SBN Doxing: A comprehensive threat analysis

Introduction

As IT professionals, we tend to focus on improving the security of devices, networks and other infrastructure. However, in a world where online abuse increasingly spills over into real-world harassment, a new perspective may be required. Perhaps it’s time we began approaching personal security the same way we would for a business: identifying risk factors, minimizing the chance of a breach and developing a response plan in case the worst should happen.

Doxing is one of the most common methods used to silence people online. This is when an individual’s personal information (full name, home address and so on) is deliberately leaked with the intention of making their lives as difficult as possible. There is strong potential for physical harm to the victim (including from follow-up threats like SWATTING), and as a result, it is imperative that we work to address the threat that doxing poses.

Security Awareness

Step 1: Identifying individuals most at risk of doxing

Despite how damaging doxing can be, there’s a notable lack of research on the phenomenon. Perhaps the most empirical study to date is Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing (PDF), in which researchers were able to construct a profile of the typical doxing victim after monitoring the most popular leak-sharing platforms (Pastebin, 4chan and 8chan) for several weeks.

After examining over 4,500 sets of leaked documents, researchers found that the victims were predominantly male (82.2%) and located in the USA (64.5%), with an average age of 21. However, victims ranged from 10–74 years old, so age alone clearly isn’t a reliable indicator of risk. Neither, it seems, is the victim’s occupation, with high-profile hackers, gamers and celebrities accounting for just 16.2% of the collected leaks.

It’s also worth noting that in the majority of doxing incidents (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Paul Bischoff. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/knQscz9ZAO4/