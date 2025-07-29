Cybersecurity

Internet

See all Internet

IT

See all IT

Mobile Tech

See all Mobile Tech

Security

See all Security

Technology

See all Technology

Newsletters

See all Newsletters

Dark Web Threats Put Bullseye on US Businesses

A hacker on the dark web targeting the U.S.

When it comes to threats from the dark web, the U.S. is a prime target.

A new report by threat intelligence company SOCRadar found that more than four out of five (82%) threats from the dark web aimed at North America targeted the United States over the last 12 months. “The high percentage in the United States suggests a larger digital footprint and more attractive targets,” the report noted.

The 26-page report also found that Uncle Sam is a popular target for ransomware extortionists, with 88% of those attacks aimed at U.S.-based organizations. “High-value businesses, extensive digital networks, and larger financial opportunities likely attract attackers to the U.S. market,” it reasoned.

While Canada (9.7%) and Mexico (1.8%) were targeted substantially less, the report warned, “All countries must stay vigilant and actively strengthen cybersecurity defenses against ransomware threats.”

Grant Leonard, field CISO for Lumifi Cyber, a managed detection and response services company in Scottsdale, Ariz., explained that the U.S. is a sophisticated, tech-savvy nation with many millions of users online, sharing and doing business in a way that makes them targets for criminals.

Companies in the U.S. may also be more willing to pay off ransomware artists than those in other countries. “The reality is there are many targets who have some form of insurance and are willing to pay money to continue to do business,” he told TechNewsWorld.

“Sadly, many U.S.-based organizations still pay ransoms,” added Damon Small, a board member of Xcape, a penetration testing, incident response, and managed IT services company in Los Angeles.

“The U.S. may soon follow other countries by introducing regulations prohibiting this and also requiring a more robust security infrastructure,” he told TechNewsWorld. “Ironically, we see some of this being driven by insurance companies requiring such infrastructure when underwriting cyber policies.”

Targeting Success

The U.S. has a robust financial infrastructure that also makes it attractive to cyber shakedown players. “Connectivity between crypto wallets and fiat currency makes it faster and more efficient for threat actors to monetize their efforts,” said Jason Hogg, executive chairman of Cypfer, a global cybersecurity firm specializing in incident response, ransomware recovery, digital forensics, and cyber risk management.

“This is exacerbated by two major factors,” he told TechNewsWorld. “First, the concentration of large and lucrative companies in the U.S. Second, the size and scale of the companies, from both an employee and consumer base, require large and complex infrastructures, resulting in greater entry or access points due to the advanced connectivity of mobile and digital interfaces to support their operation and commerce.”

“Further, the regulatory pressure and reputation risk exposure incentivize payment of ransom for faster resolution,” he added.

The greatest strength of the U.S. has become its Achilles’ heel in cyberspace, maintained John Wilson, a senior fellow for threat research at Fortra, a cybersecurity services company in Eden Prairie, Minn.

“The USA innovates faster, adopts quicker and scales bigger than anyone else — which is exactly why the USA is getting hammered by every hacker from around the world,” he told TechNewsWorld.

“Success in the digital age apparently comes with an ‘increased exposure surface’ sign attached,” he added.

HTTPS Deception

Another area of distinction for the U.S. is phishing. It has the highest share of phishing attacks at more than 61%. That contrasts with Canada, at around 38%, and Mexico, with a minuscule 0.41%.

SOCRadar’s researchers also found that a large portion of phishing sites use the HTTPS protocol (71.1%) compared to those using HTTP (28.9%). “This may seem surprising, as HTTPS is often linked with secure websites,” the report noted. “However, attackers now use HTTPS to trick users into thinking a site is safe. The padlock icon in browsers can give a false sense of trust.”

It added that users should not rely only on HTTPS to judge a website’s safety, and that businesses should educate staff and customers to look beyond the padlock and check for signs of phishing.

“In the U.S., phishing attacks are becoming increasingly more targeted, using highly tailored campaigns driven by social engineering and AI-enhanced data scraping,” said Darren Guccione, CEO of Keeper Security, a password management and online storage company in Chicago.

“Phishing-as-a-service platforms are driving this by offering fast deployment of campaigns, further lowering the barrier of entry for cybercriminals,” he told TechNewsWorld. “These cybercriminals are not only relying on stolen credentials but also on social manipulation to breach identity protections.”

“Deepfake videos are a specific concern in this area,” he continued, “as AI models make these attack methods faster, cheaper, and more substantial. As attackers grow more sophisticated, the need for more robust, dynamic identity verification methods — such as MFA and biometrics — will be imperative to defend against these increasingly nuanced threats.”

High Cost of Weak Data Protection

Cypfer’s Hogg maintained that as threat actors continue to implement and scale their own AI capabilities, attacks using social engineering will continue to accelerate the number of breach occurrences. “This emphasizes the need for individuals to be alert and careful with the information they put out in the public domain through social media and other publicly accessible platforms,” he said.

