The Kaspersky Digital Footprint Intelligence team has presented the results of its initiative that took place in 2022 around monitoring leaks on the darknet. Experts tracked dark web posts offering for sale access to companies, databases or leaked accounts and other critical incidents. The Kaspersky team then notified affected companies. The initiative showed that companies from Europe were affected most often, accounting for more than 25 percent of all reports. This global trend also exposes the unpreparedness, denial and negligence of affected companies when it comes to data breach incidents.
As part of the Kaspersky Digital Footprint Intelligence team's recent initiative, each time a cybersecurity incident was discovered, the affected company received immediate notification from the Kaspersky team about the threat. These included leaked corporate data on the dark web, such as database sales, corporate infrastructure leaks or ransomware.
As a result of the initiative, 258 companies worldwide received incident reports. More than 25 percent, or 66 reported incidents, were for European companies. These incidents were critical and time-sensitive, requiring immediate attention from the affected company. Incidents involving false, public or generic data were not considered reportable. Monitoring was conducted on dark web forums and blogs, and shadow channels on Telegram. To prevent unauthorized access to the affected companies' infrastructure, leaked data was not verified in any way.
The initiative's global results revealed a disturbing trend: 42 percent of companies do not have a dedicated point of contact for cyber incidents. In addition, 28 percent show indifference and even 2 percent deny incidents. This negligence can lead to fines, loss of trust and financial losses and is especially relevant to Europe, where AVG regulations are strict. Fortunately, 22 percent responded appropriately, accepting the information and addressing the risks. 6 percent showed proactive monitoring and detection, indicating they were already aware of the incident.
The findings of our initiative regarding companies' responses to data breaches on the darknet are quite disheartening. Only one-third of companies responded adequately to the situation, while the majority seemed to be overwhelmed by a whirlwind of emotions ranging from ignorance to denial and helplessness," said Yuliya Novikova, head of Digital Footprint Intelligence. "Darknet monitoring may have seemed complex in the past, but the current situation is evolving. Darknet monitoring has now emerged as a valuable and accessible source of threat intelligence for cybersecurity professionals. This resource enables immediate response to security incidents such as offers to sell data breaches or access to corporate systems, which ultimately helps prevent data breaches."