- Organizations with dark web exposure are more vulnerable, he reports
- Committed accounts and market listings Double risks of cyber violation
- The cumulative dark web sources raise the threats of organizational cybersecurity
A study by Searchlight Cyber in collaboration with Marsh McLennan Cyber Risk Intelligence Center has revealed a direct correlation between exposure to the dark network and high cybersecurity risks.
The analysis of more than 9,000 organizations provided information on how the data found on the dark website significantly increases the probability of cyber attacks, especially against companies without adequate protection.
Therefore, by monitoring exposure to the dark web, companies can better understand and mitigate these risks, protect their data and reduce the possibilities of expensive infractions.
Dark web intelligence and cyber risks
The study analyzed the dark web intelligence sources against the informed cyber insurance losses from 2020 to 2023, and found a non -compliance rate of 3.7% for four years, which suggests that organizations with any form of exposure to the dark network had A much greater risk of experiencing a cyber incident.
Each of the nine sources of dark web intelligence studied, such as compromised user accounts, dark web market listings and outgoing web traffic, showed statistically significant correlations with the risk of cyber security. Data points not only highlight individual risk factors, but also emphasize the compound risk that arises when multiple dark web sources interact.
In addition, specific dark web activity increases the probability of cyber attacks. It was found that the presence of compromised user accounts linked to an organization increases the risk of a violation by 2.56 times. The dark web market lists, where an organization or their data is mentioned, increased the risk by 2.41 times, while the traffic between the network of an organization and the dark network resulted in a 2.11 times greater risk.
Other forms of exposure, such as open source intelligence (OSINT) results and stuck site leaks, also contributed to high risks. Paste results showed an 88% increase in the probability of an incident, while OSINT’s results correlated with a 2.05 times higher risk. The presence of the data of an organization in forums, telegram chats and dark websites also contributed to the high risks, although to a lesser extent.
It is also important that organizations consider multiple sources of dark web intelligence together. For example, it was found that an organization identified in five high -risk categories was 77% more likely to suffer a cybersecurity violation compared to organizations without such exposure. Therefore, a combination of sources such as Paste, OSINT and market listings provided the highest cyber risk indication.
Organizations are encouraged to adopt dark web monitoring practices. Organizations are also encouraged to improve cyber security practices to defend the risks raised by exposure to the dark website, including the guarantee of safe password policies, the use of multifactor authenticator applications and maintenance of updated security protocols to minimize the risk of committed accounts.
In addition, participating in regular cyber security training for employees can help organizations to detect and respond better to phishing attempts or other malicious activities often initiated through committed credentials that are found on the dark website.
“The central finding of Marsh Mclennan’s analysis is that any data related to its organization on the Dark website is highly correlated with the possibility of a cyber attack,” said Ben Jones, co -founder and CEO of Searchlight Cyber. “Cybercriminals plan their attacks on hidden web forums, hidden communication channels, and the study has quantified the risk of each of these areas of exposure to the dark website for the first time.”
“If security equipment can identify their exhibition on the dark network, they have a great opportunity to act proactively, adjust their defenses and effectively stop attacks before they are launched by cybercriminals. The first step is to gain visibility: understand where the threat comes in the dark network, where the organization is being attacked and monitor continuously to become the best opportunity to identify and stop a cybersecurity incident. “
