For IT Managers and CISOs: Can You Explain Your Company's Information Leakage on the Dark Web to Management?

The probability of ransomware damage is proportional to the amount of leaked data on the dark web In recent years, ransomware has evolved beyond mere encryption and ransom demands to a double extortion model, threatening to publish stolen confidential information on the dark web, leading to severe damage for many companies. It is crucial to understand that ransomware itself is merely a “means,” and the attackers' true aim is to steal authentication information and confidential data, then trade and publish it on the dark web. No matter how much internal malware countermeasures are strengthened, if leaked account information and customer data are already circulating on the dark web, attackers will attempt to infiltrate again and again through different routes. Therefore, beyond defending internal networks, continuously understanding “how your company's digital assets are being handled on the dark web” is becoming a prerequisite for ransomware countermeasures.

Superficial security measures that do not consider dark web information and attack methods cannot protect your company's data Many companies tend to focus their attention and budget on “internal” measures such as firewalls and EDR, and in reality, they are unable to continuously grasp what information is being leaked and circulated on the dark web. Without understanding which forums stolen authentication information and confidential data are circulating in, and in what context, it is impossible to evaluate your company's “vulnerability” from an attacker's perspective. As a result, initial intrusions behind ransomware attacks and preparatory actions for future attacks are continuously overlooked, making it impossible to escape the state of “scrambling to respond after damage occurs.” Furthermore, log analysis and vulnerability management within the company alone cannot fully capture risks via supply chains or external contractors, nor the seeds of secondary and tertiary attacks stemming from past incidents.

National defense-grade technology for the private sector. Achieving comprehensive preemptive response from the initial stage with Interpol-affiliated technology This webinar will explain not just a ransomware countermeasure tool, but also the mindset and procedures for visualizing “what information is circulating on the dark web and how it can be linked to attack methods and intrusion routes,” and for prioritizing responses. Specifically, starting from the detection results of leaked accounts, confidential documents, and customer data, we will present methods for organizing information to connect to the next actions, such as linking with incident response teams, assessing the scope of impact, and additional checks of related systems. We will convey how to proactively deal with dark web data leakage, which is the preceding stage of “ransomware attacks,” without being solely focused on the outcome. Furthermore, we will introduce an approach that utilizes QUAXAR, backed by internationally recognized technology that has also been decided for Interpol's participation, to support everything from visualizing leaked and circulating information related to your company, to prioritization, and organizing the necessary explanations for relevant departments and management. We will demonstrate practical points for comprehensive preemptive action before damage occurs.

Organizers/Co-organizers S2W Inc. TechnoPro Co., Ltd.

Collaborators Open Source Utilization Research Institute Co., Ltd. Majisemi Co., Ltd.