Ransomware Help for MSSPs
The Ransomware Search and Insights enhancement is intended to help managed security service providers (MSSPs), organizations and law enforcement to investigate, track, and gather intelligence on live ransomware activity. Dark web monitoring is emerging as one of the fastest growing offerings among MSSPs, Searchlight said. The idea is to help customers stay abreast of ransomware hackers’ moves and to anticipate what’s possibly coming.The tool integrates with MSSPs offerings and can deliver easy-to-digest overviews of ransomware activity to customers, or action intelligence internally to protect their client base from emerging threats, according to Searchlight.Greater Insights on Ransomware Groups
Enterprises will also benefit from the tool by observing the victims of threat actors, posts on leak sites, and track known group members all in one place. Organizations can also identify which ransomware groups are targeting organizations that match their profile (e.g. industry, geography, business size). The can then tailor their defenses with a better understanding of which group is most likely to attack them.As Dr. Gareth Owenson, Searchlight’s co-founder and chief technology officer, explained:"Although ransomware has been one of the most pressing threats for several years, it still remains persistent because security teams and law enforcement agencies have been on the back foot, playing catch-up with the ever-changing tactics and profiles of ransomware groups. With visibility into the dark web presence of active ransomware threat actors, analysts can better understand how they are currently operating, therefore gaining a critical advantage over groups.”