According to Robert Mueller, former director of the FBI, “there are two types of companies: Those who know they have been hacked & those who do not know that they have been hacked.” Regardless of any opinion of about Mr. Mueller himself, this statement is likely accurate.
“Hacked” can mean a variety of things but simply stated, it means that an unauthorized individual gained access to another’s computer. In 2020, which by many accounts is already a “dumpster-fire” of a year, “hacked” is often synonymous with malware, data breach, ransomware, or just theft. Unfortunately, most entities and individuals have no idea that they were or are being hacked, and some remain in denial.
As reported by CISOMAG, specialist insurance firm Beazley recently released its “Beazley Breach Insight Report,” which showed a 25% increase in ransomware attacks in Q1 of 2020, compared to Q4 of 2019. The report further stated that nearly all businesses reported security incidents during Q1 of 2020, with the manufacturing sector reporting a 156% increase in incidents quarter-on-quarter (the highest overall increase). Second to the manufacturing sector, were predictably financial and healthcare services, which collectively accounted for almost 50% of all ransomware attacks reported in Q1 of 2020. Furthermore, a survey from email and data security firm Mimecast revealed that nearly 60% of organizations expect an email-borne attack this year.
In prioritizing and allocating corporate resources for cybersecurity, some businesses are curious about what information and data already exists on the dark web. And for those CISO/CSO/CTOs fighting for more resources to enhance aging security mechanisms, an objective view of company data that is already marketed on the “dark web” can be a persuasive tool for a budget increase.
Still relatively novel to private industry, private investigators offering dark web services can inform companies about the type of data already leaking from their networks and criminal chatter about their infrastructure, vulnerabilities, and even executive behavior.
For those unaware, the dark web is simply a subsect of the internet that is not indexed by Google and other customary search engines. Often the search engines either block the content due to illegalities or the content is designed as private by its owner through layers of encryption and/or other mechanisms. Once described to me as an eBay for all things “bad,” the dark web plays host to blogs, gaming sites, DIY instructional videos/books/articles (like how to build bombs), chat rooms, and marketplaces for any imaginable good, from social security numbers to rare animals.
Private investigators with the proper knowledge, technology, risk appreciation, and skill set capable of traversing this underground digital world can find information that most people are unaware even exists. They can monitor marketplaces to see what information is for sale, look at chart rooms in specific industries to see if a company is discussed, and/or use existing relationships to find information about a business.
Often, these investigators are tasked with determining whether a client’s data is for sale or available on the dark web and some highly-qualified vendors are able to collect data and preserve a “chain of evidence” in preparation for litigation. For companies with pending or newly issued patents, such services help confirm the security of their intellectual property, assisting with capital raises. And, for companies that were previously victimized by malware and data breaches, dark web investigators can help determine if a company’s access data, or that of its critical partners, is offered on the dark web. Indeed, just enabling dark web monitoring can alert a business to the presence of malware or a data breach in the event of an unplanned security vulnerability.
While finding and vetting a qualified investigator certainly presents a challenge, companies that hold attractive data might consider dark web private investigators as another form of information security.