HHP – Hackers Hack People

People Do Stupid Things. Re-use passwords. Share private photos. Email confidential documents unencrypted. Send state secrets on WhatsApp. What?? Yup. Have military planning conversations on insecure phone lines. No way!! Yup.

How can Darkweb Monitoring help you avoid catastrophic security breaches like Germany’s?

Observing Human Behavior Patterns will help you reduce the risk of embarrassing leaks, ransomware attacks and compromised data, but only if you can capture and recognize them.

Pattern Recognition is nature’s way of helping us survive, but unlike animals we humans let social conditioning, convention, “good manners” and projection reduce the effectiveness of our instinct for survival.

“Why projection?” you ask. “Isn’t projection when someone with bad intent or malicious motives “projects” those bad things onto good people?” And you’d be right. But, for an organization, the bigger risk is good people projecting their good intentions and rule-abiding nature onto other people. Trust but verify is not always a good plan, but it beats blind trust!

Cyber Threat Intelligence solutions like Kaduu CTI give CISOs the whole picture, not just leaked passwords. It gives cyber security and HR professionals a 360º view of threats from bad actors who seek out and exploit organizational systemic and human weaknesses.

Pattern Recognition comes into play because people are prone to certain types of behavior. There is immense social conditioning pressure to ignore or understate these patterns, even when the evidence is there, in hard numbers and your daily life.

“Who you gonna believe – the talking head on TV, or your lying eyes?”

It’s that social conditioning and projection kicking in, see? So stop over-thinking. Stop projecting your Boy Scout or Head Prefect morality onto everyone else: check out the numbers. If everyone is squeaky-clean, you’ll be relieved and perhaps complacent. If they are maybe a bit, ahem, “smudged” with a big footprint in the darknet, you can help them clean up their acts – or at least, not be surprised when they let you down.

“Loose Lips Sink Ships!”, “Keep Mum!” and “Walls Have Ears”
Obviously, we’d expect senior military officers to lead by example, but complacency is usually a problem with the top brass in most militaries. They are used to being obeyed, getting their own way and generally being right, even when they are wrong. Here’s one hat that might fit…

The Germans also talked about the French, British and American having boots on the ground, which brings us to 3rd Party Risk. Everyone is a 3rd Party to someone, and it is very hard to limit you exposure to 3rd party cybersecurity risk. You are outsourcing your cybersecurity to others and whilst you can hopefully mitigate internal risk (from your own people and systems exposures), the best you can hope for with your 3rd parties is that they are better at cybersecurity than you!

Some darknet and deepweb cti tools limit the number of domains or people that you can monitor. However, with an unlimited solution such as Kaduu, MSSPs and corporate or government users can monitor multiple clients, partners, associates and their staff.

Video here: https://hackersdontwearhoodies.com/2024/03/03/how-often-have-the-been-tapped/