Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks

Post on 19-Feb-2017

299 views 0 download

Transcript of Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks

Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks

Today’s Speakers

2

Tim LaytonChief Intelligence OfficerSurfWatch Labs

Adam MeyerChief Security StrategistSurfWatch Labs

Gaining Visibility of Your Cyber Risk is Critical to the Viability of Your Business

• Business executives and the Board can no longer keep their head in the sand

• Business leaders are struggling to align security strategies with real-world business strategies

- 14% of corporations report that the Board is actively involved in cybersecurity preparedness

- 52% report minimal involvement

3

4

• Cyber crime is a business - with a very high return taking little effort

• Criminals target businesses that are custodians of a commodity that can be monetized:- Identity information (Employee &

Consumer)- Financial Information (Payment,

Banking, Gift Card, Coupons, Entertainment accounts etc.)

Know Your Adversary

The Threat Balloon

Cybercriminals shift their tactics to hit

targets that are:“Attractive” and “Soft”

5

The Dark Web is a blind spot in your risk program

The Dark Web: Where Your Information is Actively Targeted and Sold

• Hacking for Hire

• PII/Identity Info/Credit Cards

• Cyber Exploits for Sale

• Vulnerabilities for Sale

• Stolen IP, Designs & Counterfeits

• Spam & Phishing Campaigns for Hire

• Doxxing & Investigation for Hire

• Hacktivist Targeting Forums

• Insider Threat for Hire

6

The Dark Web: Where Your Information is Actively Targeted and Sold

7

Emerging Dark Web Trends: What We Can Learn?

8

Compromised Accounts

9

Transactional Accounts

10

Carding

11

Reward Accounts

12

PII/Identities

13

0-Days

14

Traditional Cybersecurity Approaches Have Not Stopped the Bleeding

15

Shift to an Intelligence-Driven Defense• Gain visibility of specific threats to your

business that are on the horizon

• Understand attack execution methods based on cyber trends related to your business profile

• Prepare for attacks and tie your cyber risks to business impact

• Know what information is on the Dark Web

• Drive the most effective cyber defense tactics with strategic and operational intel

The CISO’s Tug of War

16

Source: EMC

Intelligence Operations (Tracking threats) vs. Network Defense (Stop the Bleeding)

How a CISO Can Leverage Dark Web Intelligence to Mitigate Risk• Intel from the Dark Web provides critical

insights on ACTIVE threats to your business• Dark Web intelligence can be applied to

different areas of the business- Threat intelligence teams – know threat actors

and their motivations to improve your defenses- Fraud teams – understand what commodities are

being monetized so you can minimize fraud- Partners and Suppliers – understand the

“presence” your vendors have to complement supply chain risk management

- Breach Response – instead of waiting to “get the call” from law enforcement, get ahead of the curve

17

Mitigating Risk with a Practical Intelligence Operation

• Outsource Your Dark Web Intel –Complement your intel and facilitate faster, more effective risk management decisions

• Focus on Analysis – It’s less about getting more data and more about enabling sound analysis

• Link Intel to Business Impact – Avoid alert fatigue by worrying about threats specific to your business

• People, Process, Technology – Good intelligence leverages automation, expert human analysis and a process for using the intel

18

Using the Dark Web: Legal and Moral Dilemma

19

• The TOR network was designed for anonymity - with that comes people in the business of conducting unethical and illegal activities

• It takes little effort to go from observing illegal activity to participating in illegal activity

• Due to law enforcement activities, more sites are beginning to deploy counter-intelligence, thus monitoring YOU

• More Dark Web markets are invite-only sites, requiring you to have measurable “street cred” to be vetted by site owners

What’s at Stake and Why You Should Care

• Brand and Reputation

• Customer Loyalty

• Intellectual Property

• Legal Defenses

• Sales

• IT Baselines

• Cybersecurity Strategy

Direct Impact on Your Business and Bottom Line!

20

Q&A and Additional SurfWatch Labs Resources

SurfWatch Cyber Advisor:https://www.surfwatchlabs.com/cyber-advisor

Dark Web Surveillance: www.surfwatchlabs.com/dark-web-intelligence

Sample Dark Web Intelligence Report:info.surfwatchlabs.com/dark-web-report

Personal SurfWatch Consultation:info.surfwatchlabs.com/dark-web-service-consultation

Shine a Light on Your Dark Web Risks

21

Thank You!

www.surfwatchlabs.comFollow us at: