Is your company’s data being sold on the Dark Web?

Jerald Nine, Director, Threat Intelligence, Comodo talks about how his company can help enterprises and individuals to know whether their information is already for sale on the Dark Web

Dark Web

Author

Jerald (Trip) Nine oversees Comodo’s Threat Intelligence Programs Division. He

Jerald (Trip) Nine oversees Comodo’s Threat Intelligence Programs Division. He is responsible for managing a team that analyzes more than 300,000 crime servers globally. He has studied threat analysis on close to 1,000 U.S. enterprises and consults many Fortune CISOs on their global security posture. Nine also studies password psychology and reverse engineers the latest credential hacking methods.

As companies scramble to find the best ways to protect themselves from ransomware and other types of malware and with almost daily reports of major breaches and infiltrations, public awareness of cybersecurity may be at an all-time high…and yet, there are still some very basic, and easy to correct, mistakes being made that put companies at risk for major data loss.

One major threat that has IT security personnel on high alert is known as “pony” malware. Basically a Russian password thief, this type of malware performs data exfiltration on the credentials of more than 90 applications once gaining access to a machine.

Large companies, as a whole, are typically more vulnerable to these zero-day “pony” malware attacks, simply on a percentage-basis because there are more employees accessing more sites, both personal and professional. But enterprises are also more likely to be targeted because there is more for the black hats to gain, compared to hacking smaller organizations.

According to Ponemon Institute, in 2016, a single stolen record cost companies $158. Data breaches overall, however, set companies back approximately $4 million, on average. Black hat hackers don’t care if they hurt your organization, as your stolen data becomes their revenue source on the Dark Web—but you should.

Imagine a free report that can allay your fears and provide you with specifics about the areas of vulnerability for your company. Well, look no further. Comodo is offering a no-cost Company Threat Analysis report specifically to enterprises, companies with 1,000+ employees. This report shows in detail the kinds of data from companies and employees that is vulnerable to this kind of malware—and what is being sold on the Dark Web.

Enterprises in all sectors have been shocked to discover the amount of information from their organization that is currently available for sale on the Dark Web. What stands out as a vulnerability, from a brute force perspective, is the simplicity of it all.

As the Threat Analysis report has clearly shown our researchers, many of us are not very vigilant about our passwords. It is normal for many people to use the same password for multiple devices and accounts, or to only change them slightly, by adding a “1” – very common – or a symbol, usually “!” – also very common. Even when prompted to update or change them, many times we just move to the next number or next symbol. Often we use the names and birthdates of our children, spouses or other family members, simply updating their age as our new number each year.

All of these password “strategies” are easily breached, by using brute force, simply trying the next most logical, simple password upgrade. For example, if I have a password that is “Nancy1,” when it is time to upgrade, if I’m like a large contingent of the population, I’ll simply go with “Nancy2” or “Nancy1!.”
We have to be concerned about this not just on a personal level, but at a business level. If someone in my company is using this strategy, it not only puts their accounts at risk, it puts my business at risk.

So what does this mean? How can you determine if your company is at risk? The best way to see what is vulnerable, to find out if there is already any information available for sale on the Dark Web, is to sign up for a Company Threat Analysis.

Comodo’s personalized reports identify if an enterprise’s information has been stolen and dive into how this data became available to cybercriminals in the first place—for example, via credentials stolen from direct network access or data breaches from third-party applications. For each instance, the affected company gets the chance to review a sample of the leaked credential records and details on the attack processes, to help them understand what went wrong.

Gemalto & Veridos partner to secure Macau's citizen identity
The Indian e-commerce nexus: Flipkart-Snapdeal merger on the cards