Kaspersky Digital Footprint Intelligence, in a two-year study, uncovers nearly 40,000 dark web posts facilitating the trade of internal corporate information. These posts, orchestrated by cybercriminals, serve as marketplaces for buying, selling, or distributing data stolen through cyberattacks. A 16 percent increase in posts offering access to corporate infrastructures has been observed compared to the previous year. Notably, one in three companies worldwide is referenced in dark web posts associated with data or access sales.
Between January 2022 and November 2023, Kaspersky’s experts tracked an average of 1,731 dark web messages per month regarding the sale, purchase, and distribution of internal corporate databases, totalling close to 40,000 messages. The study encompassed dark web forums, blogs, and shadow Telegram channels.
Another concerning aspect is the availability of access to corporate infrastructures, with over 6,000 dark web messages advertising such offers in the same period. Cybercriminals are increasingly offering access, witnessing a 16 percent rise in the monthly average from 2022 to 2023. While seemingly low in number, the potential impact is significant, especially with the looming threat of supply chain attacks in the coming year.
Kaspersky emphasises the need for businesses to enhance security measures, suggesting swift identification and response to data breaches, continuous monitoring of the dark web, preparation of communication plans, and development of comprehensive incident response plans. The report tracks mentions of 700 random companies related to compromised corporate data in 2022, highlighting the prevalence of dark web discussions and the need for proactive cybersecurity measures.
