How much risk does the Dark Web pose?
A new study finds that contractors supplying a variety of professional services to the federal government face serious risks associated with the Dark Web.
That portion of the internet is where terrorists, criminals and other elements hide their illegal and malicious activities. The Dark Web allows bad actors to launch attacks on other systems, buy private information such as Social Security numbers and other credentials, and conduct other malicious activities including espionage.
The study by ID Agent looks at seven areas in the federal government’s supply chain: advertising and marketing, engineering, environmental, financial and accounting, IT, logistics and management consulting.
The federal government spends more than $179 billion in these areas annually, according to the report, “Federal Supply Chain Analysis.”
In the interest of full-disclosure, the sponsor of the study, ID Agent, also sells a product to help companies combat the risks they face from their information being on the Dark Web, but that shouldn’t discount their findings.
For the study, the group looked for publish credentials such as email accounts that were found on the Dark Web and belonged to companies in one of the seven supply chain sectors. They also used the LEMMA Supply Chain Index, which uses an algorithm to measure an organizations cyber threats and benchmark their risk. The lower your LEMMA score, the lower your risk.
The best LEMMA scores were found in the logistics (36.1) and financial accounting (52.9) sectors. The highest – and most at risk – were in advertising and marketing (238.1) and management consulting (190.8).
IT found itself in the middle with a score of 113.2, followed by environmental with 139.4, and engineering with 144.6.
The report also identifies 10 companies in each sector and gives their LEMMA scores but only as Average, Above Average and High.
In the IT sector, only Accenture was scored as Average risk. The others were either Above Average or High.
For each company, the report gives the number of email accounts identified on the Dark Web and the number of email accounts identified per 1,000 employees.
You can read the entire report here.
Posted by Nick Wakeman on Feb 24, 2016 at 9:26 AM