Unmapped and intricate
Even with targeted monitoring of marketplaces, finding leaked data on the darknet is difficult.
Regarding the ‘Medicare machine’ story, Tudge claimed last that “investigations into activities on the dark web occur continually”.
“The darknet is a large, unmapped and intricate space, and although AusCERT and other companies do track a lot of activity, it's virtually impossible to see everything that's going on,” Vaccaro explains.
Nevertheless, darknet monitoring services are potentially hugely valuable, and a proactive way of identifying insider threats. They provide a mitigation against the huge risk of customer data, intellectual property and company funds being leaked, not to mention the reputational damage and regulatory fines that could come as a result.
The problem is not going away and the incentives to act as an insider are growing. Research from RedOwl and IntSights, published in February, noted a rise in appeals from hackers on the darknet, seeking to employ insiders.
“In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network,” the report said. The researchers found that one hacker offered to pay the insider “seven figures on a weekly basis” for access to a bank’s computer.
“To any CIOs or CISOs, I would say: What is the cost of breached data to your organisation? What would be the impact if your customer data was exposed? What is the damage that can be done if staff accounts are compromised?” Vaccaro says. “If you understand the impact, then you can evaluate whether the cost of such services balance against the benefits of a monitoring service.”
Sign up for CIO Asia eNewsletters.