A new service tracking the online distribution of sensitive personal information may not always be able to stop fraudsters from distributing sensitive data, but it is still customers’ best chance of knowing what’s been done with their leaked information, Pure Hacking’s chief operating officer has asserted.
The company’s Black Ops managed security service – which grew out of work the company had done for an Australian bank and debuted this week after 18 months of development and tweaking – finds the security pen-testing firm hunting down data that has been exfiltrated from company networks and distributed through online hacker forums.
Credit cards, phone numbers, confidential documents and other types of content can often be dug up from a broad range of places online – where it is often bundled into packages and offered for sale by unscrupulous cybercriminals. Carefully constructed, secretive areas like Darknet and the TOR-based Silk Road service attract all manner of trade in valuable commodities including illicitly obtained information.
Black Ops was designed to trace particular content through a range of such services – including hacker forums, document repositories, search engines, and other locations – allowing content owners to see what information is being used, and how. A list of stolen customer credit card numbers, for example, or documents containing the names of key company executives would be the kind of information to raise flags with the service.
COO David Muscat was quick to dismiss suggestions that the Black Ops was a glorified Google Alerts service, noting that the Pure Hacking offering already monitors around two dozen different data sources.
“If you rely on Google alone, you’ll miss a lot,” he told CSO Australia. “Google does not index all of the data that’s out there; a lot of it is behind closed doors. We’ve been working on our technology quite a while, and have developed ways to get into those areas that Google doesn’t – and we’re continually finding new sources of data that we are adding to the service.”
One beta-testing client, Muscat said, had become aware that it was being compromised periodically thanks to kit-generated malware that had snuck past its defences; use of the Black Ops service helped track down the stolen data and “eradicate every incidence of it”.
Results may vary: while Pure Hacking will contact the owners of sites carrying infringing data and try to negotiate its removal, Muscat concedes this can be easier said than done – and that sometimes, stamping out data theft can be more like a game of whack-a-mole than shooting fish in a barrel.
However, even in cases where content hosts refuse to remove content, or distribute it widely, Black Ops will follow its spread with regular reports allowing customers to moderate their exposure by keeping an eye on their data.
“At the end of the day,” he said, “if someone truly wants to leak data out onto the Web, they will. It’s that particular threat we’re trying to stomp out, and we’re hoping to stay ahead of the curve. While it doesn’t stop attacks, it does give clients a good sense of comfort knowing that if data does get leaked out there, we can find it.”