NURO uncovers true value of enterprise data traded on Dark Web

6 March, 2017 by Nuro

NURO Secure Messaging is pleased to announce the release of a new white paper entitled Hacker-nomics: introducing the Dark Web.

Compiled in close collaboration with Professor Alan Woodward, leading cybersecurity expert at Surrey University, UK, the paper examines the true value of enterprise customer data as it trades on the Dark Web following a breach.

The report plots key stages in a cyber crime and investigates the price of breached customer data once it reaches the Dark Web. It also contains a stark warning for CEOs on the dangers of letting employees bring personal phones laden with consumer messaging apps into the office and connecting to the corporate network.

Anatomy of a cyber crime

Three basic stages in a typical cyber crime are highlighted by the study.

The first stage comprises a hacker trawling for data. This may mean bombarding the corporate email server with thousands of phishing emails containing links or attachments harboring malware.

Most enterprises have taken steps to defend against this.

But it could just as easily be employees walking through the door with malware on their smartphone or tablet and connecting to the company network.

According to one survey, seven out of 10 employees use consumer instant messaging apps (IM) like Facebook Messenger, Snapchat and WhatsApp during work hours. Some send up to 100 personal messages on company time.

It’s the equivalent of opening up a fresh, unguarded communications channel into your corporate network.

The second stage is known as “cybercrime as a service” (CaaS). Bulk or partial breached data records are sold-on to intermediaries. They consolidate, clean up and package stolen information into “fullz” to make them more valuable.

Stage three is where the stolen data is put to use. This is either by threatening to publish or use stolen information unless a “ransom” is paid. Or by using the data directly to carry out fraudulent financial transactions or transfer funds.

Value of stolen data

Lax enterprise security measures are leaving databases packed with customer information exposed for hackers to harvest. The report follows this data on its journey to the Dark Web, where hackers trade the stolen data for Bitcoin.

Cybercriminals who buy these details are hoping the login info for one account will unlock others – helped by people’s habit of using the same passwords for multiple online services.

The report finds that in the black economy of the Dark Web, unless the victim is a celebrity or high-profile public figure, the price for the data of ordinary individuals is less than a dollar a time.

This explains why cybercriminals like to gather PII data in such large volumes.

It’s not until stage three that any real money is made. The average return on investment from a ransom demand, says the report, is more than 1,000%.

The expert’s view

In the report Professor Woodward has some advice for companies moving to a Bring Your Own Device (BYOD) or Bring Your Own App (BYOA) policy.

He describes BYOD as a “manageable threat”, just so long as “users agree to the enterprise effectively taking over control of the device.”

Business-grade alternatives to consumer apps for team chat and messaging have security built in by design. Plus they are just as easy to use.

But the Professor has this warning for those businesses that let BYOD reign free, “I think it is an appalling idea to allow people to run apps of unknown provenance on the same device that is being used to access corporate data.

We have seen so many problems with apps being infiltrated with malware that it is tantamount to throwing away all of your perimeter security.”

Regular staff training on such issues as mobile phishing and how to spot messages with suspicious links is important.

But above all, lock down all cloud-based mobile communications channels to close the security loop.

In this way the organization can substantially reduce its threat posture while making funding the cybercriminal lifestyle a lot less likely.

In summary, the NURO report asks the enterprise to take back control of security measures beyond the network in order to embrace technologies such as mobile and cloud-based applications safely.

With so much at stake and so much already invested in security systems to then allow cybercriminals a way into the organization that’s completely beyond the IT department’s control is the business equivalent of shooting yourself in the foot.

The full report is available to download free of charge here: Hacker-nomics: Introducing the Dark Web.