TechSling's Andy Heikkila recently covered our Fortune 500 index and "[how] nobody is safe from the dangers of the dark web. If Fortune 500 companies are at risk, yours may be too — but how do you tell? And, more importantly, how do you protect yourself?"
Cyberscoop's Patrick O'Neill talks to Andrew Lewman of OWL Cybersecurity about the recent takedown of the darknet's two most popular marketplaces, Hansa and Alphabay.
The two discuss the United States Attorney General's recent comments on the dangers of the darknet, and how his public statements have led to a notable, increased interest by federal and private funders to invest in firms who specialize in darknet (or "dark web") intelligence.
Hewlett Packard and Accenture also rank high on OWL Cybersecurity’s Darknet Index: Black Hat Edition examining the darknet presence of all 283 exhibiting companies
DENVER—(WEBWIRE)—July 26, 2017—OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today released The Darknet Index: Black Hat Edition ranking all 283 Black Hat USA 2017 exhibitors by security threat levels and exposed data on the darknet.
To compile this Index, OWL Cybersecurity ran each Black Hat exhibitor through the OWL Vision database, focusing on specific darknets for matches on each company’s website and email domains. Then, OWL Cybersecurity further adjusted the results based on computations of “hackishness” — a proprietary algorithmic rating system which delivers scores based on the likelihood that data could be used for nefarious intent. OWL Cybersecurity also weighted data based on how recently the data was placed on the darknet, with recent results — from within the last 90 days — given the most weight, as recent breaches or data leaks containing an organization’s proprietary information often are most useful in targeting organizations.
“What matters most is an exhibitor’s ranking as compared to its competition,” said Mark Turnage, CEO of OWL Cybersecurity. “For example, if Symantec, Trend Micro, and Kapersky Lab consider each other competitors, they should assess their footprint scores in relation to one another.”
OWL Cybersecurity recently reranked the Fortune 500 by darknet footprint and security levels, and decided to examine the Black Hat USA 2017 exhibitors to see whether they have a markedly different darknet footprint than other indices. Every company on the Fortune 500 index had a presence on the darknet, whereas only 75 percent of the Black Hat exhibitors did, by far the lowest percentage of positive sample results OWL Cybersecurity tested across multiple groups.
Some key takeaways from the index include:
- Microsoft leads the Black Hat Darknet Index. Microsoft scored higher than the score they registered three months ago when their darknet footprint landed them at #12 on the Fortune 500 Index.
- Hewlett Packard and Accenture are not far behind. OWL Cybersecurity attributes these rankings to the companies’ growing volume of data collected in the OWL Vision platform.
- The U.S. government is exposed. The Department of Homeland Security ranks fourth on the Black Hat Darknet Index, which is surprising given its overall mission. (Next month, OWL Cybersecurity will publish their ranking of the top U.S. government agencies by their presence on the darknet.)
- Top targets are large organizations expanding into cybersecurity. Four of the top 10 ranked companies in the Black Hat Darknet Index are also listed in the Fortune 500 Index. All three of the largest anti-virus firms were in the top 20. While OWL Cybersecurity expects larger, more established companies to have more significant darknet footprints overall, the degree to which these factors determined the top rankings of the Black Hat Darknet Index was surprising.
- Hacked valuable data leads to an increased risk. The highest-scoring companies all had credentials and/or intellectual property, which can be monetized by others, exposed on the darknet. The presence of this type of sensitive information is quite common in the database.
Based on the results of The Darknet Index: Black Hat Edition, it is apparent that investing in cybersecurity has tangible Darknet Index score benefits. While there were exceptions, companies that take information security seriously (like most Black Hat exhibitors), should have smaller darknet footprints and, thus, lower Index ratings.
“Our approach is a key factor in a complete information security program,” said Turnage. “A complete program incorporates the analysis and monitoring of darknet data, allowing organizations to quickly detect security deficiencies and alleviate any damage prior to the misuse of their compromised data.”
The complete Black Hat 2017 Darknet Index will be released for public download at http://www.owlcyber.com/black-hat-2017 on Friday, July 28, but will be available to all Black Hat exhibitors and attendees at OWL Cybersecurity’s booth, 973 in the Business Hall, during the conference, which begins today.
