The reality of cyber threat is more menacing than ever. Commonplace phishing techniques continue to expand in credibility. Zero-day vulnerabilities, shared on a global network, act faster than ever (just take a look at the recently exposed iOS vulnerability). The colliding factors of broadened cyber crime aimed at an enlarging target (the increasingly connected cyber market), makes for a serious threat mitigation challenge.
Short of creating your own FBI-level security team, what can you do to acquire actionable threat intelligence?
The key might be closer than you think: on the dark web.
Threat Intelligence and the Dark Web
As much as 96% of all web content might be in the “unsearchable” deep web. Though not indexed and not google-able, much of the deep web is often called the Dark Web, the black market of the internet age. True, the dark web offers pornography and escort services, but also a surprising number of exploits that might be useful to your IT team, including:
• Hackers for hire
• Digital data being auctioned
• Spamming and phishing campaigns
• Vulnerabilities for sale
• Stolen designs or intellectual property
• Forums to discuss exploits, hactivism and other gossip
So what does all of that have to do with your business?
Building a Database for Analytics
As you, your IT specialists, or your third-party support team discreetly access the dark web, you store and categorize data just as you would other cyber events: in fact, you build the database needed for your traditional analytics.
What does that list mean for your organization, beyond eventually having analyzable patterns? Possibilities include:
• Eavesdropping on potential corporate espionage
• Overhearing the underground perception of your brand or your executives
• Learning of “threats for sale/hire” before they are broadly known
• Identifying potentially leaked data that would give your competitors an advantage over you, in the marketplace or before a sale/merger
• Plus, creating a database of cyber threats that would reveal patterns pertinent to your particular organization, line of work or customer base
Identifying What They Want
Effective dark web monitoring also includes an accurate assessment of your particular digital value. In an evolving cyber black market, the value of your company’s data might exceed the sum of its parts:
• Stored credit card numbers of customers
• Employee social security numbers of the tax ID’s of independent contractors
• Email lists
• Email content, including any number of your correspondents
• Market analysis relevant to competitors
• Intellectual property
• Internal software or spreadsheets and their functions
• Corporate strategies
• Your brand perception and operations within your field, including any ties you might have to larger organizations
• And more, as markets continue to grow
All of the above have a price on an expanding black market. State-sponsored spying, in particular, has grown and has the funding and patience previously unheard of in the hacker-in-the-basement history of cyber security.
Secure access to the dark web and the safe monitoring of related conversations and transactions requires knowledge of your individual business. Who better than you to implement a proactive defense plan that includes monitoring actionable threat intelligence?
Other key components of a successful strategy include:
• Clear internet use policies
• Personnel training that includes common security threats, phishing techniques and effective password creation
• Safe data storage and back-up practices
• Password “layering,” where a single IT or executive password does not unlock all data and operations
• Whistleblower and reporting policies
• Other policies as covered current governance, risk and compliance (GRC) solutions
With the right defenses in place and a proactive offense strategy utilizing the dark web, you stand the best chance of protecting your digital assets from cyber threat.