Page 107 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 107
These risks are referred to as ‘unknown knowns’ (blind spots or information that the organization is
unaware of - but a potential adversary can exploit to their advantage). Organizations do have a way to
overcome this blind spot, however.
Cybercriminals have been known to frequent the “darkweb” (the hidden part of the internet accessible via
specialized browsers and networks to help preserve anonymity) to advertise and monetize the illegally
obtained information through successful cyber-attacks. This information includes stolen access
credentials (usernames and passwords) to the victim’s corporate network and business applications,
banking accounts, or sensitive personal /business information stolen during a successful malware attack
or a data breach. This information is procured by other cybercriminals who can leverage the compromised
account access to either steal funds, exfiltrate sensitive data or launch another advanced cyber-attack
(like a ransomware attack) on the victim organization.
Cybercriminals have also been observed discussing potential vulnerabilities that they have found in their
target companies on various darkweb forums.
With specialized darkweb monitoring services, organizations can become aware of such vulnerabilities
in their infrastructure and potentially compromised users or systems before their access credentials are
abused or misused in follow-up attacks. Based on this intelligence, organizations can immediately take
remedial measures such as resetting credentials, conducting a security assessment, or a forensic
investigation to identify and remediate malware or vulnerabilities to minimize or eliminate the risk of an
impending attack.
107