As long as U.S. companies consider cybersecurity to be a cost center rather than a necessary part of protecting their information assets, we will continue playing leapfrog with adversaries trying to steal those assets, added Xcape’s Small.

“Information has very real value and criminals know how to monetize their activities,” he said. According to the report, more than half (58.4%) of all threat activity involved the sale of stolen data, tools, or services. “Companies need to spend time understanding the value of their information assets so that they can prioritize which to protect and how much to spend protecting them,” Small advised.

“Traditional security approaches of updating defenses to combat general threat tactics, not just in North America, but around the world, are no longer sufficient to protect sensitive information and systems,” added John Watters, CEO and managing partner at iCounter, a cyber risk intelligence provider in Dallas.

“To effectively defend against AI-driven rapid developments in targeted attacks,” he told TechNewsWorld, “organizations need more than mere actionable intelligence — they need AI-powered analysis of attack innovations and insights into their own specific weaknesses that can be exploited by external parties.”

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
Cloudflare now blocks AI bots from scraping websites by default and introduces a Pay Per Crawl model to control and monetize content access.
Cloudflare Blocks AI Bots by Default, Launches Pay Per Crawl Model
July 2, 2025
SMB cybersecurity team
SMBs Face Costly, Complex Barriers to Cybersecurity
April 28, 2025
cybercrime hackers
Hacker Nation: The World’s Third-Largest Economy
April 8, 2024
More by John P. Mello Jr.
view all
Tesla and Samsung have agreed to a $16.5B deal for AI chip manufacturing in Texas.
Tesla-Samsung Pact More Than a Chip Deal
July 30, 2025
Futuristic AI-powered web browser interface with neural network overlay and digital assistant elements, symbolizing the integration of artificial intelligence into everyday internet use.
AI’s Killer App Could Be a Browser
July 22, 2025
green energy data center
Small Changes in AI Models Can Produce Big Energy Savings
July 16, 2025
WhatsApp app icon on a smartphone screen, highlighting the mobile platform at the center of Meta's super app ambitions.
Meta Positioning WhatsApp To Be a Super App
July 9, 2025
High-performance data centers will be powered by repurposed EV batteries for AI infrastructure.
Redwood Energy Aims To Power AI Data Centers With Used EV Batteries
July 8, 2025
Cloudflare now blocks AI bots from scraping websites by default and introduces a Pay Per Crawl model to control and monetize content access.
Cloudflare Blocks AI Bots by Default, Launches Pay Per Crawl Model
July 2, 2025
AI-enabled identity theft causes rising losses despite fewer reports
Identity Crime Reports Down, Losses Up: ITRC
June 25, 2025
students working on computers in a school classroom
MIT Study Finds ChatGPT Can Harm Critical Thinking Over Time
June 24, 2025
Galaxy Watch and Samsung smartphone showing vascular load data, part of Samsung's planned Health Hub to help users and doctors track cardiovascular health.
Samsung Plans ‘Health Hub’ To Connect Doctors With Patient Data
June 18, 2025
emergency response center for first responders, law enforcement
Lagging 9-1-1 Upgrade Puts Public Safety at Risk
June 17, 2025
More in Cybersecurity
cybersecurity strategies
Security Is Not Privacy, Part 2: The Guard Tower PC
June 27, 2025
IT professional monitors AI analytics and cybersecurity dashboards, with hidden risks of shadow AI and unapproved SaaS tool usage in focus.
Beyond ChatGPT: Shadow AI Risks Lurk in SaaS Tools
June 26, 2025
Digital KYC verification with hand interacting on holographic interface
Modernizing Identity Security Beyond MFA
June 24, 2025
data protection
A Beginner’s Guide to Data Protection for Microsoft 365 Exchange
June 20, 2025
IBM Quantum Starling rendering
IBM Plans Large-Scale Fault-Tolerant Quantum Computer by 2029
June 11, 2025
An IT user interacts with generative AI tools, raising enterprise concerns over unsanctioned LLM use.
IT Pros ‘Extremely Worried’ About Shadow AI: Report
June 4, 2025
SMB cybersecurity team
SMBs Face Costly, Complex Barriers to Cybersecurity
April 28, 2025
Remote worker reviews online job listing, illustrating the growing risk of AI-generated job scams and phishing threats targeting job seekers.
AI, Layoffs Fuel Surge in Job Scams
April 22, 2025
mobile app security
Collection of Private Data Makes Mobile Apps Fat Target for Hackers
April 9, 2025
cybersecurity team
Gartner Identifies 12 Disruptive Technologies for Future Business Systems
April 8, 2025

How often do you use apps or devices to monitor your health?
Loading ... Loading ...

