A digital identity is information on an entity used by computer systems to represent an external agent, such as a person, organization, application, or device. Often, for convenience, there is one digital identity through multiple communities. However, what makes things easier for people and businesses makes for a valuable commodity for hackers. There are also issues of privacy; while strong identity proofing is essential for some services, for others maintaining anonymity and pseudonymity are equally important.
The treat of digital identities being stolen and sold on the dark web is drawn out from a new report from the cybersecurity firm InSights “Digital Browser Identities: The Hottest New Black Market Good”).
To understand the key trends relating to this emerging cyber threat, Digital Journal spoke with Ariel Ainhoren, Head of Research at IntSights, who provides the main points arising from the report.
DJ: What are the main cyber-risks facing businesses?
Ariel Ainhoren:Businesses should be wary of hackers gaining access to their company portal or services, especially as working remotely becomes more popular. Employees who work from home are more susceptible to identity theft of this sort. Plus, it becomes increasingly challenging for companies to even recognize this type of attack, as everything looks normal and no red flags are being raised.
DJ: Where are these risks coming from?
Ainhoren: The harvesting of personal information needed for identity theft can only be performed by specialized malware that has the capability to extract the technical details needed. This specialized malware is also referred to as a stealer.
The initial compromise can be performed by spam email, phishing sites or spear phishing attacks, or even by methods that do not require user interaction, as known exploits are often incorporated into attacking malware (Azorult for example). The compromise could also be planted in pirated software downloads or planted in cracks for known software or games, compromising any users that download and run them.
DJ: What are the main trends from your recent survey?
Ainhoren: In recent years, the dark web is going through an industrialization trend in which technically capable hackers build and maintain shops, malware, and attack methods, while low-level hackers or fraudsters become consumers of these tools and services. As fraud prevention systems becomes more prevalent on financial, retail, and other sites, threat actors develop malware to tackle these prevention systems.
This also correlates with recent trends of targeted ransomware attacks. Threat actors understand that any malicious operations against enterprises being performed in bulk are detected and blocked quickly. So, instead of attacking thousands of targets while requesting a small amount from each one, they identify big targets and request large amounts of money.
Read more
In a follow-up article, Ariel Ainhoren provides an overview of the issues surrounding digital browser identities and the new illicit trade in exchanging these data between hackers, plus the strategies that businesses should be adopting to counter-act these risks.