Dark web too shady for pros monitoring the underground
Cyber threat intelligence professionals believe they couldn’t find private data leaked from their organizations on the dark web, report shows.
Even though most security professionals in US organizations are concerned about threats from the dark web, a large portion still don‘t take risks from the criminal underground seriously.
A third of people responsible for managing cyber vulnerabilities in their day-to-day work say they‘re not very concerned about threats emerging from the dark web, a recent survey report from cybercrime prevention firm KELA shows.
While 69% are very or somewhat concerned about darkweb threats, that still leaves many US companies blind to the dangers lurking in the dark corners of the internet.
“The cybercrime underground is constantly changing. What organizations refer to as the dark web today doesn’t cover the cybercrime landscape to the fullest. By monitoring cybercrime sources for contextual intelligence, organizations can detect dangerous threats, and prevent them from becoming cyber-attacks that cause major financial and reputational damages,“ David Carmiel, CEO of KELA told Cybernews.
Over half of security professionals who participated in the survey say they wouldn‘t be surprised to find their organization‘s private data posted on the dark web. Report‘s authors link these results to a high probability that organizations do not have the tools to monitor criminal underground on the dark web.
“If detected on time, action can still be taken to take down the leaked information before any malicious actors get to it. You have to act fast, so you need to be the first to know. Having strong, real-time detection technological capabilities is key,” Carmiel said.
The survey shows that almost 30% of the respondents said they were not very likely to detect their organization’s private data on the dark web if it was leaked. The survey’s authors say these findings show that while security professionals are aware of the risk of a data breach, they might not feel able to prevent it from happening.
Survey shows that security professionals are concerned about all types of data being released on the dark web. However, 18.7% of respondents, the largest portion, fear for customer data appearing on the dark web. Loss of intellectual property was a close second with 16.7%.
Thirsty for knowledge
Even though most security teams are aware of the risk underground cybercriminal activity poses, 48% of respondents said their organizations have no dark web threat intelligence policy to guide their threat response.
Organizations with a policy in place most often (23.5%) outsource their dark web threat intelligence to a service provider. A similar share (23%) uses purpose-built dark web monitoring software to scout for leaked data and gather intelligence.
Others use threat intelligence tools that monitor the dark web for keywords without direct access or tools that directly access the dark web, such as the TOR browser.
Interestingly, only 41% of respondents said their security program is effective at monitoring the dark web. According to the report‘s authors, relatively low satisfaction with existing security programs might result from poor training and organizations trying to catch up with sudden changes within the field of cybersecurity.
Almost a fifth of those who view their security programs as effective said that‘s because analysts were provided with specific training on conducting dark web threat intelligence investigations.
The second most common reason (17.7%) for program effectiveness respondents pointed to was a separate internet connection from the corporate network to conduct investigations with.
Hard to prevent
Security professionals say that the biggest challenge for dark web monitoring is an acute lack of system isolation, which puts the system at risk of compromise. Lack of training was the second challenge respondents mentioned most often.
Survey respondents pointed to private forums and private messaging groups most often when asked which parts of the dark web they lack access to.
49% said they’re not satisfied with their dark web visibility. Of the 51% who are satisfied with their dark web access, 39% said they still wouldn’t be able to prevent an attack.
According to Carmiel, the report shows that while organizations do take cyber threats seriously, they don't always know what do to combat the threats.
“We believe the problem is broader and related to the conception of the 'dark web' as a scary, unreachable black hole - a result of many years of intimidation by vendors and threat actors,” Carmiel said.
426 security professionals from the US took part in the survey. All of the respondents are directly responsible for gathering cyber threat intelligence.
More from Cybernews:
US sues data broker for selling sensitive location data from millions of users
Russia continues to see value in Wikipedia despite patchy efforts to replicate it
Moldova, Montenegro, and Slovenia suffer massive cyberattacks. Is Russia to blame?
Latvian brought to US to face $7m crypto-fraud charges
Here’s the most desirable data science job position
Subscribe to our newsletter
Your email address will not be published. Required fields are marked