Cyber Intelligence House (formerly Kinkayo) is a leading Singapore-based independent cyber intelligence company specialising in the detection and monitoring of cyber exposure from the darkweb, deepweb and data breaches. It aims to arm organisations and individuals with capabilities to detect and respond to digital data exposure threats in today’s rapidly evolving cyberthreat landscape.
In this digitalized world we live in, data is the new currency and driver for all businesses. This change in business landscape presents new risks and threats to be remediated. We provide tools for individuals, companies, governments and law enforcement to discover their exposure and mitigate the risks identified. We publish Cyber Exposure Index which is the first step in this remediation and mitigation process by identifying existing threats and making them transparent.
We have witnessed that exposure affects us all in many different ways. For example leaked passwords from third party site may lead to compromised systems in another company as up to 80% of people will reuse their password as is. Or being a company on a target list will lead to almost 100% certainty to web application attacks and DDOS attacks.
Common exposure types:
Sensitive information is typically regulated by laws and policies and should never be stored on your computer’s hard drive, on a portable device, or sent via email without proper authorization. Typical sensitive information consists of internal emails, discussions and confidential matters, such as business plans.
Exposed credentials are usernames, passwords, and their combinations, tokens or other identifiers that enable access to restricted systems. Exposed credentials are the most popular way by which hackers gain access to a system due to password reuse attacks this information can come from breached systems.
Hacker group targeting
Hacker groups such as Anonymous are loosely associated international networks of activists and hacktivists. They organize attack campaigns that begin with a published manifesto, a statement explaining the reason for the attack, followed by target lists and communications about performing the attack.
External data breach
Risk of data breach in supply chain, partners and 3rd parties
Risk of IPR violations and loss of revenue
Financial theft and fraud risks
Personally identifiable information
Risk of identity theft and fraud
Internal data breach
Indicates a breach in company's own internal systems