The Kaspersky Digital Footprint Intelligence team has discovered nearly 40,000 posts on the dark web (non-public, anonymous websites) over the past two years about selling internal corporate information.
These posts are created by cybercriminals to buy, sell or distribute stolen data from various companies through cyber attacks.
The number of posts offering access to corporate infrastructure increased by 16% year-over-year. Globally, third-party companies were mentioned in dark web posts that offered to sell data or access.
According to observations by experts at Kaspersky Digital Footprint Intelligence, there are an average of 1,731 dark web messages per month about buying, selling and distributing internal company databases and documents. From January 2022 to November 2023, there were a total of nearly 40,000 messages.
Another type of data available on the dark web is access to corporate infrastructure, allowing cybercriminals to purchase pre-existing access to a company, facilitating the optimization of the attacker's operations.
There were more than 6,000 dark web messages advertising similar offers between January 2022 and November 2023. Cybercriminals are now increasingly offering access, with the average number of corresponding messages per month increasing by 16% from 246 in 2022 to 286 in 2023.
To avoid threats related to data breaches, Kaspersky recommends: Continuously monitoring the dark web for fake posts related to breaches, as well as tracking the increase in malicious activity; developing comprehensive incident response plans that should include designated teams, communication channels and protocols that allow for quick and effective handling of such incidents when they occur…
KIM THANH
Source
Comment (0)