To see the OWL Cybersecurity Darknet Index: Black Hat Edition, please visit us at Black Hat USA 2017 in Booth 973. Otherwise, the report will be available digitally at the below link starting Friday, July 28, 2017.
DENVER—(WEBWIRE)—July 24, 2017— OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today announced members of the company’s technical teams will be presenting at DEFCON 25, the oldest continuously running hacker convention, July 27-July 30 at Caesar’s Palace in Las Vegas.
OWL Cybersecurity members will be presenting a discussion on operational security titled, “From OPSUCK to OPSEXY, an OPSEC Primer” on Friday, July 28 at 1 p.m. PST at DEFCON Skytalks in Caesar’s Palace. The discussion will be led by Justin Whitehead, Steve Pordon and Preston Nelson, all of OWL Cybersecurity, and will focus on first-hand experiences in the information security industry to help people gain a better understanding of threats and how to protect against them.
Whitehead will also be teaching at DEFCON R00tz Asylum with the Drone Wars team at 1 p.m. PST in Caesar’s Palace on Saturday, July 29. Whitehead will teach an introduction to setting up the Raspberry Pi 3 and discuss how the computers can be used in the world of drones. The talk and workstation will offer flight simulators, as well as construction and operation projects using drone build kits, custom 3D-printed designs (you can print your own at the event), Raspberry Pi build kits and drone racing. Attendees will learn about remote camera setup and functions, real flight controllers, simulated flights and drone functions, as well as exciting adaptations. Drone race winners will leave with a custom drone build kit plus remote or a Raspberry Pi.
“We are thrilled to contribute to this con that brings together the best and the brightest of the infosec community for what is, undoubtedly, one of the most anticipated events among colleagues and friends,” said Whitehead. “This is one of the only conferences where we can race drones one second, and then share real-world experiences to help each other become more effective in our work.”
In addition to all the activities, the OWL Cybersecurity research team will unveil their unique Kali Linux distribution and delivery/deployment adaptation at the convention.
DENVER—(WEBWIRE)—July 21, 2017— OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today announced the upcoming release of the Black Hat USA 2017 Darknet Index, ranking all 283 exhibitors by exposed data on the darknet and security threat levels.
The complete Black Hat 2017 Darknet Index will be released for public download on Friday, July 27, but will be available to all Black Hat exhibitors and attendees at OWL Cybersecurity’s booth, 973 in the Business Hall, during the conference. To compile the index, OWL Cybersecurity ran each exhibiting company through its proprietary OWL Vision database, focusing on specific darknets for matches on each company’s website and email domains. OWL Cybersecurity then further adjusted the results based on computations of “hackishness"— a proprietary algorithmic rating system which delivers scores based on the likelihood that data could be used for nefarious intent and how recently the data was made available, with recent breaches or data leaks containing an organization’s proprietary information given the most weight.
Having recently reranked the Fortune 500 on this basis, OWL Cybersecurity examined the Black Hat USA 2017 exhibitors to see whether they have a markedly different darknet footprint than their other indices.
“We are seeing time and again in these indices that the majority of companies and organizations — even those in the cybersecurity space — have a presence on the darknet and therefore are at risk,” said Mark Turnage, CEO of OWL Cybersecurity. “It is critical for organizations to look at the darknet as a key component of a complete information security program.”
Preliminary insights from the index include:
- The Black Hat exhibitors scored better than expected when compared to the largest U.S. companies.
- The government isn’t scoring well. There are a few U.S. government agencies ranking highly in the Black Hat Darknet Index, indicating a larger presence of exposed data on the darknet. OWL Cybersecurity will be releasing a U.S. Government index next month.
- Large organizations expanding into cybersecurity are top targets. Due to the significant amount of sensitive information or intellectual property these organizations possess, and the difficulty securing, cybercriminals increasingly turn to large organizations to commit cybercrime.
Based on the results of OWL Cybersecurity’s Black Hat Darknet Index, it is apparent that the company’s approach is a key factor in a complete information security approach. This tactic also offers a glimpse into the sheer volume of information available on the darknet, confirming that no company or organization is without risk on the darknet — not even cybersecurity organizations. Analyzing and monitoring darknet data is an integral part of a complete cybersecurity program, allowing organizations to quickly detect security gaps and mitigate damage prior to the misuse of their compromised data.
