"Initial Access Broker Market Booms, Posing Growing Threat to Enterprises"

Ransomware operators and other cybercriminals looking for quick access to enterprise networks looked to Initial Access Brokers (IABs) named Novelli, orangecake, Pirat-Networks, SubComandanteVPN, and zirochka for a large part of last year. During the second half of 2021 and the early part of 2022, the five entities accounted for about 25 percent of all access offers to enterprise networks that were for sale on underground forums. For an average fee of $2,800, these IABs provided stolen Virtual Private Network (VPN) and Remote Desktop Protocol (RDP) account information and other credentials that criminals could use to infiltrate the networks of more than 2,300 firms worldwide. Group-IB determined through research for its 11th annual report on high-tech crime that the five operators were the leaders of a much larger and rapidly expanding market of hundreds of other IABs. According to the company's analysis, the number of IABs operating in underground forums and markets increased dramatically from 262 in the prior 12-month period to 380 between the second half of 2021 and the first half of 2022. Additionally, Group-IB researchers discovered a 41 percent increase in the number of countries where compromised companies were located. About 24 percent of all first access offers involved US-based organization networks. Brazil, Canada, France, and the UK also had a high number of victims. This article continues to discuss the growing IAB market and how IABs have impacted cybercrime.

Dark Reading reports "Initial Access Broker Market Booms, Posing Growing Threat to Enterprises"