Australian IT security firm Pure Hacking has unveiled a new service to alert clients to their stolen private information being published on the internet. With commercial data breaches on the increase, Pure Hacking believe their Black Ops software is a world leader that will also try to remove the stolen data from public view.
The software searches not only the surface web for stolen data but also other parts not indexed by Google.
“I think that Google would only be able to index potentially about 10 per cent of the content available out on the internet,” said Pure Hacking chief operating officer David Muscat.
Black Ops, which has been almost 18 months in the making, “is able to go much deeper, indexing data sources not seen by Google” he said.
“I am quite confident that we’d be covering about 60 to 70 per cent plus of the content that’s out there so far. We’re trying to bump that figure up by continuous development.”
James Turner, a security analyst at IBRS, said as data breaches grew there would be a need for something like Black Ops.
“I think there’s definitely going to be an ongoing and probably an increasing need for people to find more ways of identifying whether they’ve had a data breach or not,” he said.
“The interesting thing about this particular service is that it’s not going to prevent a breach, but it’s going to help you deal with one when you’ve identified that you’ve had one.”
Whether companies would adopt the service depended on the “risk maturity and the appetite of the organisation and that understanding of what else can they do to protect their confidential and sensitive information”, he said.
The technology works primarily by having logins to underground hacker forums, which are often used to post and sell stolen information. It also trawls Internet Relay Chat (IRC) channels used by hackers and any other sources requested by clients.
“I don’t think it will entirely solve the problem of data breaches [but] I think it will help our clients [to] be a bit more aware when there are data breaches, so it can help them with the impact of those breaches,” Mr Muscat said.
However, the service is not a substitute for lack of security.
“If a site is vulnerable to a hack then it’s not going to stop a website from being hacked and data [being] extracted … and published out there [online].”
The service attempts to remove stolen data by contacting the abuse teams of websites or the site operator and requesting a take down.
Mr Muscat said sites often had rules banning the publication of stolen information, which helped with getting content removed.
“That’s not always going to be 100 per cent effective, as you could imagine,” he said. “Our requests could be blatantly ignored … We concede the fact that the content is not always going to be removed and even if it were to be removed from one particular site there’s nothing to stop either the site operator or the person who published the content from replicating it on a million other sites at the same time. [But] our service does constantly run away in the background. So if it does start appearing on other sites or other forums or anything of that nature we will pick it up.”
He said some site operators claimed they were “unaware” of data being published on their site and removed it.