We recently revealed the top three dark web threats facing the finance sector. We’ve recapped four of the key findings from our finance sector webinar in case you missed it.
dark web threats to the finance sector
In our recent webinar, we explored the dark web threats facing the finance sector, expanding on the findings published in our Dark Web Threats Against the Banking Sector report. Throughout the webinar, our team of dark web experts, Jim Simpson, Evan Blair, and Vlad, provided in-depth insights into the research we’ve conducted from 2020 to date using our dark web investigation platform, Cerberus. They highlighted the top three threats facing the finance sector, which were initial access brokers, insider threats, and supply chain risks. Catch the highlights below if you missed it.
#1 Initial Access Brokerage: The #1 dark web threat against the banking sector
Director of Threat Intelligence, Jim Simpson, tells us how we see initial access posts on dark web forums all the time. In this short clip, he talks us through how these posts are structured and how criminals can bid for access in eBay-like auctions on forums including XSS, Exploit, RaidForums, Dread, and Ramp.
#2 Insider threat: Electrician targets finance company on the dark web ⚡
Next, we have a shocking example of insider threat, showing how employees and contractors can abuse their access to undermine the security of the organization from within. Across two separate dark web forum posts, we witness an electrician exploit their access to the server room of one of the biggest banks in their country, as they look to exploit this access for financial gain and brazenly develop their skills to run their own malware attack against the organization.
#3 Supply Chain Risk: The soft underbelly of your cybersecurity
Evan Blair, the General Manager of North America for Searchlight Cyber, pointed out a challenging reality for financial firms. He emphasized that the third most common dark web threat to organizations is supply chain attacks – something Evan referred to as the “soft underbelly” of the organization. These attacks commonly involve techniques such as initial access brokerage and insider threats and can cause huge harm not just to the breached organization, but all its customers too, as was notably demonstrated in the case of the file transfer software MOVEit, which served as an attack vector affecting numerous customers.
#4 Dark web forums and Telegram: The Batman and Robin of Cybercrime
Lastly, Threat Intelligence Analyst, Vlad, gave us a sneak preview of Searchlight Cyber’s three-part blog series on how the instant messaging and communication application, Telegram, with criminals increasingly using the popular messaging app for the sale of illicit goods and services. It’s a growing concern for all industries, especially those in the finance, retail, and telecom sectors. In this short video, we learn how Telegram is being used to advertise and sell phishing pages to steal sensitive information.