- Organizations with dark web exposure are more vulnerable, reports reporting
- Compromised accounts and market listings double cyber violation risks
- Cumulative dark web sources raise organizational cybersecurity -threats
A study by Searchlight Cyber in collaboration with Marsh McLennan Cyber Risk Intelligence Center has revealed a direct correlation between dark web exposure and increased cyber security risks.
The analysis of over 9,000 organizations provided insight into how data found on the dark web significantly increases the likelihood of cyberattacks, especially against companies without adequate protection.
Therefore, by monitoring dark web exposure, companies can better understand and mitigate these risks, protect their data and reduce the chances of expensive violations.
Dark web information and cyber -risk
The study analyzed dark web information sources against the cyber insurance losses reported from 2020 to 2023 and found a violation rate of 3.7% over four years, suggesting that organizations with any dark web exposure were much higher risk of experiencing a cyber event.
Each of the nine dark web -source sources examined, such as compromised user accounts, dark web market lists and outgoing dark web traffic, showed statistically significant correlations with cyber security risk. The data points not only highlight individual risk factors, but also emphasize the compound risk that emerges when more dark web sources interact.
Furthermore, specific dark web activity increases the probability of cyber attacks. The presence of compromised user accounts associated with an organization was found to raise the risk of a fracture of 2.56 times. Dark Web Market lists, where an organization or its data is mentioned, increased the risk of 2.41 times, while the traffic between an organization’s network and the dark web resulted in a 2.11 times increased risk.
Other types of exposure, such as open source intelligence (osin) results and pasta leaks, also contributed to increased risks. Insert results showed an increase of 88% in the likelihood of an incident, while OSINT -Resulted correlated with a 2.05 times increased risk. The presence of an organization’s data in forums, telegram -chats and dark web pages also contributed to the increased risks, though a little less.
It is also important for organizations to consider multiple dark web intelligence sources together. For example, it was found that an organization identified across five high -risk categories was 77% more likely to suffer a cyber security break compared to organizations without such exposure. Therefore, a combination of sources such as pasta results, osin and market lists provided the strongest indication of cyber risk.
Organizations are therefore encouraged to adopt dark web surveillance practices. Organizations are also encouraged to improve cyber security practices to defend themselves against the risks designated by dark web exposure, including ensuring strong password policies, using multi-factor authentication apps and maintaining up-to-date security protocols to minimize the risk of compromised accounts.
Furthermore, engaging in regular cyber security training for employees can help organizations better discover and respond to phishing trials or other malicious activities that are often initiated through compromised credentials found on the dark web.
“The core find of Marsh McLennan’s analysis is that all data related to your organization on the dark web is very correlated with your chance of a cyber attack,” noted Ben Jones, co -founder and CEO of Searchlight Cyber. Dark web forums, marketplaces and hidden communication channels, and the study has quantified the risk of each of these areas with dark web exposure for the first time. “
“If security teams can identify their exposure to the dark web, they have a huge opportunity to proactively to act, adjust their defense and effectively stop attacks before being launched by cyber criminals. The first step is to get visibility: To understand where the threat to the dark web comes from, where the organization is targeted and continuously monitoring to give themselves the best chance of identifying and stopping a cyber security event. “
