sb-au logo
Story image

Dark web dangers threaten world's top enterprises

17 Jun 2019

The dark web is now a serious threat to enterprises, with 4 in 10 dark web traders now selling targeted hacking tools and services against Fortune 500 and FTSE 100 businesses.

New research from the University of Surrey, sponsored by Bromium, says that the dark web is home to a variety of bespoke and off-the-shelf tools designed to target the enterprise.

University of Surrey senior lecturer in criminology Dr Mike McGuire and his team talked with cybercriminal vendors across the dark web. They also gathered intelligence and consulted with industry experts to find out how the dark web poses a threat to the enterprise.

The study found that bespoke services most frequently target banking (34%), ecommerce (20%0, healthcare (15%), and education (12%).

“Almost every vendor offered us tailored versions of malware as a way of targeting specific companies or industries,” says McGuire. 

“The more targeted the attack, the higher the cost, with prices rising even further when it involved high-value targets like banks. The most expensive piece of malware found was designed to target ATMs and retailed for approximately US$1,500.”

Researchers also requested hacking tools that targeted high value organisations. Services against Fortune 500 companies and similar can range from $150 to $10,000 – but it depends on the target company and how customised the malware needs to be, explains McGuire.

The study also found:

•    A 20% rise in the number of dark net listings with a direct potential to harm the enterprise since 2016
•    The dark net has become a haven for custom-built, targeted malware, with threats tailored to specific industries or organisations outnumbering off-the-shelf varieties 2:1
•    Access to corporate networks is sold openly – 60% of vendors approached by researchers offered access to more than 10 business networks each
•    70% of dark net vendors engaged invited researchers to talk on encrypted messaging applications, like Telegram, to take conversations beyond the reach of law enforcement

Phishing services remain a popular service on the dark web. McGuide says that corporate invoices can range from $5 to $10 on the dark web.

“These documents can be used to defraud organisations or as part of phishing campaigns to trick employees into opening malicious links or email attachments, which deliver malware that triggers a breach or gives hackers a backdoor into corporate networks which could be sold.”

“Organisations need to strengthen their defenses to protect their endpoints and networks against threats posed by the dark net,” says McGuire. 

“But the dark net can also help them in gathering intelligence and monitoring threats that are out there. Enterprises, researchers, and law enforcement must continue to study the dark net to get a deeper understanding of the adversaries that we are dealing with, and better prepare ourselves for counteracting the effects of a growing cybercrime economy.”

Statistics are taken from Bromium’s Behind the Dark Net Black Mirror study.

Link image
Businesses are seeing efficiency increase by 80% with RPA
Robotic Process Automation is becoming a must-have for organisations looking to bolster productivity in 2020. Here's the full story on how the industry is benefitting from RPA.More
Story image
Illumio launches Zero Trust endpoint protection solution for our digital, remote world
“As organisations were forced to transform overnight to allow for remote work, a host of endpoint security issues that have either been ignored or invisible until now were brought to the forefront."More
Story image
Microsoft releases latest edition of Security Endpoints Threats report
he latest iteration of the report sheds more light on the difference in exposure and response to cyber threats between developed and developing countries in APAC.More
Story image
NCC Group chosen to help improve IoT security standards for all sectors
“At NCC Group, security is in our DNA and that's why we're excited to work with the ioXt Alliance in raising security standards within the IoT ecosystem."More
Story image
Attivo Networks partners with Zirilio to bolster managed detection
As part of the partnership, the two companies will integrate their solutions to combat the new cybersecurity challenges that have risen as COVID-19 keeps people working and learning from home.More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More