Connect with us

Africa

Kaspersky: $2,100 is the average price for access to corporate data on Dark web in Middle East, Turkey and Africa (META) region

Published

on

  Sensitive data stolen from companies during cyberattacks often ends up on Dark web markets and forums With the rise of the cybercrime as a service business model Kaspersky www Kaspersky co za researchers found that not only corporate data itself is for sale but also the information necessary for access to corporate networks to organise that attack Globally the average cost for access to corporate systems is in the range from 2 000 to 4 000 and in the META region the average price for access to corporate infrastructure is 2 100 This is relatively inexpensive compared to the possible damage to the targeted business Such services are of prime interest to ransomware operators whose profit may reach tens of millions of dollars a year The Dark web is a common term that is used to describe different resources used by cybercriminals forums instant messengers Tor websites blogs Pastebin and similar websites and others The Dark web is also a multifunctional platform and market for any need from attack preparation to money withdrawal Ways the attackers can get access to corporate data The first way is by exploiting vulnerabilities on the network perimeter These can be unpatched software with available exploits vulnerabilities in web applications misconfigured services or zero day vulnerabilities Another way is by phishing attacks Most common attack scenarios include fake business correspondence from partners fake links for online meetings or documents and COVID related emails Finally access can be gained by infecting user devices personal or corporate ones with a data stealer Data gets stolen while users continue to work on their device then the stolen data is transferred to Command and Control servers packed in files which are then published on Dark web forums and put on sale In South Africa 1 270 617 accounts of users were stolen this way in 2021 2022 In Kenya 375 011 accounts of users were stolen during the same period Selling access on the dark web Once an attacker gains access to the organisation s infrastructure they can then sell this access to other advanced cybercriminals for example ransomware operators The price for accessing potential victims systems is relatively inexpensive when compared to the possible damage that can be done afterwards The average cost for access to a company s systems lies in the range from 2 000 to 4 000 The cost of initial access depends on the victim company s revenue and price Globally 42 of all offers for the sale of access are cheaper than 1 000 The majority 75 of all lots offer initial access through Remote Desktop Protocol RDP making the access for buyers easy Other types include access through virtual network computing services through web shell through Citrix access or SQL injection While companies from the META region account for 8 of all offers globally on the sale of access to corporate infrastructure their access is sold at a high price the most expensive offer stood at 25 000 The average price for access to corporate infrastructure in the META region is 2 100 The most expensive offers that were found were for companies from Saudi Arabia the UAE Israel starting from 5 000 Access to over 100 enterprises in META with an average revenue of 500 mln has been up for sale on the Darknet over the past 2 years Protecting businesses from dark web criminals While the Dark web seemed impossible to control in the past now the situation is changing Businesses can act to give fraudsters less opportunity to make dark web profits out of their data Organisations should protect their data from being stolen with strong data security practices including data encryption and educating employees on how to avoid accidentally giving cybercriminals access comments Yuliya Novikova Head of Security Services Analysis at Kaspersky Dark web monitoring should be considered as a threat intelligence data source for cybersecurity staff CTI analysts SOC analysts and others It will allow to immediately react on security incidents such as offers on selling access to the company and help to prevent data breaches Digital Footprint Intelligence introduced within the Kaspersky Threat Intelligence portal https bit ly 3hZTdId provides access to insights from a range of validated sources worldwide allowing companies to mitigate the impact of cyberattacks and identify potential threats before they become incidents Reference A zero day vulnerability is an unknown software bug discovered by attackers before the vendor has become aware of it Since the vendors are unaware no patch exists for zero day vulnerabilities making attacks likely to succeed unexpectedly
Kaspersky: ,100 is the average price for access to corporate data on Dark web in Middle East, Turkey and Africa (META) region

Sensitive data stolen from companies during cyberattacks often ends up on Dark web markets and forums.

blogger outreach campaign examples naija new

With the rise of the cybercrime as a service business model, Kaspersky (www.Kaspersky.co.za) researchers found that not only corporate data itself is for sale, but also the information necessary for access to corporate networks to organise that attack.

naija new

Globally the average cost for access to corporate systems is in the range from $2,000 to $4,000, and in the META region the average price for access to corporate infrastructure is $2,100.

naija new

This is relatively inexpensive compared to the possible damage to the targeted business.

