We all know that identity theft is a major concern for all of us. It can cause devastating damage, but have you ever wondered how much cybercriminals pay for that personal information? 

While most of us have heard of or even fallen victim to cybercrimes, it seems that relatively few know the value of the data. Every year, cybercriminals earn billions of dollars by exploiting unassuming internet users and insecure systems and applications. As COVID-19 continues the global shift toward remote work, IntSights researchers have observed an increase in cybercrime activity in dark web forums. Ransomware gangs are selling encrypted company data, fraudsters are conducting account takeovers, hackers are running successful unemployment assistance scams, and credit cards fly off the shelves of online black markets.

Malicious actors have stolen trillions of dollars from unsuspecting consumers every year. It is surprising to know how little it costs them to obtain your credit card information, social security number, and more. According to varied publicly available research, the average victim of fraud or identity theft loses up to an average of $1,600 and spends up to sixty hours trying to resolve the issue. However, all it takes for a malicious actor to obtain that information is an average of $45.

The dark web has a network of forums and multiple markets, just like in the legal economy, to transact on illicit goods and services, driven by supply and demand. Information leveraged for fraud is in demand, including personally identifiable information, payment card data, credentials, access to compromised systems, distributed denial-of-service, forged documents, and compromised access services. 

Recent research from the Kaspersky Lab found that while our identity may not be worth a lot in terms of dollars, it is a significant asset to criminals in other ways. It may be surprising that personally identifiable information may be worth less than $5 to cybercriminals, but hackers can use the information for several malicious purposes. These activities could be leveraging the knowledge for a financial loan, credit applications, fraudulent bank accounts, or even gain access to existing personal accounts. Five dollars may not sound like a windfall, but when you multiply it by millions of records, it quickly adds up. If hackers obtained data on a few million customers, even if they sell only part of the millions of email addresses at five cents a pop, they have just made over a quarter of a million dollars from one hack. For example, health records can sell for upwards of $500 apiece on the dark web; if we extrapolate that out to a few million records, then we can see the windfall that awaits.

So how do organisations and individuals protect that information? Some of the key ways they can do that are: 

  • Manage Account Access – Preventing an attacker from getting access to any account containing or giving access to personal information is vital. Enforce password policies like complexity and length; ensure multi-factor authentication is enabled and enforced. This will make it harder for malicious actors to break into multiple accounts with similar passwords.
  • User awareness and training – We know through varied research that the most common way criminals steal data is via spear-phishing campaigns. If a phishing attack is successful, the malicious attacker gets data dumps that contain a combination of emails and passwords. With many people using the same password for several accounts, attackers might use this information to access accounts on other platforms.  Ensure users know how to identify malicious emails and links, and ensure they delete and report such communications
  • Invest in the right Technology tools – A combination of people, process, and technology are critical to building a preventative and proactive cybersecurity approach. Some of the vital step’s organisations can take to achieve that include:
    • Continuous monitoring of assets
    • Integrate actionable intelligence into the ecosystem
    • Automation of remediation activities, where feasible, such as automatic credential lockdowns when credentials are exposed; this allows security teams to remediate threats before they become cyberattacks

CT Cyber believes that cybersecurity should be adopted in a multi-layered approach, ensuring a robust integrated alignment between People, Process and Technology, intertwined with Principles, Risk and Controls across the environment. A multi-layered approach also ensures that cybersecurity does not consider either one of them in isolation; if one is unsecured, the entire system is vulnerable. Implementing a reasonable degree of cyber protection requires several elements to be threaded together to allow a holistic approach. At CT Cyber, we understand that security must cover the entire system, not just individual devices, and it also must be the responsibility of all stakeholders. The CT framework includes four fundamental cybersecurity principles:

  1. Governance: The process of identifying and managing security risks across the organisation
  2. Detect: The process of identifying and detecting cybersecurity events
  3. Protect: The process of implementing adequate security controls to reduce security risks
  4. Respond and Recover: The process of responding to events and incidents to limit the damage