fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Network Hackers Focus on Selling High-value Targets in the U.S.

Network Hackers Focus on Selling High-value Targets in the U.S.

A Crowdstrike report looking into access brokers’ advertisements since 2019 has identified a preference in academic, government, and technology entities based in the United States.

Initial access brokers are a vital link in the cybercrime chain, as these threat actors are devoted to breaching corporate networks for future attacks.

These brokers then sell access to these networks to other cybercriminals who will do the “dirty” and more risky work of deploying malware, ransomware, move laterally, conduct espionage, etc.

Previously, we have seen threat actors selling access to networks for as little as $1,500, but as analyzed in the Crowdstrike report, the price depends on the compromised organization’s location, size, and type.

Also Read: Completed DPIA Example: 7 Simple Helpful Steps To Create

Countries targeted

The most lucrative targets in terms of how much they can yield in dark web listings are the U.S. and the U.K. Listings from these two countries are selling for an average price of just below $4,000.

Average price for each country listing
Average price for each country listing (Crowdstrike)

This is why the United States takes the lion’s share of the target focus, accounting for over half (55%) of all initial access offerings on dark web forums and markets.

The most targeted countries by access brokers
The most targeted countries by access brokers (Crowdstrike)

The U.K. is far behind with only 7%, while Brazil, Canada, and France have a significant share of the targeted pie (between 6% and 8%).

Another highly sought-after listing is access in Canadian organizations, which sells at an average of $3,119, while Italy is also fairing well with $2,900.

Also Read: 12 Benefits of Data Protection for Business Success

Sectors targeted

The sectors targeted by initial access brokers are also determining factors. Depending on the entity, threat actors may use the access for financial extortion, data exfiltration, cyber-espionage, BEC acts, etc.

According to Crowdstrike, the academic, government, and technology sectors are targeted the most, followed by financial, healthcare, and energy services.

Top 10 targeted sectors by access brokers
Top 10 targeted sectors by access brokers (Crowdstrike)

Considering that the dataset began in 2019, the outbreak of COVID-19, which led to a global research effort for the development of a vaccine, must have played a crucial role in the ranking of academic at the top.

When looking at the average asking price for each sector, government listings are the most valuable at $6,151, followed by financial service providers at $5,855.

Average selling price for the various sectors
Average selling price for the various sectors (Crowdstrike)

Outlook

The access broker economy is shifting, like all sectors of cybercrime, and while these threat actors employ all tricks in the book to keep the supply alive, easy and widely exploitable flaws like Log4Shell have pushed them aside.

Also, ransomware groups now use exclusive initial access contractors directed to attack specific targets rather than buying random firm access that may also be doubtful.

Crowdstrike has identified a short-lived fallout between Q4 2021 and Q1 2022 but now reports a resurgence in network access advertisements.

The demand is expected to remain high in 2022, but it’ll all depend on the vulnerability landscape and the trends that underpin the operation of hands-on hackers like RaaS operators.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us