How access to company networks is sold on the dark web for under $1,000
New analysis of illicit dark web marketplaces where cybercriminals buy and sell access to corporate networks uncovers new insights into how initial access to compromised businesses is being sold -- often for less than $1,000 -- and the steps defenders can take to disrupt the process in its earliest stages.
Rapid7’s threat intelligence researchers analyzed hundreds of posts by Initial Access Brokers (IABs) offering access to compromised networks across a range of industries and regions. Their findings show that ‘initial’ access doesn’t necessarily equate to minimal; in many cases, this access represents a deep compromise.
Initial access brokers target mid-sized businesses for ransomware
Initial access brokers (IABs) are the invisible engine of modern cybercrime. They don't execute ransomware attacks, but they do enable them.
Research from Check Point External Risk Management (formerly Cyberint) shows that IABs are increasingly targeting smaller businesses, with 60.5 percent of listings targeting SMBs (companies with $5M - $50M revenue), representing a new 'sweet spot' for attackers.