You’ve been teased! How we bring bad news to customers from the Darknet
The fruits of the poisoned tree
Much of this espionage work results in banal periodic reporting. Once a month, we write and send to the customer a report with an analysis of company-related activities.
Recently, on one of the forums, lists of numbers and models of cars of employees of a well-known company were discussed. This is agreed in advance, but, as a rule, we convey such things in periodic reports.
However, from time to time something dangerous happens and requires a prompt response. For example, the number of references to a company is increasing dramatically. Then we start an urgent search and find out what it is connected with.
Another situation: a message about the sale of the database appears or the director’s certificate leaks. Then we notify the client’s SOC and our forensics team. They begin searching for traces of the incident.
This is a rather harmful job, but not because there is a lot of shock content on the dark web. He rarely appears in the sections of the forums that we monitor. The work is just nervous, like any other related to information security monitoring. Conventionally, at 2 am you are going to sleep, suddenly an alert comes and until six in the morning you pick it urgently
There are also non-standard tasks. So, once the company’s security service became reliably aware that confidential information had been stolen from them. We were asked to report when and where it will surface.
The last time there is more and more work, and it becomes more diverse. You don’t have to be bored. Activity on the dark web correlates with the social and political environment. It is worth escalating any conflict, and all kinds of illegal activities are intensifying around.
It goes to organizations directly or indirectly associated with a particular state or social movement, market leaders and companies that lead an active media life. And sometimes, in order to get under the distribution, it is enough to be in the “wrong” jurisdiction, or accidentally be in the field of view of the villains. So we are unlikely to be out of work soon. The experience of monitoring the dark web, and the information that can be gleaned from this information space, remains valuable.