A recent report from Positive Technologies indicates a significant surge in dark web advertisements offering access to corporate networks over the past year, attributed mainly to the rise in ransomware attacks.
Positive Technologies researchers observed a substantial increase, with 707 new access-selling ads identified in 2020—a sevenfold rise compared to 2019. Furthermore, the first quarter of 2021 alone saw 590 new offers, accounting for 83% of the total offers from the previous year. This escalation is linked to the uptick in ransomware incidents, according to the report.
During Q1 2021, the number of users posting ads to buy, sell, or find hacking partners tripled compared to the same period in 2020.
The report estimates that cybercriminals generate around $600,000 quarterly from selling corporate network access on the dark web. Notably, the proportion of high-priced access lots (over $5,000) nearly halved, possibly due to an influx of novice cybercriminals entering the market.
Yana Yurakova, an analyst at Positive Technologies, noted, “Most of the companies whose network access was for sale on the dark web belong to the services (17%), manufacturing (14%), and research and education (12%) sectors. The decline in industrial and financial institutions’ share may be attributed to less skilled actors focusing on easier targets.”
These findings suggest evolving profiles of cybercriminals, highlighting differences in skills between those gaining initial access and those executing attacks. The report emphasizes the need for revised threat models to address both low-skilled entry threats and sophisticated attack methods.
Source: https://www.itpro.co.uk/security/hacking/360399/dark-web-ads-offering-access-to-corporate-networks-increase-sevenfold