To keep up-to-date with the release of the Black Hat Darknet Index, please visit owlcyber.com/black-hat-2017.
Kelly Hill, journalist with RCR Wireless New, yesterday posted an article about a possible customer data breach at Reliance Jio, India's "fastest growing new [wireless] market entrant." In the article, Kelly also references our Darknet Index.
Brandon Vigliarolo takes a deeper dive into the OWL Cybersecurity Darknet Index, in his new article for TechRepublic. The piece, and its accompanying image gallery, take a look at what the numbers in the Darknet Index mean, the top 10 most darknet-exposed Fortune 500 companies, and how TechRepublic readers can minimize their darknet footprint.
OWL Cybersecurity Vice President Andrew Lewman shared his thoughts on the current state and future of the darknet with Cyberscoop News. As the former Director of the Tor Project, Andrew is uniquely positioned to provide expert commentary on the elusive world of hidden services and the criminal activity that often takes place there.
Read the full article here.
Ben DiPietro, Editor and Reporter, Risk & Compliance Journal, recently posted "a look at some recent surveys and reports dealing with risk and compliance issues." In his survey roundup, DiPietro mentions The OWL Cybersecurity Darknet Index finding that "every company in the 2017 Fortune 500 had data exposed on the darknet."
DENVER--(BUSINESS WIRE)--OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of darknet data, today announced the release of The OWL Cybersecurity Darknet Index: Reranking the Fortune 500 using Darknet Intelligence (DARKINT™), a study that assessed each company in the 2017 Fortune 500 list and ranked each company based on company data exposed on the darknet.
The darknet is a collection of networks on the internet that are purposefully hidden, designed specifically for anonymity. Unlike the surface web (public information available to search engines) and the deep web (online information requiring credentials, like banking sites or paid firewalls), the darknet is only accessible with special tools and software. As a result, the anonymity of the darknet facilitates the exchange of large amounts of stolen and hacked data. The presence of a company’s data on the darknet, and the extent of that presence, is one measure of cybersecurity risk.
To compile the Darknet Index, OWL Cybersecurity ran each member of the 2017 Fortune 500 through the company’s proprietary OWL Vision database and adjusted their results based on computations of “hackishness”— a proprietary algorithmic rating system which scores based on the likelihood that data could be used for nefarious intent and how recently the data was made available, with recent results given the most weight.
“Until now, there hasn’t been an easy way to comprehensively measure a company’s presence on the darknet,” said Mark Turnage, CEO of OWL Cybersecurity. “Using our proprietary database of darknet content, combined with our hackishness algorithm, we are able to provide companies with customized Darknet Index scores that allow them to measure the efficacy of their cybersecurity efforts over time, and how they compare to other companies in similar industries.”
The study revealed that every company on the Fortune 500 is exposed on the darknet. Additional insights from the study include:
- Amazon leads the index. The company with the largest darknet footprint is online retailer Amazon, who has a massive internet presence and possesses significant customer data.
- Technology and telecommunications companies overall are the largest target. Technology and telecommunication firms have the highest Darknet Index scores, indicating that they are the most attractive firms targeted by threat actors.
- Financial firms perform better than expected. Financial firms — frequent targets of hackers — fare better than expected, likely reflecting their focus on significant investment in cybersecurity in recent years.
- Hacked valuable data = Increased risk. The highest scoring companies all had credentials and/or intellectual property exposed on the darknet which can be monetized by others.
- Vigilance pays off. Investing in cybersecurity has tangible Darknet Index score benefits. Sectors which have invested heavily have, in some cases, smaller darknet footprints and, thus, lower Index ratings.
Based on the results of OWL Cybersecurity’s Darknet Index, it is apparent that DARKINT is a key factor in a complete information security approach. This fact also offers a glimpse into the sheer volume of information available on the darknet and confirms that no company or organization is without risk on the darknet. Analyzing and monitoring darknet data as an integral part of a complete cybersecurity program allows organizations to swiftly detect security gaps and mitigate damage prior to the misuse of compromised data.
To read the full study, visit www.owlcyber.com/owl-cybersecurity-darknet-index.
