Using the Dark Web for Pre-Attack Intelligence

Download the report

A cyberattack doesn’t start on the network. it starts weeks, months or even years before as threat actors do their due diligence on their target, plan their path of attack, coordinate their efforts, and purchase the tools, credentials or access they need to execute their operations.

This reconnaissance activity largely takes place on the deep and dark web, where threat actors believe they can act with impunity, out of reach of cybersecurity teams and law enforcement.

Dark web intelligence is organizations’ best chance to undermine this reconnaissance activity, to arm security teams with the adversarial knowledge they need to pre-empt and prevent attacks, and reduce the impact and cost of cybercrime to their business.

This report uses real deep and dark web intelligence from infamous cybersecurity incidents – including the NotPetya/Maersk attack, the Kronos attack, and the Kaseya supply chain attack – to demonstrate the red flags that could help organizations to stop attackers before they breach the network.

It also explains in depth where dark web intelligence fits into the pre-attack phase of the MITRE ATT&CK Enterprise Matrix, in the tactics of “Reconnaissance” and “Resource Development”, which have historically been seen as difficult to detect using traditional cybersecurity solutions.

Download this report to learn about:

  • How dark web intelligence can help your security team prioritize the most imminent threats and streamline resources.
  • The dark web presence of some of the most notorious cybercriminal gangs (including LAPSUS$ and DarkSide)
  • How dark web intelligence fits into the pre-attack phase of MITRE ATT&CK framework.