4iQ is a Silicon Valley cybersecurity company that tracks the use of stolen personal identities by scouring the hidden corners of the Internet. The company is part of an emerging breed of security startups that assume enterprises and individuals won’t be able to prevent all hacks. Instead, they focus on what happens after data is stolen in order to limit the damage.
“There is a lot of information that is being extracted about people,” says 4iQ CEO Monica Pal. “And it’s being split into many, many pieces in the deep and dark Web.”
As more corporate and personal info becomes digitized, headline-grabbing hacks are growing in size and frequency. In just the last few weeks, Delta announced that hackers had gained access to customers’ credit card information via a third-party chat app it uses. Excellus BlueCross BlueShield announced that about 10 million of its patients had records hacked, including financial information and social security numbers.
Making this all the more chilling is that hackers aren’t just using this information to gain one-time access to a company or an account. Instead, they are compiling a treasure trove of databases that match information gained from different breaches to give them frighteningly complete pictures of the digital profiles of both people and companies. For instance, Facebook said last week that some hackers used personal information they found on the dark Web to search the social networking site to find even more personal data connected to various email addresses and phone numbers.
This is where 4iQ focuses its efforts. The company partners with companies that provide identity theft protection or identity management to their customers. 4iQ hunts through forums, chats, and websites that are part of the dark Web, a kind of hidden corner on the Internet that is not typically indexed by search engines thanks to a variety of tools hackers use to mask location and identity. Within this realm, a huge marketplace has developed for the buying and selling of large data sets amassed from breaches.
For example, 4iQ discovered last December a 41GB file available online that was essentially a database of 1.4 million digital credentials such as user IDs and passwords. Rather than being the result of a single breach, this particular dataset was created from a wide range of other hacks and compiled by mixing and matching other nuggets of personal information.
4iQ says it has indexed more than 100 million documents that were stolen during over 100,000 breaches. The company analyzes this information, verifies whether the credentials are genuine and then sends an alert via its identity threat platform. Partners that sign up for this service plug into 4iQ’s API, which then allows the partners’ clients to receive notices that their personal data is available on the dark Web.
“If it’s out there, that means bad actors have it and they’re going to use it to get into accounts or open new accounts to commit fraud,” Pal says.
4iQ , which has raised $14 million in venture capital, was founded in 2016 by Spanish developer Julio Casal, a well-known figure in the security community for his role in starting AlienVault, another successful security company. Casal saw a shift in tactics by hackers in terms of how they were using the data that had been stolen and how aggressive and cunning they had become in accessing corporate and personal networks. In addition, the rise of the Internet of Things and the use of mobile devices for work have made the surface area of attack so massive it was going to be nearly impossible to build impenetrable security walls around all systems.
“It used to be that a company had infrastructure, and they were protecting that infrastructure,” Pal says. “There was the concept of the perimeter. But what is happening now is that there is no wall, a company’s infrastructure is in the cloud. And it’s not just their cloud. It could be other applications their employees are using. The new perimeter is the individual.”
Since strategies being used by the bad guys are rapidly evolving, startups like 4iQ have to keep adapting as well.
“Just as there are innovators in Silicon Valley and startups around the world, there are innovators on the dark side,” Pal says. “And they’re constantly discovering new ways to access your information. As the attacks change, we’re changing what we’re seeing and what we’re watching to try to stay ahead.”