Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

How Deep & Dark Web Intelligence Supports Merger and Acquisition Due Diligence

The Deep & Dark Web remains most familiar to cybersecurity and IT teams, yet its relevancy for all business functions across the enterprise cannot be overstated.

The Deep & Dark Web remains most familiar to cybersecurity and IT teams, yet its relevancy for all business functions across the enterprise cannot be overstated. Just as I’ve written previously about how Deep & Dark Web intelligence can bolster executive protection efforts, such intelligence can also benefit the mergers and acquisitions (M&A) due diligence process. 

After all, for an M&A engagement to be truly advantageous, the acquirer must first gain an accurate and comprehensive understanding of the target company’s business risk profile. Extensive due diligence is essential, as any unknowns pertaining to the target company’s finances, reputation, strategy, liabilities, or compliance could hinder the short- and/or long-term success of any merger or acquisition. Given that an abundance of such unknowns exist in the form of threats emerging from the Deep & Dark Web, gaining visibility into these online regions is crucial.

Indeed, Deep & Dark Web intelligence can enable potential acquirers to proactively detect and address a broad spectrum of cyber and physical threats to which target companies may be susceptible, such as:

Insider Threats

While intellectual property (IP) is an integral facet of many M&A engagements, IP can also be particularly vulnerable to insider threats. The high black-market value and ample demand for IP on the Deep & Dark Web means that for malicious insiders with access to valuable company information, selling such access can provide a quick and profitable return. But, without visibility in the forums and marketplaces where IP is bought and sold, insider threats may go undetected until the IP has been compromised and the damage has occurred.

Ransomware

It should come as no surprise that ransomware attacks can cause significant financial and reputational damages across all sectors and business functions. As such, acquirers involved in M&A engagements should seek to identify any security vulnerabilities or other risk factors that could exacerbate a target company’s susceptibility to such an attack. Given the rapid increase in sophisticated, highly-targeted campaigns and “ransomware-for-hire” services emerging from the Deep & Dark Web, it is crucial to gain as much visibility as possible into these threats before they occur.

Fraud

Advertisement. Scroll to continue reading.

Companies targeted by fraud can incur substantial financial and reputational damages that require consideration during an M&A engagement. While fraudsters once relied on lower-level tactics such as carding and ATM skimming, the implementation of stricter anti-fraud measures has ultimately yielded larger-scale, more damaging fraudulent schemes. As most of these schemes develop within the Deep & Dark Web, combatting fraud proactively requires comprehensive without visibility into these closed-access regions of the internet. 

Data Theft

Since many companies store large volumes of customers’ and/or stakeholders’ personally identifiable identifiable information (PII), they can be desirable targets for cybercriminals seeking to steal and monetize PII. But without ample visibility into the Deep & Dark Web marketplaces and forums where criminal schemes are hatched and proprietary information is bought and sold, companies involved in an M&A transaction may struggle to detect and verify cyber indicators of compromise accurately and effectively.

Supply Chain Security 

Given the increasing number of companies opting to outsource their supply chains, supply chain security has become an integral component of the M&A due diligence process. While outsourcing can increase efficiency and lower costs, it often prevents companies from having visibility into the production of their goods. As such, companies may not be aware of flawed manufacturing practices, insufficient quality controls, or other errors that could lead to security vulnerabilities within these goods. Since pre-emptive indicators of supply chain security issues often originate within the Deep & Dark Web, leveraging intelligence derived from these online regions is essential during the M&A due diligence process. 

Hacktivism

Key business developments such as M&A engagements, especially for major brands, may be particularly susceptible to receiving unwanted attention from hacktivists, attention-seekers, and other threat actors motivated by financial, political, or personal gain. Since these actors’ schemes are often conceived and developed within the Deep & Dark Web, security teams without visibility in these online regions may not be aware of all cyber and physical threats to which their organizations and/or employees are susceptible.

It’s important to remember that the M&A due diligence process will rarely be easy, brief, or 100 percent accurate. Although it is virtually impossible to proactively detect each and every threat facing businesses today, leveraging intelligence derived from the Deep & Dark Web can help potential acquirers assess a target company’s risk profile more accurately and effectively. Given that most M&A due diligence teams likely lack the substantial expertise required to access and obtain data from the Deep & Dark Web safely and effectively, they should seek the services of reputable third party vendors to provide support during such initiatives.  

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...