Threat intelligence, shining a light on the dark web

Threat intelligence utilises and analyses data to help identify an actor's motives and any potential threats they may pose, as well as highlighting weaknesses in their infrastructure, giving them insights they can put into action.

The dark web serves as a thriving community and marketplace for cyber criminals and evolving threats. It’s often the first place the threats emerge from, and provides rich intelligence which can help organisations get ahead of potential attacks.

How does Dark Web Threat Intelligence work? 

Dark Web Threat Intelligence monitors and identifies trending threats that are hidden from the public, this looks like; leveraging data insights, tracking cyber criminal activity, whilst unearthing deeper information that traditional web crawlers can not.

Thomas Murray monitors data from a wide range of sources including dark web market places and forums, social media channels, public code repositories, public cloud repositories and other closed sourced locations to provide a comprehensive service.

With this information we can offer companies a greater understanding of their digital footprint and monitor the likes of cyber criminals, agitators, and remote access brokers to help identify potential threats and offer insights, tactics and techniques to help your organisation reduce the risk of an attack.

What are the types of Dark Web threats?

There are several types of threat which are sold across the dark web by cybercriminals. It’s important that organisations have an understanding of what they need to protect themselves, their customers and their reputation against.

• Software vulnerabilities and loop holes

Information exchanges about known vulnerabilities, backend loop holes can be used to infiltrate your systems and find key information to extort.

• Randomware actors

Ransomware actors typically leak data relating to their victims post-breach. However, this data can also include sensitive information relating to their third party suppliers and clients.

• Stolen credentials

There are whole dedicated marketplaces on the dark web for stolen credentials, allowing cybercriminals to gain access gain access to your confidential networks and systems.

• Stolen data

If your organisation has been the victim of a data breach you find that your data has been sold on the dark web, not only is this hard to recover but can cause you irreparable damage to your reputation

• Insider threats

Disgruntled employees with access can also pose a threat to you by selling on this access, credentials or data onto cyber criminals for a vast financial sum.

• Remote access brokering

A typical early stage of ransomware attacks includes access brokering where remote access is purchased before being on again to ransomware operators. 

• Accidental data leaks

Public code repositories and public cloud buckets can potentially contain sensitive data and items such as developer API keys. This information is commonly inadvertently shared online and could cause significant risk.

With so many different threats posed by the dark web it’s important for you to take the necessary steps to protect your business. To find out more, get in touch with one of our experts. 

Did you know?

Cyber Alerts

Stay up to date with developing threats in the cyber landscape

Thomas Murray Cyber Risk team is committed to keeping you informed about the latest cyber security threats and trends. With our cyber alerts, you'll receive timely and actionable information on serious vulnerabilities that could impact your business. Get cyber intelligence delivered straight to your inbox: subscribe now.