of supply chain attacks in the upcoming year, even hacks that target smaller enterprises run the risk of growing to affect a large number of people and organizations worldwide.
Not every communication on the dark web has fresh, original content. Certain offers can be made more than once. For example, a malevolent actor may post data on multiple underground forums in an attempt to sell it swiftly to a larger audience of possible purchasers. Additionally, certain databases may be merged and presented as new. As an example, “combolists” are databases that compile data from multiple previously compromised databases, including passwords for a particular email address,” says Kaspersky Digital Footprint Intelligence expert Anna Pavlovskaya.
In order to improve corporate data security globally, Kaspersky Digital Footprint Intelligence specialists monitored references to 700 distinct firms regarding data breaches in 2022. This information was used to identify cyberthreats that were sourced from the dark web.
According to the research, 233 businesses—or one in three—were cited in dark web articles about the unauthorized sharing of data. Particular subjects covered in these references were compromised accounts, stolen infrastructure access, and data breaches.
Securelist offers further data regarding dark web discussions, and the Kaspersky Digital Footprint Intelligence website offers a thorough incident response strategy for managing incidents involving leaks. It is worthwhile to put the following security measures into place to prevent risks associated with data breaches: It’s critical to find and address data breaches quickly. In essence, a business needs proof to establish that data has been compromised and that an attack took place. It is possible to identify posts linked to breaches that are genuine and those that are not, as well as to follow increases in malicious activity, by keeping a close eye on the dark web. Since dark web monitoring requires a lot of resources, this duty is frequently delegated to outside specialists.