The document discusses the threat of cyber attacks and how conventional security methods are insufficient to identify unknown vulnerabilities. It introduces DarkWeb as both a platform and service that can identify these unknown threats through specialized tools and intelligence techniques. DarkWeb monitors for indications of compromise and exposes vulnerabilities that organizations were previously unaware of, helping to strengthen security. It is presented as an effective and cost-efficient solution to supplement traditional defenses and support incident response.
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The Threat of Unknown Unknowns
1.
2. The Threat
We now accept that the Cyber Risk against companies is significant, the impact of which is evidenced by the attacks,
breaches, and security compromises against some of the biggest brands on the planet.
This is not scaremongering but fact!
Whilst conventional security delivers what is meant to be technological, and procedural security defences to safeguard
assets from attack, it falls short of underpinning the capabilities to discover the unknown unknowns which may [and do]
expose Deployments, Third Parties, Associates, or Assets to the potential of exploitation and compromise.
It is in this capacity where Pre Event, and Post Attack Cyber Intelligence can be of significant benefit to:
• Identify the Unknown Unknowns of risks
• Discover Data Leakage
• Locate opportunities of exposure to Social Engineering
• Find technical exposures at the unknown perimeter of the organisation
• Brand Protection
• Provision granular Alert & Reporting capabilities
• Support Post Attack CSIRT Operations
• Perform Social Media Brand Monitoring
3. Minority Reporting
The DarkWeb Platform & Service supports multiple
Cyber Intelligence capabilities which can represent a
form of Minority Reporting
4. Robust Mitigation
One of the current challenges facing organisations today with engagement of the Cyber Threat is that they are applying the
conventional rules of yesterday to protect against the unconventional vectors of attack in 2015 and onward. In this area
multiples of successful Cyber Attacks and Incursions have been identified as a major component in the compromise.
DarkWeb is both a Platform and a Service which when combined with the conventions of security is proven to vastly
improve the perimeter of defences of any organisation, or high worth individuals, by identifying the currency of the
unknown unknowns by applying multiple specialist applications, techniques, and streaming to support both proactive
[before the event], and reactive [where a Security Incident has occurred] to both defend and mitigate the exposure of
Corporate and Sensitive Assets.
DarkWeb in the proactive posture the Platform will monitor for indications and threats which allow organisations to
leverage the obtained Cyber Intelligence to for purpose of Brand Protection – again by applying a methodology of seeking
out the unknown unknowns and turning then into Defensive Collateral.
DarkWeb is also a major component in a Computer Security Incident Response Team [CSIRT] First Responder Capability
which has been deployed on multiple cases to support both UK, and International engagements to mitigate and manage
Cyber Attacks, and Security Breaches.
DarkWeb has also been proven to be the most cost effective solutions available on the Cyber Intelligence Landscape –
whilst at the same time also proving to be more effective that the expensive competition.
5. Proven Capabilities
To date DarkWeb technology has achieved a 100% success rate with identification of Security Vulnerabilities and Exposures on
deployments which had been utilising the conventional methods of applying security by testing the known knowns, as
opposed to the DarkWeb methodology of locating the unknown unknowns, which can, and do expose Corporate assets
to attack and compromise. The following are some examples of discoveries of what were unknown unknowns which hosting
threats, or which had already suffered compromise by external actors:
Compromised Bank Network: Identification of a major breach in which .com.cn Chinese Servers had attached to the core
switch of the Bank with remote login capabilities.
Exposed Government Agency: An International Sensitive Government Intelligence Agency who was suffering internal
Compromise at a Third Party site through a flawed and insecure DNS configuration.
PCI-DSS Exposed: The secure PCI-DSS Bank who were not aware of the deployment of an Insecure SAMBA Share, or an
Insecure Cloud Service which exposed PCI-DSS Client and Account Data.
Local Authority 1: In this case a Local Authority were considered to be security post multiple sessions of Penetration
Testing, yet were exposing 29 Servers to the Internet which were unknown and vulnerable.
MI5 Data Exposed: Government Agency who released information under FOI – without realising it implicated associations with
the Security Services [thus making other parties a potential Wet Target for Terrorists].
6. The Approach
DarkWeb applies the same rules as would a potential attacker and run multiples bespoke tools, applications, and Cyber
Intelligence Methodologies to identify what we refer to as OoII [Objects of Intelligence Interest].
7. DarkWeb Cyber Alerting
DarkWeb provides customised Cyber Reports obtained from our Cyber Monitoring Capabilities along with applicable
Reports born out of Academic Research to enable the subscribing user base to understand the most current threats,
which in many cases before they are made public.
In this capacity DarkWeb are recognised authority and contribute to major publications, global cyber events and are
in regular consultations with the media and press on the subject of Cyber Security and Research.– we don’t believe in following
the news, we believe in reporting it when it comes to Cyber Threats against Business and the Public.
8. Open Source & Social Media Monitoring
The DarkWeb Platform also provisions the capabilities to monitor against who is saying what about your organisation
which again is a methodology which may be consistently applied, and altered to meet the demands of the engagement
to identify what may represent unknown unknowns which could be, or are exposing your brand and assets.
DarkWeb Acquisition allows us to acquire real-time artifacts, materials, and entire Web Sites of evidential value which may be
used in any subsequent cases, or reports to the authorities.
DarkWeb also supports the capabilities to reverse engineer into any identified Social Media Actors to identify who they are
connected with, or in conversation with.
DarkWeb may be applied to seek out exposed documents, metadata, and other forms of Data Leakage which could be
exposing your organisation to subliminal attacks, or Social Engineering Opportunities.
Our capabilities are proven – our experience is deep – we offer a Platform & Service that can locate the
existing unknown unknowns which are exposing organisations every single day to successful attacks
by Hackers, Cyber Criminals, Casual Criminals, & State Sponsored Crime