Has Your Company Data Been Compromised?

You might believe that your information assets are secure and your company’s security systems are keeping things safe, but how do you really know? While large scale financial services companies and other major corporations have the resources, highly trained technical staffs, and custom tools to monitor for and identify leaked data, most businesses do not. Companies with the resources are constantly scouring the internet, deep web and dark web for any indications that sensitive information has been exposed.

Now you might think, who wants my information or why would anyone target my company? It depends on an attacker’s motivation, or maybe its just a blind scan looking for vulnerable hosts by a potential hacker. If you become compromised perhaps access to your environment might be sold and your infrastructure used to email malware or house stolen data. Maybe your email credentials are compromised and someone is illicitly reading confidential communications. Whatever the outcome, certainly at a minimum, your business reputation is at risk.

Many companies that are compromised typically find out long after the initial occurrence, with time spans perhaps extending months into years. Typically breaches are not found by the company itself. Many times law enforcement or other 3rd party sources may advise a compromised organization of the unfortunate situation. 

There are organizations that take extensive proactive approaches to managing information security through the use of firewalls, intrusion detection systems and monitoring software, while also investing in various technical assessments, the approach does not take into account how to detect information that may have quietly been leaked to the internet in an isolated event or ongoing.

While building robust defensive measures have improved security for many corporations and helped protect many companies from network attacks it does not account for other sources of compromise such as theft of login credentials or compromise of a 3rd party service provider’s network connected to the company’s environment. In such instances data flows may likely be flagged as normal traffic and not detected by security management systems. In these instances companies may leak sensitive information over an extended period of time.

You may still believe that data breaches don’t apply to your company, but they do.  Unfortunately many employees may use the same email address, (name@yourcompany.com), and password for sites they access in their personal lives. A compromise of a third party site used for cooking recipes may lead to a credential compromise at your company, followed by a potential loss of sensitive company data. Maybe third party service providers that work with your company’s sensitive data may expose this information through a compromise of their own infrastructure, leading to your sensitive company information being for sale on the Internet. The point is if your information has been leaked to hacker websites, regardless of the manner in which this occurred, you really should care to know.

There are an emerging set of tools that gather information in realtime, not by directly scanning a company’s infrastructure but from querying public records and other illicit sources. These relatively new commercial offerings scan internet records, the deep web, and dark web to identify what is known that may be exploited or company data that may be for sale. This may include login credentials, proprietary data, compromised servers, client sensitive information, vulnerable hosts, or other assets. Employed ongoing, such tools can provide proactive alerting to enable a company to understand potential issues and develop realtime response strategies to protect the company and its reputation.

Network Management Solutions has been helping business navigate technology challenges since 1996. If you are concerned about what company data might be readily available on the dark web, please contact us for a free, confidential discussion. We can be reached at 908-232-0100 or on the web at www.nmscorp.com