MSSP Advancements • 10 MIN READ
Defense Against the Dark Web- Threat Intelligence to Enhance Business Security Posture
by Eleanor Barlow, Feras Tappuni • Apr 2023
The Dark Web has always been promoted as an arena for devious transactions. The concept is that transactions made on the Dark Web are anonymous and concealed from law enforcement and cyber security. Most people will not be affected by the Dark Web or think much of it. But what businesses don’t realise is that perpetrators have now gone global and are directly targeting business. What’s concerning here is that these businesses are often completely unaware of this fact, until it is too late.
To delve into the true nature of the Dark Web, a solid understanding of the Internet is crucial. Unlike sites such as Google, Amazon or Bing, the Dark Web does not have a search engine. And the websites URLs are composed of characters and numbers that are anonymous.
To access the Dark Web, a TOR browser is required. This is a web browser that anonymises your web traffic, so that the identity of the user remains hidden. If you look hard enough, and on the right forums, these sites are abundant. Once in, activity can be hidden by communicating with encrypted messages.
Organised Crime Groups & APTs
There are many different reasons why people use the Dark Web. But when it comes to cyber related crime, hacking groups are there to trade information, such as credit card details, and sell their services. Advanced Persistent Threats (APTs) have been seen using the Dark Web as a platform to sell ‘Ransomware as a Service’ and to recruit new members. Download this webinar on the ‘Global Threat Landscape Forecast’ to watch SecurityHQ experts explore the latest and most sophisticated APT groups targeting business in 2023. The Dark Web is the place cyber security experts go, to see what information has been released, who has been targeted, what organisations have been breached, and where the information has been posted.
Most organised cyber-crime groups, however, are on the Dark Web with one goal in mind; to extort money. Transactions are made via cryptocurrency accounts, and just like any other business, these crime groups have suppliers and specialists. And they do their research. These businesses have teams, and access to the latest vulnerabilities and/or list of soft clients, with a list of customers ready to buy, and payment mechanisms in place.
How Businesses Can Protect Themselves
Security agencies and intelligence communities are busy, working for the greater good. But that won’t help the average small/medium sized enterprise being targeted.
Most security is built on the architecture of perimeter security. Imagine a castle, with a moat, surrounded by high walls and defences. In the IT world, these walls are your firewalls, your IDS, IPS, AV and the like. Now imagine you sitting in this castle looking over the walls, towards the dark woods and beyond. What if you could go out there and observe your attackers and threats, hidden in the undergrowth? What if you could set up listening stations, traps, and decoys, to gather your own intelligence on cyber threats, and find out if they had any intelligence on you?
In cyber security, we call this Threat Intelligence. With Threat Intelligence you can customise and actively hunt against your own profile, monitor your own digital footprint on the Dark Web, and understand what the plans are. With this information you will be equipped to tackle what comes next.
As a Managed Security Service Provider (MSSP), SecurityHQ has a duty of care to protect our customers, to understand the threats targeting them, and the vulnerabilities that put them at risk. To speak with one of our experts, and to understand how we can implement Threat Intelligence to find out what is known about you and your company on the Dark Web, talk with a member of our team today.