Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
New breed of cybercriminal breaches organizations then sells access
#1
Entrepreneurial cybercriminals are operating as middlemen by breaching as many companies as possible and then selling on access to the highest bidder rather than infiltrating systems themselves.

New research from Digital Shadows reveals that these 'Initial Access Brokers' are flourishing during the pandemic as employees increasingly log in to systems remotely.

This type of brokerage has been going on since 2016, but in the last year there's been a notable increase in activity and listings. Many dark web marketplaces have reorganized to place these advertisements into dedicated sections and there are currently around 500 in a snapshot that Digital Shadows has taken of the most popular forums. Many sellers have good feedback ratings from other criminals too, indicating their claims are genuine.


The average selling price for access to an organization is $7,100 with the price based on revenue, type of access sold, number of employees, and number of devices accessible. RDP (remote desktop protocol), access enables an attacker to take over a victim's computer and is the most common type listed, at 17 percent of the total.

Domain administrator access is also prized and makes up 16 percent of the listings with an average price of $8,187. Listings for VPN access have boomed on the back of increased remote working and will grant access to an organization's company network for an average price of $2,871. This accounts for 15 percent of the total with Citrix access (seven percent), control panel (six percent), content management systems (five percent), and shell access (five percent) also exploits advertised.

"The dramatic increase in remote working coupled with ransomware's commercial success has been a perfect storm of opportunity for initial access brokers," Rick Holland, CISO at Digital Shadows, says. "These actors are cashing in because of the flourishing demand and their specialization. They concentrate on one aspect of the cybercriminal ecosystem, gaining access to your network, and they do it very well. They then pass the baton on to other criminals and move on to their next target. Due to their ability to successfully compromise organizations of all sizes, initial access brokers' prominence has increased within the cybercriminal underground."

You can get the full report from the Digital Shadows site.


Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hacker sells the data for millions of Moscow drivers for $800 mrtrout 0 1,260 10-24-2021 , 02:37 AM
Last Post: mrtrout
  Australian Organizations Spent $55 Million in Ransom Payments mrtrout 0 854 07-17-2021 , 06:55 AM
Last Post: mrtrout
  Iranian State-sponsored Cybercriminal Hacked Israeli Chief-of-Staff mrtrout 0 1,009 06-17-2021 , 02:58 AM
Last Post: mrtrout
  McAfee sells its enterprise cybersecurity business to private equity firm for $4B mrtrout 0 978 03-09-2021 , 04:45 AM
Last Post: mrtrout
  Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations Bjyda 0 1,396 02-25-2021 , 11:53 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)