UPDATED 00:01 EST / OCTOBER 19 2021

SECURITY

Stolen data on the dark web is being accessed faster than ever

New research released today by cloud security company Bitglass Inc. finds that stolen data on the dark web is being shared and accessed more quicker than ever.

Following up on a data tracking experiment in 2015, the researchers created a fictional identity claiming to have a list of vetted login and password data originating from the RockYou2021 password compilation leak. The Bitglass researchers posted the data on various marketplaces on the dark web, a shady corner of the internet reachable with special software, and pastebins with links to fake files with credentials that would allow access inside retail, government, gaming and media organizations.

The files were embedded with Bitglass’ watermarking technology, which traced the data after users on the dark web accessed it, allowing the Bitglass Threat Research Group to track its use.

The first major finding is that stolen data now has a broader reach and moves more quickly. The fake files received more than 13,200 views in 2021 versus 1,100 views in 2015, a 12-fold jump. In 2015, it took 12 days to reach 1,100 link views, while in 2021 it took less than 24 hours.

Dark web activity is described as having become even darker, with the number of anonymous viewers on the dark web in 2021 coming in at 93% compared with 67% in 2015. The experiment also indicated an interest in retail and government data from anonymous viewers, at 36% and 31% respectively.

Cybercriminals, in general, were found to be particularly interested in retail and U.S. government data, with data to access retail and U.S. government networks receiving the most clicks, 37% and 32%, respectively.

“Gaining access to large retailers’ networks remains a top priority for many cybercriminals wishing to deploy ransomware and extort payouts from large and profitable organizations,” noted Mike Schuricht, leader of the Bitglass Threat Research Group. “Similarly, interest in the U.S. government information is likely either from state-sponsored hackers or independent hackers looking to sell this information to nation-states.”

By country, the top three locations for downloads on the fake stolen data originated from Kenya, the U.S. and Romania.

“In comparing the results of this latest experiment to that of 2015, it is clear that data on the Dark Web is spreading further, faster,” Schuricht said. “Not only that, but cybercriminals are getting better at covering their tracks and taking steps to evade law enforcement efforts to prosecute cybercrime.”

Unfortunately, organizations’ cybersecurity efforts to protect data have not kept pace, as evident by the continuous onslaught of headlines reporting on the latest data breaches, Schuricht added. “As we advised organizations six years ago, it is vital they use best practices and new technologies to protect their data.”

Photo: Pikist

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU