Stolen data reaches five continents and 22 countries in 12 days on the Dark Web
14th April 2015
Stolen data can reach over five countries, in three continents in just a few days in the Dark Web, a report by data protection provider Bitglass has found.
Bitglass embarked on a mission to answer the question "where is your data?", by using its data tracking technologies to find out how quickly stolen data is disseminated across the globe on the Dark Web - the part of the internet not indexed by popular search engines such as Google, and estimated to be about 500 times larger than the "normal" internet.
According to the Bitglass report, the security team wrote a tool to generate several thousand names, social security numbers, credit card numbers, addresses, phone numbers and more. The team saved the data to an Excel spreadsheet, creating several versions to see which was the best for click bait.
The files were then downloaded through the Bitglass proxy service, in which a unique watermark was applied to each copy, so that the company could track when the data was viewed and/or downloaded from that point forward.
The firm used a basic "phishing" technique to entice criminals on the Dark Web. The data had been viewed over 200 times in just a few days, and in 12 days it had received more than 1,000 clicks, and had spread across the globe in 22 different countries, in five different continents.
"Countries frequently associated with cyber-criminal activity, including Russia, China and Brazil, were the most common access points for the identity data," the report said. "Additionally, time, location and IP address analysis uncovered a high rate of activity among two groups of similar viewers, indicating the possibility of two cyber-crime syndicates, one operating within Nigeria and the other in Russia."
The 22 countries in which the data was accessed included the US, the UK, France and Germany. The likes of Maldives, Turkey, Hong Kong and Belgium were also on the list.
The report concluded that "there is no limit" to how far sensitive data will travel once it has been stolen.
"Although the level of access after just 12 days was extraordinary; imagine how much further the data would spread in 205 days - which is the average time it takes for enterprises to detect a corporate data breach," it said.