Pure Hacking service follows stolen data to Google and beyond

A new service tracking the online distribution of sensitive personal information may not always be able to stop fraudsters from distributing sensitive data, but it is still customers’ best chance of knowing what’s been done with their leaked information, Pure Hacking’s chief operating officer has asserted.

The company’s Black Ops managed security service – which grew out of work the company had done for an Australian bank and debuted this week after 18 months of development and tweaking – finds the security pen-testing firm hunting down data that has been exfiltrated from company networks and distributed through online hacker forums.

Credit cards, phone numbers, confidential documents and other types of content can often be dug up from a broad range of places online – where it is often bundled into packages and offered for sale by unscrupulous cybercriminals. Carefully constructed, secretive areas like Darknet and the TOR-based Silk Road service attract all manner of trade in valuable commodities including illicitly obtained information.

Black Ops was designed to trace particular content through a range of such services – including hacker forums, document repositories, search engines, and other locations – allowing content owners to see what information is being used, and how. A list of stolen customer credit card numbers, for example, or documents containing the names of key company executives would be the kind of information to raise flags with the service.

COO David Muscat was quick to dismiss suggestions that the Black Ops was a glorified Google Alerts service, noting that the Pure Hacking offering already monitors around two dozen different data sources.

“If you rely on Google alone, you’ll miss a lot,” he told CSO Australia. “Google does not index all of the data that’s out there; a lot of it is behind closed doors. We’ve been working on our technology quite a while, and have developed ways to get into those areas that Google doesn’t – and we’re continually finding new sources of data that we are adding to the service.”

One beta-testing client, Muscat said, had become aware that it was being compromised periodically thanks to kit-generated malware that had snuck past its defences; use of the Black Ops service helped track down the stolen data and “eradicate every incidence of it”.

Results may vary: while Pure Hacking will contact the owners of sites carrying infringing data and try to negotiate its removal, Muscat concedes this can be easier said than done – and that sometimes, stamping out data theft can be more like a game of whack-a-mole than shooting fish in a barrel.

However, even in cases where content hosts refuse to remove content, or distribute it widely, Black Ops will follow its spread with regular reports allowing customers to moderate their exposure by keeping an eye on their data.

“At the end of the day,” he said, “if someone truly wants to leak data out onto the Web, they will. It’s that particular threat we’re trying to stomp out, and we’re hoping to stay ahead of the curve. While it doesn’t stop attacks, it does give clients a good sense of comfort knowing that if data does get leaked out there, we can find it.”

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags Pure Hackingdata securityGoogle

More about CSOGooglePurePure Hacking

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place