Security News > 2021 > December > Initial access brokers: How are IABs related to the rise in ransomware attacks?

Initial access brokers are cybercriminals who specialize in breaching companies and then selling the access to ransomware attackers.

You might assume these cybercriminals are very skilled, since they are able to compromise a lot of companies; what if I told you they are maybe not as skilled as you might think, and that a lot of these groups simply buy the access to companies from other cybercriminals? Welcome to the world of initial access brokers.

Initial access brokers sell access to corporate networks to any person wanting to buy it.

Initially, IABs were selling company access to cybercriminals with various interests: getting a foothold in a company to steal its intellectual property or corporate secrets, finding accounting data allowing financial fraud or even just credit card numbers, adding corporate machines to some botnets, using the access to send spam, destroying data, etc.

To sell the access in these marketplaces, the brokers always advertise using the same kind of information: the industry to which the company belongs, its number of employees, its revenue, the type of access and the price for it.

The IABs also generally provide the access exclusively to one customer, but it is not so rare that brokers with low reputations sell the same access to several different customers at the same time before disappearing.

News URL

https://www.techrepublic.com/article/initial-access-brokers-how-are-iabs-related-to-the-rise-in-ransomware-attacks/#ftag=RSS56d97e7