If a single hacker, or hacker group, running amok in your network isn’t bad enough, how about the idea of them selling access to others too?
That’s apparently what’s happening on the dark web.
A recent report from Israeli cyber-intelligence firm KELA has outlined the fact Initial Access Brokers (IABs) are selling access to 576 corporate networks for a total of $4 million.
That access is now being sold for more than before. While the cost of living crisis concerns itself with mortgages and energy costs, it seems criminals aren’t immune either.
The KELA report mainly centres on American businesses, but you can be sure it’s happening here too.
Initial Access Brokers
Initial Access Brokers are hackers who penetrate networks, establish some kind of foothold so they can come back and then sell that access to others.
It’s an incredibly lucrative business where they do the initial hard work and then rent out their backdoor to others.
Those others will then steal data, mine for secrets, deploy ransomware, perform industrial espionage or something else entirely.
The main barrier to entry for most cyber criminals is the strength of defences.
If someone else handles that for you and all you need to do is rent some time within a network, it’s a whole lot easier to do.
We’re not sure why Initial Access Brokers became a thing.
It may be because they are experts at penetrating networks and not experts at mining data. They may like the challenge of the initial attack and not be interested in what comes after, or there may be more money in renting out access.
Whatever the reasons, IABs are more common than ever and more damaging.
That KELA report showed 110 IABs offering a total of 576 network access samples for a combined total of $4 million.
The average cost for an individual access was $2,800 (£2,495).
Access was being sold on the dark web and hacking forums and prices varied from a few hundred dollars up to $3 million for a single network access.
The scale of unauthorised access
Most businesses recognise the need to protect networks from unauthorised access but we’re not sure everyone realises the scale of the problem.
Or how easy it is now to get access.
KELA themselves recognised that few companies they interviewed were truly aware of just what threats were out there and in what form.
“We found organizations may be less prepared for threats emerging from the cybercrime underground than they should be,” said David Carmiel, KELA CEO.
“At KELA, our extensive intelligence expertise has shown us just how complex the cybercrime underground really is. The threats are much more comprehensive, and what organizations know and refer to as the dark web is changing within the hour.
“With these findings, we hope to proactively educate the security community about the state and future of cybercrime so they can stay ahead of the curve.”
Protecting networks from intruders
A coherent network security policy is more important than ever and defence in depth plays an integral part of that.
Your current corporate firewall may be good at what it does, but it isn’t enough on its own. Neither is any single layer of defence.
We are now in the realms of multi-layered cyber defence where a combination of access controls, encryption, VPNs, multi-factor authentication and other measures are required.
A small to medium-sized business might wonder how they could afford, or manage such defences. Or whether a hacker network would target them at all.
The answer to the second question is yes, SMBs are priority targets primarily because they cannot usually afford first-rate cyber defences.
Or can you?
There’s no need to spend thousands on your own defences and spend days or weeks training your own cyber security team.
Use ours instead.
Work with Cloud Heroes, use our cloud services and you could benefit from cutting-edge cyber security, 24/7 intrusion monitoring, encryption and support from an expert team.
All for less than you might think!