Such services are of prime interest to ransomware operators, whose profit may reach tens of millions of dollars a year.

The Dark web is a common term that is used to describe different resources used by cybercriminals – forums, instant messengers, Tor websites, blogs, Pastebin and similar websites, and others.

The Dark web is also a multifunctional platform and market for any need – from attack preparation to money withdrawal.

Ways the attackers can get access to corporate data

The first way is by exploiting vulnerabilities on the network perimeter.

These can be unpatched software with available exploits, vulnerabilities in web applications, misconfigured services or zero-day¹ vulnerabilities.

Another way is by phishing attacks.

Most common attack scenarios include fake business correspondence from partners, fake links for online meetings or documents, and COVID-related emails. 

Command and Control

Finally, access can be gained by infecting user devices (personal or corporate ones) with a data stealer.

Data gets stolen while users continue to work on their device, then the stolen data is transferred to Command and Control servers, packed in files, which are then published on Dark web forums and put on sale.

In South Africa, 1,270,617 accounts of users were stolen this way in 2021-2022.

In Kenya, 375,011 accounts of users were stolen during the same period.

Selling access on the dark web

Remote Desktop Protocol

Once an attacker gains access to the organisation’s infrastructure, they can then sell this access to other advanced cybercriminals, for example, ransomware operators.

The price for accessing potential victims’ systems is relatively inexpensive when compared to the possible damage that can be done afterwards.

The average cost for access to a company’s systems lies in the range from $2,000 to $4,000.

The cost of initial access depends on the victim company’s revenue and price.

Globally 42% of all offers for the sale of access are cheaper than $1,000.

The majority (75%) of all lots offer initial access through Remote Desktop Protocol (RDP), making the access for buyers easy.

Other types include access through virtual network computing services, through web shell, through Citrix access or SQL injection.

Saudi Arabia

While companies from the META region account for 8% of all offers globally on the sale of access to corporate infrastructure, their access is sold at a high price – the most expensive offer stood at $25 000.

The average price for access to corporate infrastructure in the META region is $2,100.

The most expensive offers that were found were for companies from Saudi Arabia, the UAE, Israel (starting from $5,000).

Access to over 100 enterprises in META with an average revenue of $500 mln has been up for sale on the Darknet over the past 2 years.

Protecting businesses from dark web criminals

Yuliya Novikova

“While the Dark web seemed impossible to control in the past, now the situation is changing.

Businesses can act to give fraudsters less opportunity to make dark web profits out of their data.

Organisations should protect their data from being stolen with strong data security practices, including data encryption and educating employees on how to avoid accidentally giving cybercriminals access,” comments Yuliya Novikova, Head of Security Services Analysis at Kaspersky.

“Dark web monitoring should be considered as a threat intelligence data source for cybersecurity staff – CTI analysts, SOC analysts, and others.

It will allow to immediately react on security incidents such as offers on selling access to the company and help to prevent data breaches.

Digital Footprint Intelligence introduced within the Kaspersky Threat Intelligence portal (https://bit.ly/3hZTdId) provides access to insights from a range of validated sources worldwide, allowing companies to mitigate the impact of cyberattacks and identify potential threats before they become incidents.”

Reference:

¹A zero-day vulnerability is an unknown software bug discovered by attackers before the vendor has become aware of it.

Since the vendors are unaware, no patch exists for zero-day vulnerabilities, making attacks likely to succeed unexpectedly.

bet9ja booking bet punch hausa branded link shortner Febspot downloader