Dark Web Monitoring
What threats to your organisation's security lie in the furthest corners of the Internet and on the Dark Web?
Dark Web Monitoring is a highly tailored service providing your organisation with intelligence gathered beyond traditional security testing. It's the ultimate in proactive protection – finding out what you don’t know!
How we can assist:
What Is Dark Web Monitoring?
The dark web is the unregulated part of the internet that is used by cybercriminals to buy and sell data, market tools for hackers and conduct other criminal dealings. Access to the dark web typically requires the use of tools such as TOR as well as specialised knowledge. Unlike most of the web that we use every day, the dark web is not indexed by search engines and doesn’t use convenient and easy-to-remember domain names.
The dark web is the digital equivalent of the black market. It is a place where stolen information and digital weapons are traded. Threat actors can buy everything they need to attack a target from ransomware programs, distribution networks such as botnets and stolen credentials for unauthorised access. Many of the tools and services used by criminals are even supported by help desks that operate on the dark web.
Monitoring the dark web is not simply a matter of using a tool and watching for activity. Dark web monitoring requires specialised skills and contacts developed over many years with the goal of looking for and finding information that pertains to specific threats your organisation faces.
Surface Web, Deep Web, Dark Web Explained
The Internet has several parts: The surface web, deeper web, and dark web: The surface web are websites indexed through a search engine like Google. A forecast for 2020 shows that the Web is currently generating about 4 billion page views. Deep Web pages contain pages that are difficult to find in public. These may include everything like a bank website or email, your health and wellness portals as well as many more sites requiring logging into or paying for the site's log-in and password.
The dark web consists of websites that can only be accessed via special software like Tor, and there are more than 200,000 hidden sites offering illegal services including the sale of drugs, weapons, and stolen data. The dark web is home to a number of criminal activities and it poses a serious risk to organisations when confidential data is exposed or leaked here.
Why dark web monitoring matters to your organisation?
The cybersecurity threats and risks your organisation faces are constantly changing. Dark web monitoring searches the dark web for pertinent information such as email addresses, company names and chatter about activity in your industry vertical. Significant cyber attacks are not carried on on a whim by criminals. They require planning and access to tools, intelligence and methods. Monitoring the dark web gives organisations forewarning of potential attacks so they can adjust their security posture accordingly.
Dark web monitoring is a powerful cybersecurity threat intelligence tool that also enables organisations to engage in proactive threat hunting to learn about potential attacks before they start. This results in faster and more effective incident response. When activity about your organisation or others in your vertical is detected, dark web monitoring gives you a warning so you can be ready. It is also an important tool for detecting accidental data leaks.
Dark Web Monitoring Services
Dark Web Monitoring services combine various information gathering methods, tooling and expert knowledge to detect findings that may be advantageous to an attacker and not detected by traditional scanners and penetration testing.
Our reports are highly regarded for their business utility. They will detail your risks and provide a suggested course of action to remediate against the findings.
Our Dark Web Monitoring Consultants can identify what there is to be found, originating from your organisation, beyond your network borders, that could pose a threat. Investigating, for example:
- Dark Web markets and forums,
- Underground hacker communities
- Social media exposed risks
- Paste Sites
- Internet Relay Chat channels
- the wider Internet.
We look to see what shouldn’t be there… ie stolen data, personal information leakage, breached credentials, proprietary code etc. This can often be the first indication that you have had a breach!
How can Tesserent help?
Tesserent’s intelligence consultants can identify information that relates to the risks your organisation faces. This could come from activity on dark web markets and forums, within underground hacker communities, social media exposed risks, paste sites, Internet Relay Chat channels and the wider Internet.
Armed with deep and broad experience, Tesserent’s experts are skilled at identifying what shouldn’t be on the dark web, whether that’s stolen data, personal information leakage, breached credentials, proprietary code or other sensitive information. This can often be the first indication that you have had a breach or are likely to come under attack.
Dark web monitoring combines various information gathering methods, tooling and expert knowledge to understand what attackers are plotting. This complements traditional threat scanners and penetration testing. The reports Tesserent prepares are highly regarded for their business utility, identifying risks and provide a suggested course of action to ensure the protection of your organisation's information and system assets.
We’ll partner with you to determine Dark Web Monitoring most suitable for your needs:
Dark Web Intelligence Snapshot
This is a point-in-time baseline intelligence engagement to gain an insight into publicly available information across a handful of pre-selected domains. It also includes a human component where we identify key staff, based on their roles in your organisation, and investigate their social media presence and if there is any potentially valuable information that can be used to target that individual.
Dark Web Intelligence Program
This is a continuously evolving intelligence engagement delivered quarterly, driven by client feedback. It includes identification and analysis key staff and their social media risks as in the Intelligence Snapshot service and also organisational elements, using a range of intelligence methods including OSINT, SOCMINT, HUMINT, DARKINT, GEOINT etc. This engagement can be both passive and active. The report is delivered every three months and is a point-in-time analysis.
Continuous Monitoring
Along with the Intelligence Program that provides quarterly reporting, this service includes continuous monitoring of the Dark Web. It covers threats such as new data breaches, databases for sale, confidential information leaks and new ransomware information. All positive alerts will be passed on and an initial assessment provided. Further investigation, or remediation will be at additional cost.
Video
Dark Web Cybersecurity
In an interview with TickerTV, Tesserent CIO, Michael McKinnon, explains the significance and dangers of the dark web, and its role in data breaches and ransom attempts.
Client Story
Tesserent helps BPAY keep payments secure from cyber threats
LINK
Why you need a dark web expert on your security team
Publishing data online has become a common modus operandi for cyber criminals—but will organisations even notice when it happens?
Contact us
Speak with a Tesserent
Security Specialist
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.
