The UK From a Cybercriminal’s Perspective

Download the report

The Searchlight Cyber threat intelligence team looks at the UK through the “cybercriminal perspective”

In this report, we share our observations on how UK organizations are targeted on dark web forums, marketplaces, and on communication channels like Telegram.

The UK faces a high-volume of attacks from a diverse range of adversaries. The vast majority of cybercrime is financially motivated, which makes countries with high-income economies such as the UK a target for threat actors. Language is another major consideration and also plays to the UK’s disadvantage, as English is the default language of most computer systems. Geopolitics also has an impact on targeting, as cybercriminals are less likely to be arrested for targeting organizations in “unfriendly” nations.

In this report, we aim to provide an overview of the types of threat we observe against UK entities on the dark web – the part of the internet where cybercriminals routinely conduct their reconnaissance and plan their attacks. This provides a broad overview on the country level to demonstrate how interrogating dark web data can give security teams a better understanding of the threats they are facing.

Download the report to learn about:

  • Initial Access Brokers selling access to UK companies – through targeted auctions on dark web forums.
  • How the UK is targeted by ransomware groups – including the top targeted industries.
  • Hacktivists targeting UK govt. institutions – in response to geo-political events.
  • Common Vulnerabilities and Exposures (CVEs) impacting UK organizations – discussed by cybercriminals on the dark web.
  • Fraud and stolen goods – with criminals selling everything from fake British IDs to stolen cars in the UK.