Telecom Breaches Highlight Growing Dark Web Threats
Infiltrations by the “Salt Typhoon” group into major U.S. telecom networks—including Verizon, AT&T, and Viasat—underscore the national security risks posed by dark web exposure. The breaches, spanning 2023 and 2024, allowed attackers to access highly sensitive data like real-time phone calls and geolocation logs. While some firms, such as Viasat, confirmed limited impact, the broader concern centers on how such data could be exploited for espionage. Experts warn that the dark web offers early signals of attacks—if organizations know where to look.
A key vulnerability lies in third-party credentials. With the average company now managing hundreds of external partnerships, visibility into external access is limited. Also, most third-party credentials aren’t tracked or revoked after contracts end, creating major gaps. Attackers capitalize on these gaps through phishing, credential stuffing, and the reuse of stolen logins across platforms. IBM and Verizon both report that most breaches are discovered externally, often by the attackers themselves, not the targeted companies.
As if that weren’t enough, unmanaged devices further compound the issue. Employees and contractors increasingly use personal laptops or unsecured systems, bypassing corporate antivirus, VPNs, and endpoint protection. Microsoft reports that up to 90% of ransomware attacks stem from these devices. To defend against such risks, security teams must pair endpoint protection and user education with automated dark web scanning. The earlier teams detect exposed data or leaked credentials, the better their chances of mounting a timely response.
Bilodeau, Olivier. 2025. “What Security Teams Can Do Now to Turn Dark Web Exposure into Early Warning Signals.” The Fast Mode. July 17.
READ: https://bit.ly/4nXgoR3
