Hackers who wish to engage in ransomware attacks can buy network resources via clandestine online marketplaces and hidden forums (aka “the Dark Web”). It’s an ecosystem of criminal enterprise where consumer databases, malware and compromised payment card accounts are also available.
According to a study released by IntSights, criminal entities that resell network capacity that is located in North America realize an average price of $9,640 and a median price of $3,000 per incident.
The study describes how criminals sell resources, such as RDP or VPN credentials, by starting conversation threads in criminal forums; as they are both frequently-used access vectors. IT organizations often fail to protect access with two-factor authentication or strong passwords. The victimized legitimate owners of the resources are typically not identified by name in these criminal forums, and the sellers go by anonymous handles.
Read further details (ZDNet)
Download the white paper Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums (registration form)
Why it matters
Piracy Monitor sorts piracy into several categories, including the theft of content, theft of services, theft of apps & devices, theft of advertising, theft of infrastructure and the “theft of you.”
Without the ability to stop such theft by having sufficient intrusion detection and network security safeguards in place, network service providers must incur the expense of over-provisioning their networks by the percentage of traffic stolen – just to meet the QoS and SLA expectations of legitimate users – while accommodating this illegal network traffic. And the expense alone doesn’t recognize the additional threat to other internal infrastructure or data that could be made accessible via such breaches.