<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

Deep Web Monitoring and the Future of Data Breach Detection

Greg Mooney| February 01 2017

| security

If you're like me and have a knack for cyber security trends, you will find yourself having many sleepless nights. Our lives and data is are the internet for the taking and the weakest link in finding compromised data is knowing it's been compromised in the first place. On a personal level, it's a frightening ordeal to say the least. On a business level, it could make or break your company if sensitive data is compromised in a data breach.

There are plenty of solutions out there that will monitor your network and help with perimeter defenses for personal use and business networks. However, even the most secure companies can find themselves falling victim to a cyber attack. The scariest part of this is that data can be compromised without anyone except for the cyber criminal knowing it.

Hackers are continuously finding ways to hide their tracks. Vast amount of data breaches happen every day that go unnoticed, because hackers understand how to grab large amounts of data without triggering any alerts on suspicious activity. Even log files can be altered, sparking the emergence of tamper evident logging.

How can we possibly understand the magnitude of unnoticed data breaches if they are "unnoticed"? It's quite the conundrum. But it does not mean it doesn't happen. Consider the fact that the Yahoo breach (one of the largest cyber attacks in history) took almost 2 years to unfold. Additionally, many breaches take more than 6 months to uncover. It's because hackers are good at hiding their tracks and businesses usually don't know they've been breached until an outside source, such as a credit agency, brings it to a businesses' attention.

What is Deep Web Monitoring?

This is why deep web monitoring has been emerging as a new type of solution for IT security teams. Deep web monitoring (or dark web monitoring) isn't your mom and pop's identity protection services. Those services simply alert you when your PII (personal identifiable information) has been compromised in a "known" data breach. What about all the other breaches that go unnoticed? That's where deep web monitoring comes into play.

So what is deep web monitoring exactly? It's actually just like network monitoring, but instead of monitoring your network traffic and taking an outside-in approach to security, deep web monitoring is a type of solution that searches the deepest crevasses of the dark web (an inside-out approach) for data that has been compromised. There are some caveats in current deep web monitoring solutions since it is a solution still in its infancy. For example, just because a certain data set is found on the dark web that is redundant to data that you are safeguarding doesn't necessarily mean that data was compromised from your business.

Ian’s Research states, “This is currently an under-served space by vendors because it’s a relatively new concern. Even many progressive, forward-leaning organizations have not yet focused on this issue, although some are starting to acknowledge it. Since there’s not much out there in terms of products and services, security organizations are having to cobble together a few different strategies to address this.”

Marking Data to Detect Illegal Activity

To increase the effectiveness of a deep web monitoring solution, IT security teams have actually placed a certain amount fake PII on their business networks. It's similar to how police will mark dollar bills in order to catch mobsters and drug dealers conducting illegal activity. IT teams will deploy a specified amount of fake data in their systems in case a data breach happens to occur without notice. Then they can try to trace that fake data using deep web monitoring solutions. That fake data is essentially a "marked bill" that if found on the deep web, proves that a breach has actually occurred.

Related Article: Data Theft? On the Internet, No Train Is Too Long to Rob

Since this type of security solution requires scouring the dark web and processing a vast amount of data, automation and eventually AI will have to play a much bigger role in the deep web monitoring business. Only time can tell when this becomes a mainstream form of data breach detection. But we live in a world where our data is constantly under attack. Obviously plugging the holes in your network and increasing perimeter defense will help, but deep web monitoring may be the progression in detecting a data breach.

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Greg Mooney

Greg is a technologist and data geek with over 10 years in tech. He has worked in a variety of industries as an IT manager and software tester. Greg is an avid writer on everything IT related, from cyber security to troubleshooting.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.