Technewsworld Channels

Applications

Applications

How AI Personalizes Insurance for Today’s Small Business Owners

Audio/Video

Audio/Video

The Tangled Web: Copyright, AI, and the Content ID Conundrum

Chips

Chips

AI’s Inflection Point: Echoes of Hardware Disruption

Computing

Computing

The Year of the Linux Desktop? This Time, the Data Says Yes

Cybersecurity

Cybersecurity

Cloudflare Blocks AI Bots by Default, Launches Pay Per Crawl Model

Data Management

Data Management

A Beginner’s Guide to Data Protection for Microsoft 365 Exchange

Developers

Developers

AMD’s AI Surge Challenges Nvidia’s Dominance

Emerging Tech

Emerging Tech

Redwood Energy Aims To Power AI Data Centers With Used EV Batteries

Exclusives

Exclusives

Database Admins See Brighter Job Prospects Amid IT Challenges

Gaming

Gaming

AMD at Computex 2025: Making the Case for an AI Powerhouse

Hacking

Hacking

SMBs Face Costly, Complex Barriers to Cybersecurity

Hardware

Hardware

Security Is Not Privacy, Part 2: The Guard Tower PC

Health

Health

Samsung Plans ‘Health Hub’ To Connect Doctors With Patient Data

Home Tech

Home Tech

Matter and Infineon Redefine Smart Home Security Standards

How To

How To

How To Keep AI From Making Us Stupid

Internet of Things

Internet of Things

AMD’s Embedded Edge: Leadership, Differentiation, and AI Opportunity

IT Leadership

IT Leadership

Beyond ChatGPT: Shadow AI Risks Lurk in SaaS Tools

Malware

Malware

AI Chatbots Can Be Easy Prey for ‘Zero-Knowledge’ Hackers

Mobile Apps

Mobile Apps

Meta Positioning WhatsApp To Be a Super App

Operating Systems

Operating Systems

WWDC: Apple Unifies Operating Systems, Makes iPad More PC

Privacy

Privacy

Identity Crime Reports Down, Losses Up: ITRC

Reviews

Reviews

Powerful Mini-PCs Provide Efficient Replacement for Desktop Computers

Robotics

Robotics

Drones Set To Deliver Benefits for Labor-Intensive Industries: Forrester

Science

Science

MIT Study Finds ChatGPT Can Harm Critical Thinking Over Time

Search Tech

Search Tech

AI Is Rewriting the Rules of Brand Management

Servers

Servers

Why Texas Is the Ideal Home for Apple’s AI Data Center

Smartphones

Smartphones

Cell Phone Satisfaction Tumbles to 10-Year Low in Latest ACSI Survey

Social Networking

Social Networking

Americans Could Lose 7% of Their Lives to Social Media

Space

Space

Meta Llama 2025: The Open-Source AI Tsunami

Spotlight Features

Spotlight Features

How To Leverage Gen AI Without Losing the Corporate Shirt

Tablets

Tablets

Screen Time of Americans Above Global Average: Study

Tech Buzz

Tech Buzz

I Know Precisely What Sam Altman and Jony Ive Are Up To

Tech Law

Tech Law

Democratic AI Revolution: Power to the People and Code to the Masses

Transportation

Transportation

Waymo Builds Arizona Factory To Grow Robotaxi Fleet

Virtual Reality

Virtual Reality

Apple Vision Pro Ecosystem Shows Sluggish Growth

Wearable Tech

Wearable Tech

Apple Adds Brain-to-Computer Protocol to Its Accessibility Repertoire

Women In Tech

Women In Tech

Crashing the Boys’ Club: Women Entering Cybersecurity Through Non-Traditional Paths

More from ECT News Network

E-Commerce Times

Landbase Cuts GTM Timelines From Months to Minutes With AI
Landbase Cuts GTM Timelines From Months to Minutes With AI
July 24, 2025
AI Adoption Lags in E-Commerce, Revenue Ops Despite Billions at Stake
AI Adoption Lags in E-Commerce, Revenue Ops Despite Billions at Stake
July 21, 2025
Cimulate Modernizes Online Shopping With Smarter AI Assistants
Cimulate Modernizes Online Shopping With Smarter AI Assistants
July 17, 2025

LinuxInsider

The Year of the Linux Desktop? This Time, the Data Says Yes
The Year of the Linux Desktop? This Time, the Data Says Yes
July 29, 2025
From Kernel to Cloud: Open Source Takes On Security Trade-Offs
From Kernel to Cloud: Open Source Takes On Security Trade-Offs
July 23, 2025
Kubernetes Cost Optimization May Be Doing More Harm Than Good
Kubernetes Cost Optimization May Be Doing More Harm Than Good
July 17, 2025

CRM Buyer

Flashy Customer Experience Technology Alone Can’t Get the Job Done
Flashy Customer Experience Technology Alone Can’t Get the Job Done
July 28, 2025
Modernizing Legacy ERP Without Rip-and-Replace
Modernizing Legacy ERP Without Rip-and-Replace
July 14, 2025
Crescendo AI Shifts CX From Deflection to Engagement
Crescendo AI Shifts CX From Deflection to Engagement
July 8, 2025