While it depends very heavily on where a compromised organization is located, how many employees it has and, of course, its profitability, there’s a package for all budgets when it comes to the credentials market. A good rule of thumb is that lowerlevel, lower-privileged, employee credentials will typically be at the bottom of the pricing spectrum, and admin access to an organization’s network will cost much more. The outcome of these auctions and sales can be crippling for an organization targeted by a ransomware gang or other criminal endeavour, such as a DDoS attack for rent or the sale of “vulnerability exploit kits.” Knowing all this, it’s absolutely critical for managed security services teams who are charged with protecting their customers to have visibility into these dark corners of the dark web. It provides an early warning system when access credentials or IP addresses for an organization go up for sale and gives MSSPs crucial foresight that an attack may be imminent. Furthermore, being able to track dark web traffic going into and out of the organization could provide crucial telltale intelligence that something is awry. Dark web monitoring While dark web monitoring won’t prevent a data breach that has already happened, it will shine a light on credentials and other information, such as open ports or IP addresses, that have made their way into criminal networks. Though it should not be thought of as a replacement for existing cyber defences, dark web intelligence and monitoring can augment current threat intelligence capabilities and bring the visibility needed to head off threats before they can be acted upon. While generic threat intel usually involves the study of criminal actors, the domains they use, their IP addresses and signatures that are fed into firewalls and network detection systems, dark web monitoring differs in that it’s very much concerned with detecting attack precursors before an exploit can be executed. Both types of intelligence are essential to organizations of any size and are essentially solving different problems in unique ways. Similar to generic threat intelligence, it is possible to gain threat visibility in-house but is equally, if not more so in fact, expensive and difficult to do effectively. A huge amount of expertise and infrastructure is required to collect and analyse relevant dark web data internally. Which is why most organizations will look to a third-party solution provider such as an MSSP, and this is where they can add a huge amount of value by coupling good cyber-defensive capabilities with proactive scanning of potential threats to identify them at the earliest opportunity. Once MSSPs view a monitoring solution as a perfect, complementary, fit with their proactive cybersecurity strategies, getting a handle on ROI becomes much easier. In fact, given that such monitoring can be thought of as a workable – and with today’s everevolving threat landscape, essential – detection and prevention mechanism, it’s almost a no-brainer. It’s no secret that cyberattacks have huge organizational costs when they occur, from GDPR fines through to ransomware demands or the costs of having an organization shut for months at a time. An investment in dark web intelligence and monitoring pales into insignificance by comparison and, perhaps most importantly, can allow MSSPs to extend their threat intelligence capabilities and better protect their customers. o Ben Jones is CEO of Searchlight Security. CYBER PATROL Documents Financial Accounts Emails & Passwords Personal ID data set 40% Payment card data 63% Streaming 61% Personal emails 70% Driver’s license 35% Payment processing accounts 17% Other services 20% Voter’s emails 24% IDs 14% Bank accounts 10% Social media 8% Business email 6% Passports 9% Crypto accounts 10% Mobile phone 7% SSN 2% Gaming 3% Source: NordVPN 14 CHANNELV ISION | SEPTEMBER - OCTOBER 2022 SD-WAN adoption today vs. in 5 years Source: Altman Solon survey f r Masergy, February 2021 say that their ast year. 29 21 16 -79% of enterprises today have adopted SD-WAN to some extent In 5 years, -92 of ente adopt SD-WAN and 38% it at all loca Today 21% 54% 16% 10% 8% 25% 28% In 5 Years No SD-WAN Some SD-WAN Mostly SD-WAN Fully SD-WAN No SD-WAN Some SD-WAN Mostl SD-WA 68% gender, % of repondents omen Men Women avigate life nges Helped tak actions to prevent or manage burnout +5 +5 6% 12% 39% 43% Accounts Emails & Passwords Financial Documents Categories Sold on the Dark Web
RkJQdWJsaXNoZXIy NTg4Njc=