The dark web refers to a part of the internet that is not indexed by search engines. A recent study conducted by Dr Michael McGuires showed the number of dark web listings that could harm an enterprise has risen by 20% since 2016, and approximately 60% of all these listings could potentially harm organizations. For instance, recently the cybercriminals have placed the personal information of more than 538 million Weibo users for sale online which they obtained via the data breach cyberattack on the Chinese social network in mid-2019. The database which is being posted for sale in the dark web market contains detailed user records including Weibo user’s names, usernames, gender, location and in some cases their phone number as well. Due to the lack of passwords the database is being offered only for $150 (negotiable) by the cybercriminals.
In accordance with this dark web marketplace trading, Cyble provides the service of the largest data breach and darkweb monitoring and search engine which holds over 30 billion darkweb records. Recently the Cyble Research Unit (CRU) reported a credible threat actor selling over 50,000 vulnerable websites list in the darkweb market.
Has anyone thought of how do these cyber criminals get hold of access to the crunch of data and then post them for sale in the dark web marketplace? In some cases, it has been observed that the cybercriminals even recruit the penetration testers to steal a large amount of data from various databases. Recently the CRU tracked down a form of a post or an advertisement containing information in relation to the hiring of penetration testers to steal data from illegal websites and also had the pay rates, and form of payment is mentioned in it.
Beenu Arora, CEO of Cyble and member of Forbes Technology Council commented — “The rapid growth of the dark web markets are of serious concerns, due to the supply of funds through cryptocurrencies, existing and new actors are scaling their operations and improving their tools and techniques. As the trend is going upwards, organizations must take proper measure to expand their visibility in the darkweb, which constitutes over 90% of the Internet.” Cyble is also reporting a sharp increase in the volume and sophistication of cyber-attacks leveraging COVID-19 as a threat vector.
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.