As a Bitglass study shows, the spread of stolen data in the Darknet is 11 times higher than in 2015. “Where's My Data” experiment 2021 shows that the Darknet has become a larger and busier trading center.
A new study by cloud security provider Bitglass shows how cybercriminal behavior and the value of stolen data have developed in the darknet. Bitglass carried out the world's first data tracking experiment back in 2015to better understand how data is viewed and accessed on the Darknet. In view of increasing digitization and a growing number of data protection violations, the Bitglass Threat Research Group has reissued this experiment and compared it with the results from six years ago. This provided the following findings:
Stolen data has a greater reach and spreads faster
- Security breach data received over 2021 views in 13.200, compared to 1.100 views in 2015 - an increase of 1.100 percent.
- In 2015 it took 12 days to reach 1.100 link views - in 2021 it took less than 24 hours to surpass this milestone.
- Security breach data was downloaded from facilities on all five continents.
"We believe that the increasing volume of data breaches and the increasing opportunities for cyber criminals to monetize exfiltrated data have led to this increased interest and activity around stolen data on the darknet," says Mike Schuricht, Head of Bitglass Threat Research Group.
More actors and activities in the darknet
The current figures show a strong increase compared to 2015.
- The number of anonymous viewers on the Darknet exceeds in 2021 with 93 percent that of 2015 (67 percent).
- This year's experiment shows that the anonymous viewers showed a particular interest in retail and government data (36 percent and 31 percent).
"Given the increased efforts of law enforcement agencies to track down and prosecute cybercriminals, we expect malicious actors to continue using anonymous VPNs and proxies when accessing leaked data to evade law enforcement," Schuricht said.
Cyber criminals are particularly interested in retail and US government data
● Of all the types of data Bitglass researchers sowed on the darknet, data for the retail and US government networks received the most clicks, 37 percent and 32 percent, respectively.
"Gaining access to the networks of large retailers is still the top priority for many cyber criminals who use ransomware and want to extort payments from large and profitable companies," explains Schuricht. "Likewise, interest in US government information is likely to come from either state-funded hackers or from independent hackers who want to sell that information to nation-states."
Top Cyber Criminal Locations
The top three cybercriminal locations with the most stolen data downloads were Kenya, United States, and Romania.
"If you compare the results of this latest experiment with those from 2015, it becomes clear that the data on the Darknet spread further and faster," explains Schuricht. Not only that, cybercriminals are getting better at covering their tracks and taking action to evade law enforcement efforts to track down cybercrimes. Unfortunately, as evidenced by the continuous onslaught of headlines about the latest data breaches, corporate cybersecurity efforts to protect data have not kept pace. As we advised businesses six years ago, it's important that they use best practices and new technologies to protect their data."
The methodology of the report
Bitglass Threat Research Group created a fictional identity claiming to have a list of verified login and password information obtained from the RockYou2021 password leak come. The researchers posted links to fake credentials files on various darknet marketplaces also known as "pastebins" that allegedly allow access within retail, government, gaming and media organizations. The files were imprinted with Bitglass' proprietary watermark technology that tracked the data after users accessed it on the Darknet. This enabled the Bitglass Threat Research Group to pull the curtain on current darknet trends and uncover the current value of stolen data. The full report is available for download.
More at Bitglass.com
About Bitglass Bitglass is a global provider of a NextGen CASB solution based in Silicon Valley. The company's cloud security solutions offer agentless zero-day, data and threat protection everywhere, for every application and every device. Bitglass is funded by senior investors and was founded in 2013 by a group of industry veterans who have introduced and implemented numerous innovations in the past.