According to a recent assessment from cybersecurity experts Kaspersky, many organizations need to be more appallingly prepared for having their critical data leak on the dark web.
According to a Kaspersky study from 2022, the business uncovered sensitive data from 258 corporations globally flowing all over the web after analyzing several leaks and contacting the impacted organizations. The data, which frequently included access to business systems and endpoints, access to compromised accounts, and similar information, was being sold to the highest bidder.
Kaspersky tried to contact these businesses and warn them about the dangers, including fines, monetary losses, and a loss of confidence, particularly for European companies that must abide by the tough GDPR requirements.
Correct Responses
The researchers found that 42% of the organizations had no designated point of contact (POC) for cyber incidents, demonstrating how ill-prepared the industry is. Businesses must respond quickly to such occurrences; if they don’t have a dedicated POC, they waste valuable time.
The idea that their data was being shared with nefarious third parties online was also ignored by more than a quarter (28%) of respondents, while 2% denied having their data accessed and stolen in the first place.
Some firms had some success, so it’s okay, Kaspersky added. According to the researchers, nearly a quarter (22%) responded “appropriately,” taking note of the facts and weighing the risks. Even before Kaspersky was aware of the occurrences, another 6% were.
One of the most common types of cybercrime today is data theft. Before encrypting the systems, ransomware developers nearly always steal the data.
They then demand payment for the decryption key and keep the data off the dark web. Recently, some threat actors even stopped using encryption solutions and instead concentrated only on data theft.
Researchers say it is equally profitable and less expensive because it doesn’t require software upkeep.