After 70 Ukrainian government sites were hit by hackers with suspected ties to Russia, our cyber analysts have run a series of checks to investigate the cyber risks governments are facing on the dark web.
Using our database, we searched for government domains and emails, the type of information cybercriminals will need to prepare an attack. These government related keywords returned dozens of thousands of results, every week.
The top dark and deep web sites and networks we found information related to governments are:
Let’s dive into each and understand the type of threats that can be found on them.
Here you can find one of the most popular credentials-markets on the dark web, the Russian Market. On this marketplace, we found tens of thousands of results only from the past 3 months that offer domain logins of various governments for sale. These login details can help threat actors gain unwanted access to government systems.
Another popular place we found tens of thousands of results from the last 3 months is Telegram. After filtering out general discussions related to governments, it is easy to spot high risk posts. For example, threat actors selling databases, shells (interface that enables remote access to a web server) and PUA configs (potentially unwanted application configurations on a remote computer or servers) belonging to different governments.
On paste sites, we were able to detect different kinds of content including discussions about attacks and guides on attack methods used to hack into systems of government agencies. We also see actors using this platform to post data leaks.
Unsurprisingly, Raidforums, one of the most popular hackers forums, is a platform for a lot of illicit content relating to government cybersecurity intelligence. Some of the most common content we find on it are database leaks, discussions between threat actors, and trade of exploits and methods of attacks. For example:
With more and more cyberattacks hitting at government sites and assets, tracking the dark and deep web spaces becomes key to the national security and stability of every country.
Click to Open Code Editor