November 19, 2019 • The Recorded Future Team
These days, any business or individual wishing to make an impact must have a strong online presence. Aspiring artists, shrewd politicians, huge corporations, and startups alike strive to increase revenue, streamline business processes, and raise visibility through outward-facing websites, engagement with social media, and many other online activities. However, maintaining a digital persona also means you’re exposed to serious risk. Thankfully, brand protection is one of the core principles of the security intelligence philosophy.
We recently explored how threat intelligence strengthens an organization’s cybersecurity efforts — from security operations and incident response teams, to third-party risk management. Now, we’ll examine how intelligence can help you pinpoint and remediate risks that put your brand’s reputation on the line — and fuel your journey toward a security intelligence program.
Being Online Means Your Brand Is at Risk
Lady Gaga once famously called social media the “toilet of the internet.” In some ways, she’s not wrong. While social media enables you to boost engagement with key audiences, it also brings unwanted attention from threat actors of all kinds — financially motivated cybercriminals, competitors trying to obtain your secrets, and hacktivists who want to undermine your efforts. Some of them will succeed in capturing proprietary information.
You also have to worry about how threat actors can hijack your brand and counterfeit your web presence to serve their own ends — for example, by creating fraudulent domains to use in phishing attacks or by disseminating false information about your company. A meaningful online presence requires you to think deeply about how to protect your brand from those who want to do you harm.
Follow the Breadcrumbs
Effective threat intelligence solutions constantly monitor the web, including private forums on the dark web, to uncover risks across four major categories:
- Cyberattacks leading to the theft and disclosure of data
- Risks created by issues in the supply chain
- Risk related to actions by employees
- Brand impersonation
This process involves finding and analyzing traces of evidence, similar to a forensics team at a crime scene. Evidence can include customer data, financial accounts, social security numbers, leaked or stolen credentials, Pastebin sites containing your proprietary code, and malicious conversations about your company (or companies like yours) on online forums.
Timely discovery of these “breadcrumbs” of evidence can help security teams take appropriate actions quickly, such as securing the sources of data, fixing vulnerabilities in your infrastructure, improving security controls, and ramping up employee cybersecurity education.
The Evidence You Need to Take Down Brand Impersonation and Abuse
When it comes to brand impersonation and abuse, strong brand protection goes a step further than uncovering evidence to help strengthen your security practices — it also targets and takes down dangerous threat content such as:
- Typosquatting domains
- Domain registrations that include your company or product name or variations
- Hashtags that include your company or product name or variations of them
- Social media accounts purporting to belong to one (or some) of your employees
- Unauthorized mobile apps using your branding
- Forums that mention plans to impersonate your brand
Of course, mitigating digital risk is not simply a matter of finding some isolated piece of stolen data or taking down one typosquatted domain. Somebody, or something, has to carry out the broader work of collecting masses of data, sifting through thousands of data points, analyzing relationships among the data points, deciding priorities, and ultimately, taking action.
That’s where real-time intelligence powered by machine learning comes in to help everyone across cybersecurity functions. With intelligence, teams can better anticipate threats, respond to attacks faster, and make better decisions on how to reduce risk. This is security intelligence — a philosophy that amplifies the effectiveness of security teams and tools by exposing unknown threats, informing better decisions, and driving a common understanding to ultimately accelerate risk reduction across the organization.
Interested in learning more about how threat actors create and distribute disinformation content throughout the internet? Check out our recently released threat research from Insikt Group, “The Price of Influence: Disinformation in the Private Sector.”
Ready to start your security intelligence journey with brand protection? Get the actionable guidance you need in the brand new second edition of our popular book, “The Threat Intelligence Handbook: Moving Toward a Security Intelligence Program.”