Published on: October 16, 2022
SafetyDetectives spoke with Liran Sorani, head of the Cyber Business Unit at Webz.io. He talked about how his company monitors the dark and deep to help prevent cyberattacks, the kind of data leaks Webz.io detects, and tips for staying safe online
Please tell me about Webz.io and your role with the company.
Webz.io is a leading web data provider which collects and structure data from across the open, deep, and dark web, collecting tens of millions of document from web sources. We fuel analytics and intelligence systems with structured and enriched web data. We provide the data feed through an API per vertical. My name is Liran Sorani, and I’m in charge of the Cyber Business Unit at Webz.io. Our cyber data services are both cybercriminal activities and breaches that impose a risk against individuals and organizations.
What is your flagship product?
One of our flagship products is our Dark Web API, also known as our cyber API, which is a robust data feed that includes cybercriminals’ discussions collected from 8 different dark web networks, covering the chatter, trading, and planning of illicit activities, goods, services, techniques, and many IOCs (indicators of compromise) that can help cybersecurity solutions to monitor and prevent cyber attacks.
How do you ensure that the data you’re collecting and storing in repositories isn’t malicious?
We have a private cloud protected with several layers of security, we also process the data in a way that ensures that only text information is indexed.
How does Webz.io overcome the challenges in dark web collection?
During the collection process of dark web sources, we encounter many challenges such as CAPTCHA, IP blocking, or session blocking, by using VPN and proxies, we ensure the data is being collected continuedly with minimal restriction and fingerprinting. Also, our discovery processes are protected by anonymous IPs.
Why, from an online security perspective, do you believe it’s important for individuals and businesses to use a VPN?
VPN anonymizes your network identity in a way that your IP is not exposed as a result, it’s much harder for the website to identify your client moreover to gain relevant intel. In the case of businesses, it’s even more crucial in order to protect and secure business transactions, whether it’s financial or data between organizational sites or even more sensitive repositories access.
What types of data breaches does your system detect, and what would you recommend people do if their data is leaked?
Our system automatically identifies leaks of PII – Personal Identifiable Information, which means the person’s most sensitive data, such as: credit cards, and online account details such as email or amazon accounts.
We map and index breaches in dark web networks so cyber intelligence solutions can help businesses as well as individuals to be aware of any leaks and take any necessary measures to protect against them.
What are some of the worst cyberthreats in the open and dark web that your team found?
Any cyberthreat, small to big, can be connected to bigger leaks or cyber threats, this can happen as a result of connectivity between devices, accounts, and people. This means that every threat, regardless of its size, is potentially dangerous.
But in the sense of impact and damage, we found several major leaks related to secret governmental organizations, we also detected plans of ransomware attacks against large organizations. Because of the sensitivity of the information, we cannot disclose more specific information.
The deep and dark web is full of threats. It is complicated to navigate or identify valid leaks, Webz.io simplifies this process by indexing structured and enriched documents from across these hidden sources to help to monitor solutions and stay ahead of the next threat.