Cybercriminals Change Focus From Individual Servers to Enterprise Networks

News and Analysis
22.05.2020

Hackers seem to have shifted their focus from individual servers to corporate networks. In the second half of 2019, the number of postings on illicit marketplaces offering access to corporate networks reportedly began surging.

Cybercriminals have been actively placing so-called “access for sale” proposals on darknet seeking to sell the remote control over enterprise computers to third parties, over the past months, per a May 20 report from cybersecurity firm Positive Technologies.

Once a third party obtains access to corporate computers, they can perform attacks on the company’s infrastructure and eventually steal data and disrupt business operations.

Positive Technologies analyzed 190 dedicated dark web sites and forums with mainly Russian- and English-speaking users and concluded that more than 70 million people visit those sites per month.

Even Low-Skilled Hackers Can Breach Corporate Networks

According to the findings, access to industrial businesses has the widest popularity among ill-intentioned individuals, accounting for 18% of the total number of proposals, and is followed by the service sector companies, with 14%. In general, the price varies from $500 to $100,000, with the cost of privileged access to a single local network of $5,000.

Compromised companies by sector

Compromised companies by sector. Source: Positive Technologies

Positive Technologies’s report notes that even low-skilled hackers are capable of breaching corporate networks, posing risk primarily to large companies. So-called script kiddies—unskilled individuals who use scripts or programs developed by others to attack computer systems—target small and medium-sized firms as they usually spend less on network security.

Trends Shaping the Threat Landscape are Changing

Interestingly, a study into the issue by cybersecurity firm Bromium and a group of researchers from the University of Surrey showed that, in 2019, the banking and finance sector was exposed to hacker attacks the most, with 35% of listings from darknet sellers. E-commerce came second, with 20% of listings, at the time.

The findings set forth in a recent report from tech behemoth IBM align with those from Bromium and the University of Surrey as they determined the financial services and retail sectors as two main industries targeted by cybercriminals in 2019.

Per IBM, more than 8 billion records were breached last year, and 150,000 vulnerabilities were disclosed to date. Operational technology attacks reportedly skyrocketed by massive 2,000% year-on-year, in 2019, focusing on the Internet of Things, and connected industrial and medical systems.

In the fourth quarter of 2019, the volume of ransomware attacks increased by 67% year-on-year, with bad actors continuously developing new ransomware code for destructive attacks.

Cyberattacks are growing in number due to the low barrier to entry. To resist attacks, per Positive Technologies, companies should “ensure comprehensive infrastructure protection, both on the network perimeter and within the local network. Make sure that all services on the perimeter are protected and security events on the local network are properly monitored to detect intruders in time.”

Written by Ana Alexandre

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Found a typo? Highlight text and press CTRL+ENTER

Subscribe to our Newsletter

<

Related posts

Tags: , ,