• Kaspersky notes a sharp increase in the number of posts about breaches on dark web forums.
• These breaches, however, tend to be fake and use recycled data or fake databases.
• Despite this, news of these fake hacks can cause serious damage to a business.

At the beginning of the year we covered a few predictions cybersecurity experts made for the 12 months to come and today we have news that at least one of those predictions is coming true.

That prediction was made by Kaspersky which said that cybercriminals would start lying about hacks they accomplished in order to earn clout and cause reputational damage to a company, otherwise known as false hacks.

“Cybercriminal groups are using blog-style communication on dark web platforms where they publish information about their victim organisations and often attempt to blackmail them,” explains Yuliya Novikova, head of Digital Footprint Intelligence at Kaspersky.

“And lesser-known actors in the field are following suit by creating fake leaks. They cause a stir and provoke a reaction from the target, as well as deceiving other cybercriminals in the black market,” the head adds.

Kaspersky’s Digital Footprint Intelligence reports that between 2019 and the middle of 2021 there were an average of 17 posts about social media leaks on the dark web, this year that increased to an average of 65 posts per month.

“It is important to note that these activities are unrelated to a company being compromised or to a real cyber-attack, and do not contain any sensitive private information. Nevertheless, as we can observe, even such activities can influence the media landscape and negatively impact a company’s brand,” Novikova explains.

Bizarrely, discussions about these “hacks” generally circle around reposting an old database as showcased in the image below.

If a database isn’t reused, there is a strong likelihood that the database was compiled using data that was already compromised. This helps the person posting these false hacks they have allegedly performed get a stronger reputation within the community.

For company’s however, this fakery can have awful implications on its reputation even if it’s discovered that the hack isn’t real. It’s important then that businesses factor this into their disaster recovery processes.

It’s also a good idea that businesses engage with experts to investigate potential leaks in a timely manner. This would involve monitoring the dark web for talk of breaches.

“In the era of persistent and constantly evolving cyber threats, data leaks – especially for large businesses, and including fake leaks – are not a matter of ‘if’ but ‘when’ will it occur,” says Novikova.

“Preparation, proactive action and transparency are crucial in dealing with these challenges. So too is the need for swift action, thorough investigation by internal and/or external expert teams, and cooperation with law enforcement to mitigate risks, safeguard a company’s reputation and the trust of its customers, regulators, the media and the general public,” they conclude.

[Image – Annie Spratt on Unsplash]