DENVER—(BUSINESS WIRE)—April 19, 2017—OWL Cybersecurity, a Denver-based cybersecurity company offering the world’s largest commercially available database of DARKINT, darknet intelligence, today announced cybersecurity expert and board member Andrew Lewman as Vice President.
Lewman’s extensive background in the information security industry combines nearly 30 years of experience in both the private and public sectors. Lewman previously worked as the Executive Director and CEO of the Tor Project. Lewman also served as a consultant to military and governmental agencies, including the Department of Homeland Security and the Thorn Foundation.
“We are thrilled to add Andrew [Lewman] to our leadership team,” said Mark Turnage, CEO of OWL Cybersecurity. “His extensive experience with the darknet, combined with innovative thinking and vision, will enhance the direction, growth and profitability of our company.”
Before joining OWL Cybersecurity’s Advisory Board in January 2017, Lewman held executive roles at TechTarget and FarSight Security. Lewman’s background has also led to success as an author, with works published by both the European Monitoring Center for Drugs and Drug Addiction and Fordham University Press.
“It is an honor to join OWL Cybersecurity, the leader in darknet threat intelligence,” said Lewman. “My role as Vice President will enable me to help grow the reach of our darknet offerings and our core technologies.”
Lewman is also currently involved with multiple non-governmental organizations, including Emerge, a program working to end domestic violence, and Each One Teach One, an organization that supports women and girls in the workforce.
"Though anyone can gain access to the dark net using Tor software, the illicit and unregulated part of the internet is not for the faint of heart. Being that it’s so unstructured, the dark web is not a place where one can go without knowing exactly what they’re looking for and exactly where to find it.
Just weeks ago at PYMNTS’ Innovation Project, Alison Connolly, director of strategic partnerships at Owl Cybersecurity, shared how the company is creating an opportunity for dark net big data to be harnessed through a commercially available database."
Read the full article here.
OWL Cybersecurity's Rainer Witzgall was recently featured on the German television network ZDF. Click on the image below to see the full video, and start at 21:00 minutes to see the segment on our darknet database, OWL Vision.
DENVER—(BUSINESS WIRE)— OWL Cybersecurity, a Denver-based cybersecurity company offering what it believes to be the world’s largest commercially available database of DARKINT, darknet intelligence, today announced D. Scott George and Steve Bunnell have been named to its Advisory Board.
George brings nearly 30 years of national security, cyber and intelligence experience to the Board. As Deputy Chief of the Central Security Service, National Security Agency, General George helped lead a global enterprise of personnel and technology at the National Security Agency while helping to establish U.S. Cyber Command. George also served as the Director of Intelligence for U.S. Strategic Command, as well as the Commander of The National Air and Space Intelligence Center. George serves as senior adjunct staff with RAND Corporation and is currently the CEO and President of IN-Cyber Vision. He serves on the Board at the Academy Research and Development Institute, supporting the U.S. Air Force Academy.
Bunnell is currently a Partner at the law firm O’Melveny & Myers LLP, where he has worked for a decade on cybersecurity, data privacy and government enforcement matters. Bunnell was formerly General Counsel to the U.S. Department of Homeland Security, where he gained critical senior government experience advising on high-stakes criminal, civil and regulatory enforcement matters. Previously, he served 17 years as a federal prosecutor in the U.S. Department of Justice. Bunnell received his undergraduate degree from Yale University and graduated with distinction from Stanford Law School.
OWL Cybersecurity, based in Denver, provides what it believes to be the world’s largest database of DARKINT, darknet intelligence, and the tools and services to efficiently find hacked, leaked or compromised data. The proprietary OWL Vision platform automatically, anonymously and continuously collects, indexes and ranks dark net data, speeding the discovery of compromised information and empowering organizations to detect security gaps and mitigate damage. Complementing the OWL Vision platform is a range of comprehensive security services including assessment and penetration testing, incident response and forensics, architectural review, training, code review, risk assessment, gap analysis, and roadmap development and policy, procedure, and control (PPC) review. For more information, please visit www.owlcyber.com.
Non-profit innovation Research and Development lab "CableLabs" recently hosted a panel about the darknet (or "dark web") at their 2017 Winter Conference. For their panel, they brought in "subject matter experts from across the industry," including OWL Cybersecurity Board of Directors member, Andrew Lewman. Watch the full interview wth Andrew below and read the full article from CableLabs here.