Data belonging to every Fortune 500 company is available on the dark net, suggesting that personal data of millions of customers are at risk and could be sold to third parties.
Firms that store a large amount of customer information have the largest footprint on the dark net and are the most vulnerable.
OWL, a cyber-security research firm, recently created a dark net database named OWL VISION to analyse the footprint of all 2017 Fortune 500 companies on the dark web and the degree to which they are vulnerable to cyber-criminals. The database is updated with 10 to 15 million dark net pages per day as well as from more than 24,000 domains on the Tor network alone, along with other darknet networks.
O2 customers’ personal data found for sale on Dark Web
The OWL VISION database, which can be queried via Boolean logic, proximity search, email domains, and more, was used to assess each 2017 Fortune 500 company on the dark net and revealed astonishing results. Researchers found footprints of every single company, with technology and telecommunications companies leading the pack, on the dark net. Data belonging to such companies, which also included sensitive customer information, was either stored on the dark net or put up for sale by hackers.
Based on their observations, the researchers at OWL created a Cybersecurity Darknet Index that ranked Fortune 500 companies based on their darknet footprint score. Amazon led the group with a darknet index score of 19.16, followed by other technology companies like Google, Apple, Facebook, eBay and American Express.
The likes of Netflix, Microsoft, AT&T, FedEx, Texas Instruments and General Electric also featured among the top twenty companies with the highest darknet footprint scores.
Hacker selling 32 million Twitter passwords on the Dark Web
"The company with the largest hackishness-rated darknet footprint, Amazon, is not a surprise given their massive internet presence and the fraud potential of the data they maintain. In fact, the Top 5 Darknet Index firms, Amazon, Google, Apple, Facebook, and eBay, are all in the Technology sector and all use credentials extensively," the researchers noted.
While telecommunications companies were the most vulnerable on the dark net, finance and healthcare firms had a lower footprint than expected, which reflected that their cybersecurity spending was in line with their needs. A similar trend was also noted among banking firms which have also invested heavily on cybersecurity over the years. "The fact that companies in the Financial sector tend to score well in our survey attests to the success of their cybersecurity efforts as an industry," the researchers added.
Windows zero-day vulnerability for sale for $90,000 on Dark Web
If a Fortune 500 company starts investing more on cybersecurity and implementing best practices, its cybersecurity index score will improve over time while its footprint on the dark net will slowly evaporate. Since the dark net is treated by hackers as a safe place to do business and store their data, an analysis of the same will reveal a clear picture of how strong a company's cybersecurity is.
"Today, in an age where data loss is virtually inevitable, it is critical to look at the darknet as a key part of a complete cybersecurity program, enabling organizations to swiftly detect security gaps and mitigate damage prior to the misuse of data," the researchers concluded.