A group of cyber-criminals who have received a real boost under the corona are those called access brokers – they hack into systems and then sell the access on to other malicious actors.
They are called “initial access brokers” – initial access brokers – they hack into as many businesses as possible but do not engage in stealing data or create clutter but instead sell the intrusion on to, for example, various groups linked to nations or those who engages in ransomware.
The intrusion usually takes place via companies’ networks – via rdp or vpn connections – and one reason why they do not continue the attack themselves is that they often do not have the knowledge required for it, writes Securityweek.
More coveted than ever
And now they are more sought after than ever, according to the security company Digital Shadows, which has followed the group’s activities for many years.
The company warns that these access brokers therefore pose an increasing threat to companies and organizations. They point to American companies as the most vulnerable and the industries affected are primarily retail, the financial sector and technology companies.