IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Strengthening cyber security in the age of the dark web

With the internet’s hidden recesses fuelling enterprise attacks, how can the channel boost security?

Dark Web

In their role as trusted advisors, channel partners are well-positioned to educate customers on new and emerging threats. One such threat is the theft of data, a much sought-after currency in today's digital world. Whether it's sensitive company data, employee records or customers' personally identifiable information (PII), all data has a value to cyber criminals.

A recent rise in data theft has been fuelled, in no small part, by the dark web, a dingy corner of the internet where stolen data can be bought and sold freely. But the dark web today does more than provide a trading post for data thieves; it actively enables cyber attacks by offering a variety of custom-built malware, network access tools and corporate espionage services to hackers.

Recent academic research shows the dark web has become a haven for custom-made, targeted malware, with threats tailored to specific industries or organisations outnumbering off-the-shelf varieties two to one. The enterprise, moreover, is directly in the firing line, with four in ten vendors selling targeted hacking services aimed at FTSE 100 and Fortune 500 businesses, with a 20% rise in the number of dark web listings with a direct potential to harm the enterprise since 2016.

The study discovered that access to corporate networks is sold openly - 60% of vendors approached by researchers offered access to more than ten business networks each. These include banking and finance, healthcare, ecommerce and education, as well as corporate networks. The methods for providing access vary - some involve stolen remote access credentials for sale for less than the price of a newspaper, while others involve backdoor access or the use of malware.

The relatively low cost and availability of these services mean that it's never been easier for hackers to launch a successful attack on an organisation. And, as we know, the fallout of a data breach can be devastating, causing untold financial and reputational damage. According to the Ponemon Institute, the average cost of a data breach in 2018 now exceeds $3.8 million. This, however, can also be seen as an opportunity for channel partners to help address the threats and differentiate themselves from other providers.

With such sophisticated and complex malware now easily available to hackers, it's vitally important that security-focused channel partners extend the conversation beyond the boundaries of traditional detection-based solutions, such as endpoint detection and response (EDR) and antivirus (AV), which can actually struggle to identify new threats.

In many instances, the kind of custom malware now available to cyber criminals will be unknown to conventional security systems and given a free pass to sail through undetected by the target network. Instead, channel partners need to help organisations adopt a layered security strategy that includes application isolation capabilities to contain threats. These capabilities can also generate in-depth threat telemetry that can be shared across security platforms to stop cybercriminals from obtaining persistent footholds in corporate networks.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Accelerating security and success for MSPs with automation
Sponsored

Accelerating security and success for MSPs with automation

25 May 2022
Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure
cloud computing

Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure

24 May 2022
T-Mobile unveils new 5G Advanced Network Solutions
Network & Internet

T-Mobile unveils new 5G Advanced Network Solutions

24 May 2022
Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022