Dark Web Monitoring
What threats to your organisation's security lie in the furthest corners of the Internet and on the Dark Web?
How we can assist:
The dark web is the unregulated part of the internet that is used by cybercriminals to buy and sell data, market tools for hackers and conduct other criminal dealings. Access to the dark web typically requires the use of tools such as TOR as well as specialised knowledge. Unlike most of the web that we use every day, the dark web is not indexed by search engines and doesn’t use convenient and easy-to-remember domain names.
The dark web is the digital equivalent of the black market. It is a place where stolen information and digital weapons are traded. Threat actors can buy everything they need to attack a target from ransomware programs, distribution networks such as botnets and stolen credentials for unauthorised access. Many of the tools and services used by criminals are even supported by help desks that operate on the dark web.
Monitoring the dark web in New Zealand is not simply a matter of using a tool and watching for activity. Dark web monitoring requires specialised skills and contacts developed over many years with the goal of looking for and finding information that pertains to specific threats your organisation faces.
The cybersecurity threats and risks your organisation faces are constantly changing. Dark web monitoring searches the dark web for pertinent information such as email addresses, company names and chatter about activity in your industry vertical. Significant cyber attacks are not carried on on a whim by criminals. They require planning and access to tools, intelligence and methods. Monitoring the dark web gives organisations forewarning of potential attacks so they can adjust their security posture accordingly.
Dark web monitoring is a powerful cybersecurity threat intelligence tool that also enables organisations to engage in proactive threat hunting to learn about potential attacks before they start. This results in faster and more effective incident response. When activity about your organisation or others in your vertical is detected, dark web monitoring gives you a warning so you can be ready. It is also an important tool for detecting accidental data leaks.
Dark Web Monitoring services in New Zealand combine various information gathering methods, tooling and expert knowledge to detect findings that may be advantageous to an attacker and not detected by traditional scanners and penetration testing.
Our reports are highly regarded for their business utility. They will detail your risks and provide a suggested course of action to remediate against the findings.
Our Dark Web Monitoring Consultants can identify what there is to be found, originating from your organisation, beyond your network borders, that could pose a threat. Investigating, for example:
We look to see what shouldn’t be there… ie stolen data, personal information leakage, breached credentials, proprietary code etc. This can often be the first indication that you have had a breach!
Tesserent’s intelligence consultants can identify information that relates to the risks your organisation faces. This could come from activity on dark web markets and forums, within underground hacker communities, social media exposed risks, paste sites, Internet Relay Chat channels and the wider Internet.
Armed with deep and broad experience, Tesserent’s experts are skilled at identifying what shouldn’t be on the dark web, whether that’s stolen data, personal information leakage, breached credentials, proprietary code or other sensitive information. This can often be the first indication that you have had a breach or are likely to come under attack.
Dark web monitoring combines various information gathering methods, tooling and expert knowledge to understand what attackers are plotting. This complements traditional threat scanners and penetration testing. The reports Tesserent prepares are highly regarded for their business utility, identifying risks and provide a suggested course of action to ensure the protection of your organisation's information and system assets.
Dark Web Intelligence Snapshot
This is a point-in-time baseline intelligence engagement to gain an insight into publicly available information across a handful of pre-selected domains. It also includes a human component where we identify key staff, based on their roles in your organisation, and investigate their social media presence and if there is any potentially valuable information that can be used to target that individual.
Dark Web Intelligence Program
This is a continuously evolving intelligence engagement delivered quarterly, driven by client feedback. It includes identification and analysis key staff and their social media risks as in the Intelligence Snapshot service and also organisational elements, using a range of intelligence methods including OSINT, SOCMINT, HUMINT, DARKINT, GEOINT etc. This engagement can be both passive and active. The report is delivered every three months and is a point-in-time analysis.
Along with the Intelligence Program that provides quarterly reporting, this service includes continuous monitoring of the Dark Web. It covers threats such as new data breaches, databases for sale, confidential information leaks and new ransomware information. All positive alerts will be passed on and an initial assessment provided. Further investigation, or remediation will be at additional cost.
In an interview with TickerTV, Tesserent CIO, Michael McKinnon, explains the significance and dangers of the dark web, and its role in data breaches and ransom attempts.
The dark web is a part of the internet that is not indexed by search engines and requires special software to access. It is often used for illegal activities, such as selling drugs or stolen information.
Monitoring the dark web can help organisations identify potential threats to their systems and data. Cybercriminals often use the dark web to buy and sell stolen information, such as passwords and credit card numbers, or to communicate with each other about their criminal activities.
Dark web monitoring can be used to search for a wide range of information, including stolen data, compromised login credentials, and conversations about potential cyber attacks.
Dark web monitoring can be conducted using specialised software that scans the dark web for specific keywords or patterns of activity. Some organisations also use human analysts to review the information collected by the software.
Yes, it is legal to monitor the dark web, as long as the information being collected is not used for illegal purposes.
Common dark web threats include phishing attacks, malware distribution, and the sale of stolen data and login credentials.
Organisations can protect themselves from dark web threats by implementing strong cybersecurity measures, such as using multi-factor authentication and regularly updating software and security protocols. It is also important to educate employees about the risks of the dark web and how to avoid falling victim to cyber attacks.
The frequency of dark web monitoring depends on the specific needs of the organization. Some organisations may choose to conduct continuous monitoring, while others may opt for periodic scans.
Organisations should immediately take steps to mitigate the threat, such as changing passwords or notifying affected individuals. They should also report the incident to law enforcement and consider enlisting the help of Tesserent cybersecurity solutions.
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.