A new report by the Kaspersky Digital Footprint Intelligence team reveals that several companies around the world are grossly unprepared to deal with darknet data breaches.
The effort, which took place in 2022, tracked dark web posts that provided access to businesses, compromised accounts, and other significant incidents. Kaspersky said it promptly notified victims of these threats.
Read more about a similar leak: The energy industry faces growing dark web cyberthreats
In particular, the company admitted to sending incident reports to 258 companies worldwide. Among the observed global trends, European businesses were most frequently affected, accounting for more than 25% of notifications requiring immediate attention (66 reported incidents).
Notably, incidents involving fake, public, or generic data were not considered for reporting.
In total, this effort revealed that 42% of companies do not have a dedicated point of contact for cyber incidents, 28% express apathy, and 2% deny incidents outright.
Kaspersky said such negligence could lead to penalties, financial losses and loss of credibility, especially in Europe due to strict GDPR regulations.
However, 22% of companies responded appropriately, such as being aware of information and addressing risks, and 6% undertook proactive monitoring and detection, indicating they were aware of incidents in advance.
Yuliya Novikova, head of Digital Footprint Intelligence, expressed concern about the company’s response.
“The findings from our work on corporate responses to data breaches on the darknet are rather disheartening. I felt like I was caught up in a vortex of emotions ranging from denial to helplessness.”
Novikova also emphasized the importance of darknet surveillance as a valuable and accessible source of threat intelligence data.
“This resource enables immediate response to security incidents such as selling access to corporate systems or data breaches, ultimately helping prevent data breaches,” Novikova concluded.
Kaspersky experts recommend keeping your software up to date on all your devices, using the latest threat intelligence information, and more to protect your organization from similar threats.
