Kaspersky experts last year notified 258 companies worldwide that their databases or compromised accounts were being offered for sale on the dark web. Almost a third did not respond to the notices.
A quarter of these companies came from Europe, 14 of them even from the DACH region. The problem with this: 28 percent of the affected companies worldwide reacted with indifference or denial.
As part of an initiative by the Kaspersky Digital Footprint Intelligence team, affected companies received an immediate notification when a cybersecurity incident related to compromised company data was detected on the dark web, such as database sales, infrastructure compromises or ransomware.
European companies most affected
Darknet forums and blogs as well as hidden Telegram channels were monitored for analysis. Incidents involving falsified, public or generic data were not considered reportable. In order to avoid unauthorized access to the infrastructure of the affected companies, the compromised data was not checked in any way.
Overall, Kaspersky discovered 258 such critical incidents in the past year, in which corporate accounts were found on the dark web and would have required an immediate response from the company. Those from Europe were most affected, with more than 25 percent of the reports coming from this region. A total of 66 companies in Europe were affected, 14 of them from Germany, Switzerland and Austria - from the fields of medicine, education, manufacturing, banking and aviation.
Data on the dark web? companies rather uninterested
Overall, the results of the initiative show a worrying trend: almost every second (42 percent) company worldwide lacks a dedicated point of contact for cyber incidents, while 28 percent reacted indifferently or even denied incidents. Only 22 percent of companies that received a notification responded appropriately, accepting the information and assuming the risks; another 5 percent demonstrated proactive monitoring and detection, indicating they were already aware of the incident.
“The results of our initiative on how companies are responding to data on the dark web are rather discouraging,” said Yuliya Novikova, Head of Digital Footprint Intelligence at Kaspersky. “Only a third of companies responded appropriately to the situation, while the majority wavered between ignorance, denial or helplessness. In the past, darknet monitoring was still quite confusing and difficult to organize, but this has changed. It has now become a valuable and accessible source of threat intelligence for cybersecurity professionals, including CTI and SOC analysts. This resource enables an immediate response to security incidents, such as offers to sell access to corporate systems or data leaks, ultimately helping prevent data breaches.”
More at Kaspersky.de
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/