No matter how robust your internal cybersecurity strategy is, your vendors could be putting you at risk. Cyber attackers will always target the most vulnerable part of a supply chain to reach their intended victim. It’s important to perform due diligence on your vendors and actively monitor the Dark Web to ensure that your data is protected.
Third Party Breaches
Within the last year, third party breaches have increased by 78%. Supply chain attacks are easy ways for cybercriminals to access a large amount of data in one swoop and eliminates the need to target multiple sources. Hackers often exploit weak links such as untrained employees and unpatched vulnerabilities.
One of the better known third party breaches of 2020 was the Blackbaud ransomware attack that took place earlier this year. The Blackbaud ransomware attack not only resulted in major loss for Blackbaud but also impacted its customers utilizing the platform including charities, nonprofits, and educators. The increase in third-party data breaches, such as Blackbaud is due to the industrialization of the cybercriminal ecosystem and innovations such as ransomware, which makes cyber crime much more profitable and easier to carry out.
Unfortunately, you may not even know you have been subjected to a third party data breach until you are informed by the supplier or if you are actively monitoring the Dark Web. Most third party breaches result in credentials being sold on the Dark Web. Cyber criminals can purchase a list of these credentials and use them to attempt logins in any platform of their choice (such as Office365). If just one employee’s credentials are active, your entire organization could be vulnerable to attack.
Ways to Prevent Third Party Breach
One of the ways you can prevent loss from third party data breaches is by actively monitoring the Dark Web for your credentials.
On the second day of cybersecurity, Kyber Security gave to me… a Dark Web “credential hit list” for your organization. We will provide a list of stolen credentials for your domain that are currently for sale on the dark web. Simply enter your email address below to access this free offer.
Do Dark Web Credential Hit Lists Prevent Breaches?
This one time “Credential Hit List” is not a solution, it is simply a means of detection. It’s like using a thermometer to take your temperature; the thermometer isn’t curing your fever, it is simply checking to see if you have one. This is only the first step. We don’t only want to alleviate symptoms, we want to make sure there isn’t a serious illness lurking beneath the surface. The end goal is to protect your data and your brand.