Mitigating the Growing Risk of Insider Threats and Leaks
The dark web is home to anonymous online marketplaces, where nefarious goods and services can be purchased, including goods and services infringe on intellectual property rights. It is very common to discover the sale of leaked information, pirated products, trade secrets and breached customer data. In many occurrences, the source of this breach is not a hack but as a result of an insider threat.
With DigitalStakeout Scout, a cyber security analyst of a healthcare company discovers proprietary medical device information (critical, life saving medical devices) on the dark web. The analyst acted immediately alerting development and production teams to the information leak. Recognizing the negative financial impact of the medical device information on the dark web, the healthcare company began to investigate the source of the leak and the process to remove the highly sensitive and confidential information.
Monitoring the Dark Web for Mentions of Brand and Assets
Using DigitalStakeout Scout, the security team created monitors to detect any references to the names of its proprietary and confidential medical devices. Nicknames and acronyms for the devices were also monitored. Any detection of these keywords or proprietary identifiers would trigger alerts for immediate review and analysis.
Real-time Alerting Warns of Immediate Risk
Using DigitalStakeout Scout’s Dark Web Monitor, the security team was able to monitor dark web sources 24 x7. Scout’s real-time alerting notified the security team there was a threat detected. A security team was able to begin the process of triaging the incident, forward the discovery to an internal case management system and launch an investigation to identify the source of the leak.
Mitigating the Insider Threat and Improving Controls
The identification of the medical device information on the dark web enabled the company to mitigate a negative financial impact of the the disclosure of such information. The security team also implemented additional data loss prevention controls to prevent highly sensitive and confidential information from being leaked.