Even before the current coronavirus pandemic inflicted itself upon the world, cyberthreats were already making themselves known to businesses and individuals alike. But with remote work being the new normal and an increasing number of organizations converting operations to digital platforms, the incidence of cybersecurity breaches have become even more of a problem. This recent spike in cyberattacks, coupled with reports of election-related digital security breaches from the US, provides a valuable reminder of the significance of deploying the latest cybersecurity protection strategies.
It is the job of security intel analysts to search for potential threats and recommend methods for shoring up security. A cybersecurity approach that is gaining momentum uses virtual analysts to track hackers where they live on the Dark Web, analysing the data acquired to anticipate where the next attack might come from and prevent them from breaching an organization’s security.
Though not a perfect analogy, Stephen Spielberg’s film based on the 1956 Philip K. Dick science fiction novella Minority Report reflected a similar “prevent crime before it happens” approach.
In this article, we will investigate several cybersecurity methodologies, analysing the prime usage of each, including new preventative approaches to determining threat levels and security responses.
For an organization with an international reach, it pays to invest in a mature threat intelligence program. Cybersecurity breaches can not only wreak havoc on systems that protect secure data, but also put a company’s financial details at risk. In the first half of 2020, Fortune 500 companies were targeted by hackers who pawned sensitive data, confidential information, and account credentials to cybercriminal forums.
Global cybersecurity is of maximum significance now more than ever, as risks come not just from casual hackers, but also government surveillance operations which can also pose significant threats to employee data. As the number and sophistication of threats evolve, so do the approaches to securing systems against these risks.
One multifaceted approach to preventative cybersecurity is PASTA, a seven-step Process for Attack Simulation and Threat Analysis. With the PASTA approach, companies hire security experts to analyze data to better understand how a potential attacker would view applications and systems, thus allowing them to determine weak spots and vulnerabilities.
These experts act as advisors, providing threat management solutions and security rating and maintenance protocols. The PASTA method includes analysis of the potential risks and impacts on a business for each hypothetical attack. This means that company executives can decide to implement strategic policies based on these analyst insights on the basis of which have the highest likelihood of eventually being manifested.
But even the most in-depth analysis of potential risks and breach factors by professional analysts is still limited if they don’t venture to where the hackers live and work. On the so-called Dark Web. A new approach to predictive cybersecurity requires masked information collection and analysis. Cyfirma, a new cybersecurity firm headed by Kumar Ritesh, who has previously worked with the British Intelligence service and the CIA, deploys virtual agents onto the Dark Web and underground forums, where they identify threat information targeted towards a specific company.
These agents work to form connections among disparate Dark Web details, creating webs of relevancy by identifying perpetrators of multiple attacks. This information is then sent to a platform where a mathematical model processes the data, sifting out the informational white noise as it determines which signals might lend themselves to discovering useful insights. By uncovering these threats before an attack actually occurs, companies can take preventative action, like our Minority Report hero played in the film by Tom Cruise.
Unfortunately, the standard operating procedure in today’s world is to react to threats that are already underway by identifying Indicators of Compromise (IOC), and then sending reports of these IOCs to security teams who then scramble to prevent further suspicious activity. Cyfirma’s approach is highly predictive, sourcing the roots of issues before they occur, and thus enabling companies to perhaps fend off any damage at all.
Cybersecurity agents who mine the dark web can already uncover a lot of information. In June, virtual agents determined that the number of sacked employees peddling inside information on the Dark Web was increasing rapidly- particularly among employees from India. One laid off employee sold over 9,000 client details for a major IT firm in India, while another disgruntled former employee offered remote software. For clients seeking to protect their assets, this inside info from the Dark Web is invaluable.
Virtual agents monitoring information on the Dark Web can uncover other scams as well. With the current global panic over coronavirus, undercover Dark Web agents have revealed a number of hackers attempting to sell fake coronavirus vaccines online for up to $25,000. And at the same time, other scammer groups are touting “organic medicines” that could not only cure an individual symptomatic outbreak of the disease, but completely eradicate coronavirus from the body altogether.
With the pandemic still in full swing, more consumers are turning to the dark web to make purchases of illicit goods - leading to more opportunities for hackers and scammers. Business on the dark web has recently increased by about 20% and a recent survey of Dark Web interactions revealed more than 160 million data records in circulation. While a lot of this traffic may be directed towards purchasing drugs and other illegal contraband online, cybersecurity agents make it their job to sniff out the potential threats to information and data privacy, software resilience, and other forms of cybersecurity.
By infiltrating and monitoring transactions and trends on the Dark Web, cybersecurity specialists can analyze patterns, predict threats, and prevent damaging privacy breaches. Cybersecurity companies can use this insider information to identify insider threats and stave off compromised data or ransomware attacks. Now more than ever, it makes sense to turn to experts who, for the sake of protecting company and personal assets, are willing to investigate the dark underbelly of the internet.