Page 180 - Cyber Defense eMagazine August 2024
P. 180
6,273 compromised employee accounts were discovered on the dark web from 1/1/22 until 11/30/23.
With a concerning trend of more compromised accounts of their employees leaking into the dark web.
Seven concerning spikes in the data indicate the company was breached or a significant company in
their supply chain was breached.
Botnet data
The trend is that the number of PCs used by this company's employees was compromised with malware.
When the PC was compromised with malware, the employee’s username, password, device fingerprint,
and security tokens were also compromised. Threat actors typically buy the rights to push their malware
to these devices, after which they have complete control over the victim’s PC.
For example, an analysis of trends for the same random Fortune 500 company shows additional areas
of concern:
• 5,406 PCs used by their employees were infected with malware from 1/1/22 until 11/30/23.
• A concerning trend of PCs being infected with malware since Q3 2022.
Dark Web Data
Monitoring data from the dark web can reveal threat actors planning to breach a company or how
to monetize a breached or soon-to-be breached company.
Key takeaways:
CTI services can aid companies in understanding and reducing risks originating from their suppliers.
One size does not fit all. The scope and scale of these options are scaled up and down to meet the
individual customer’s and engagement's needs and budget:
Common offering Summary Timing Used for
Self-service Companies can use Risk to Can be done in Used to identify the
evaluation of a determine the cyber-risks of a as little as 15 relative risks of one
potential supplier potential supplier minutes supplier compared
to other potential
suppliers or their
current suppliers.
Cyber Defense eMagazine – August 2024 Edition 180
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
