Cyber dangers are evolving, posing new problems for worldwide businesses. According to Kaspersky, an evolving threat environment exists in which fraudsters not only commit real data breaches but also fabricate data leaks. Even if the data leak is found to be fake, this strategy has serious consequences for affected organizations’ reputations.
“Cybercriminal groups are using blog-style communication on dark web platforms to publish information about their victim organizations and frequently attempt to blackmail them,” says Yuliya Novikova, Kaspersky’s Head of Digital Footprint Intelligence. “Lower-known players in the field are following suit by fabricating fake leaks.” They create a commotion and elicit a response from the victim while also misleading other cybercriminals on the underground market.”
According to Kaspersky Digital Footprint Intelligence, there were an average of 17 posts about social media leaks on the dark web every month between 2019 and mid-2021. This has since climbed to an average of 65 posts every month. According to Kaspersky’s research, many of these communications are likely reposts from the same database.
“It is important to note that these activities have nothing to do with a company being compromised or a real cyber-attack, and they contain no sensitive private information.” Nonetheless, as we can see, even such acts can have an impact on the media environment and harm a company’s brand,” Novikova adds.
According to Novikova, attackers create data leaks in two methods. To begin, they parse databases, taking information from publicly available sources that do not contain sensitive data. Second, they repost old data leaks as new breaches in order to develop a reputation among possible purchasers on underground markets.
“Even if the data is not sensitive or recent, the risk of damage is very real – and can be significant.” The mere reporting of a data leak can damage a company’s reputation, especially if the organization is not prepared to manage the situation correctly, regardless of whether the data leak is manufactured or true. Companies, fortunately, may mitigate the impact with strong crisis management tactics, particularly if they can detect a phony post before it reaches mainstream media.”
In the face of these risks, Kaspersky advocates taking a proactive approach. Businesses should develop thorough incident response procedures that include monitoring the dark web and enlisting the help of cybersecurity specialists to investigate reported data thefts as soon as possible.
“In an era of persistent and constantly evolving cyber threats, data leaks – especially for large businesses, and including fake leaks – are not a matter of ‘if,’ but of ‘when,'” Novikova adds. “In dealing with these challenges, preparation, proactive action, and transparency are critical.” To manage risks and maintain a company’s reputation and the trust of its customers, regulators, the media, and the general public, rapid response, thorough investigation by internal and/or external expert teams, and collaboration with law enforcement are all required.”