Today, everywhere you turn, there are warnings about the surge in cybercrimes, as miscreants take advantage of the globe’s newfound dependence on the virtual world. This has also drawn attention to the breeding ground of cybercrime – the dark web. A haven for communication and exchange between cybercriminals, the dark web is easily accessible and owing to anonymization and digital currencies, a full-fledged economy is now looming on a global scale, right under the nose of law enforcement agencies.
By Sridhar S, Head of Managed Cloud and Security Services, Tata Communications
If you looked closer, this digital black market devotes a good chunk to trading stolen enterprise, financial, and personal information. Recently, a cloud-based instant messaging service provider became a victim of one such attack. The leaked data, which included personal information like user identities, phone numbers, and e-mail IDs, was eventually discovered on the dark web with most of it belonging to large enterprises, whose annual incomes run into hundreds of millions of dollars.
The ongoing and ever-shifting threat environment necessitates real-time monitoring and exposure scanning on the dark web for data leakage and attack anticipation, which can help an organization identify, assess, monitor, and respond to cyberthreats posted on the unregulated part of the internet.
But the bigger question here is that with employees across the world still working from home, how can enterprises mitigate security lapses on the network perimeter? Given the dark web’s sophisticated privacy and encryption techniques, traditional cybersecurity measures cannot promise substantial cyber safety. Consequently, enterprises must rethink their remote working solutions and implement better security controls and more stringent policies. For instance, putting in place zero-trust solutions can help them leverage micro-segmentation and limit remote users’ access to enterprise data based on their locations and other credentials. However, to do this, the zero-trust model relies on technologies, such as orchestration and multi-factor authentication. While multi-factor authentication can add extra layers of security and prevent cybercriminals from breaking into the enterprise’s network and stealing confidential data, orchestration is focused on integrating security tools and systems into an automated workflow. These automation tools issue an alert when new and relevant information emerges on the dark web, enabling the organization to determine which instance requires escalation and investigation. Further, automation tools can also help businesses to understand emerging malware and accordingly develop cybersecurity technology stacks.
Additionally, emerging machine learning and data analytics tools can also become strong weapons to provide early warnings on threats by enabling cyber-threat intelligence, which integrates a combination of open source and commercial threat providers.
However, as we look at the post-COVID-19 scenario, we can only expect digitization to grow dramatically across the globe, especially in India. This in turn will increase demand for cybersecurity and privacy regulations, which can play a critical role in creating a culture of compliance, addressing the current gaps, and providing a strong framework to handle issues related to cybersecurity. Along these lines, the Government of India has envisioned the National Cyber Security Strategy 2020, to focus on all areas of cybersecurity through its three key pillars – secure, strengthen, and synergize. Further, the Government of India has also initiated the setting up of the National Cyber Coordination Centre (NCCC) to generate awareness on potential threats on the dark web and other cybersecurity risks.
While the reality of the dark web can be unsettling, even scary, the security community must rethink its approach and come together to deal with cybercrime. Though endpoint protection can help to an extent, understanding the dynamic and nonlinear network mechanics can help disrupt the supply chain of tools between criminal groups. Until then, enterprises need to continually access the value of their confidential data and prepare their defense cybersecurity strategies accordingly.
About the Author
Sridhar S. heads the Managed Services businesses of Cloud, Hosting and Security for Tata Communications. He has been in the IT industry for nearly 30 years and has held several leadership roles in blue-chip companies such as Dell, IBM, Intel, and HCL, working across markets such as India, Asia, and the U.S. He is based in Bangalore, India.
Views expressed in this article are personal. The facts, opinions, and language in the article do not necessarily reflect the views of CISO MAG.
Read Sridhar’s interview here.