Stolen data can be disseminated across five continents within days via the dark web, according to new research by data protection firm Bitglass.
The vendor decided to run an experiment designed to provide greater visibility into what happens to data once it is lifted in breaches like those that have affected Target, Home Depot, Sony and others recently.
Bitglass generated several thousand real-looking sets of personal data including names, social security numbers, addresses, phone numbers and credit card details and saved them in an Excel spreadsheet to create the “world’s first A/B test for stolen credit card numbers on the dark web.”
The firm’s watermarking technology then allowed it to track the movement of that data across the shadowy forums and sites of the non-indexed web.
The resulting Where’s Your Data? report found that the data had reached over five countries and three continents in just a few days. Within 12 days it had been viewed over 1000 times in 22 countries on five continents.
The report continued:
“Countries frequently associated with cyber criminal activity, including Russia, China and Brazil, were the most common access points for the identity data. Additionally, time, location, and IP address analysis uncovered a high rate of activity amongst two groups of similar viewers, indicating the possibility of two cyber crime syndicates, one operating within Nigeria and the other in Russia.”
The top country for viewing the data was the United States followed, interestingly, by Belgium. Brazil, Nigeria and Hong Kong rounded out the top five, with the UK in eighth place.
The report speculates that stolen data has the capacity to disseminate even further given that it takes 205 days on average before a breach is discovered by the affected organization.
Bitglass said the key to limiting the damage that comes from such breaches is the ability to track and identify data as it leaves the corporate network.
Charles Sweeney, CEO of web security firm Bloxx, told Infosecurity that the research proves how effective the dark web is at distributing stolen data.
“The complex mixture of devices, networks, applications and services many organizations now deploy and the rapidly shifting nature of security threats make it virtually impossible for companies to be 100% secure, 100% of the time,” he added.
“Companies need to proactively identify and lock down security blind spots, ensure consistent education programs for staff and make sure they are doing the basics to minimize the risks of data being lost or stolen.”