Strengthening cyber security in the age of the dark web

Dark Web

In their role as trusted advisors, channel partners are well-positioned to educate customers on new and emerging threats. One such threat is the theft of data, a much sought-after currency in today's digital world. Whether it's sensitive company data, employee records or customers' personally identifiable information (PII), all data has a value to cyber criminals.

A recent rise in data theft has been fuelled, in no small part, by the dark web, a dingy corner of the internet where stolen data can be bought and sold freely. But the dark web today does more than provide a trading post for data thieves; it actively enables cyber attacks by offering a variety of custom-built malware, network access tools and corporate espionage services to hackers.

Recent academic research shows the dark web has become a haven for custom-made, targeted malware, with threats tailored to specific industries or organisations outnumbering off-the-shelf varieties two to one. The enterprise, moreover, is directly in the firing line, with four in ten vendors selling targeted hacking services aimed at FTSE 100 and Fortune 500 businesses, with a 20% rise in the number of dark web listings with a direct potential to harm the enterprise since 2016.

The study discovered that access to corporate networks is sold openly - 60% of vendors approached by researchers offered access to more than ten business networks each. These include banking and finance, healthcare, ecommerce and education, as well as corporate networks. The methods for providing access vary - some involve stolen remote access credentials for sale for less than the price of a newspaper, while others involve backdoor access or the use of malware.

The relatively low cost and availability of these services mean that it's never been easier for hackers to launch a successful attack on an organisation. And, as we know, the fallout of a data breach can be devastating, causing untold financial and reputational damage. According to the Ponemon Institute, the average cost of a data breach in 2018 now exceeds $3.8 million. This, however, can also be seen as an opportunity for channel partners to help address the threats and differentiate themselves from other providers.

With such sophisticated and complex malware now easily available to hackers, it's vitally important that security-focused channel partners extend the conversation beyond the boundaries of traditional detection-based solutions, such as endpoint detection and response (EDR) and antivirus (AV), which can actually struggle to identify new threats.

In many instances, the kind of custom malware now available to cyber criminals will be unknown to conventional security systems and given a free pass to sail through undetected by the target network. Instead, channel partners need to help organisations adopt a layered security strategy that includes application isolation capabilities to contain threats. These capabilities can also generate in-depth threat telemetry that can be shared across security platforms to stop cybercriminals from obtaining persistent footholds in corporate networks.