Know your enemy to better protect yourself against cybercrime

Roland Daccache, System Engineering Manager, CrowdStrike META.

Organizations need to achieve situational awareness and monitor cybercrime actors in the Dark Web, in order to build cyber resilience and preparedness.

That’s what Roland Daccache, cybersecurity expert and head of systems engineering for the Middle East and Africa at CrowdStrike, said in a webinar hosted by CrowdStrike, titled Expose the open, deep and dark web.

Daccache and Jean Saad, senior systems engineer and threat intelligence expert at CrowdStrike, highlighted how crucial it is for organizations to monitor and analyze the Dark Web to gain insight into leaks and the emerging risks that affect them. threaten directly. However, this requires specialized tools and expertise, as access and credentials for rogue sites are difficult to obtain, and offending messages appear and disappear quickly on the Dark Web.

“As a subset of the Deep Web, the Dark Web is where things get really interesting, with everything from passwords for sale and ransomware as a service, to organ trafficking. The Dark Web is larger than the parts of the Internet exposed to search engines. You can’t monitor and analyze everything on your own – no one can do it, ”Daccache said.

As a subset of the Deep Web, the Dark Web is where things get really interesting.

Roland Daccache, CrowdStrike.

He said organizations should monitor discussions related to their region, industry and brand.

“We might also be interested in knowing if prominent figures in my organization are being targeted or impersonated. If I were a bank, I would be interested in my bank data, stolen credentials or credit card data. If I wanted to go further, maybe I would also like to look at my supply chain exposure. Knowing that you are the target of cybercrime actors is like knowing that you are going to be robbed tonight – you will take steps to reduce your risk.

Anyone with sensitive information was in danger, he said. “Threat actors don’t need visas – the Internet is open to everyone. I strongly encourage midsize and larger organizations to take a look at what is going on there. You can’t just ignore the problem. ”

Saad said: “A few years ago it was certainly large companies, but now even a small law firm with ten employees can be targeted because of the importance of its data. We see a double and even a triple extortion in which attackers get a ransom and then threaten to release data and report the victim to the regulator. “

Demonstrating how CrowdStrike Falcon X Recon exposes potentially malicious activity from the open, deep, and dark web and beyond, Saad demonstrated how the solution collects data and monitors the activity of millions of pages and restricted forums for leaks, fraud, data breaches, phishing campaigns and other cyber threats.

Falcon X Recon collects raw intelligence on a large scale, performs real-time covert investigations and tracks criminal adversaries, giving automatic notifications of suspicious activity. Saad noted that the scale of Dark Web and threat actor activity meant it was important to tailor searches and filter out the noise.


Leave a reply:

Your email address will not be published.