Business, News, Security

For just $4000, a cybercriminal could destroy your business

Brendyn Lotz

23rd November 2022

Kaspersky researchers have discovered cybercriminals are selling the information needed to access corporate networks.
This information can cost $4 000 but the potential returns make this investment minor.
This information highlights why security is a constant investment and not something to be ignored.

Cybercriminals are willing to pay up to $4 000 for access to a company’s systems and while that seems low, the damage these ne’er-do-wells cause with few or no cybersecurity safeguards in place can earn them much more.

The popularity of cybercrime in the darker corners of the online world drives an active marketplace where credit card information and other data are sold. Recently, Kaspersky researchers found that not only was corporate data available on dark web marketplaces but so was the information needed to execute an attack on a company from within its own network.

Globally this information sells for between $2 000 and $4 000 but in the Middle East, Turkey and Africa region, the average price is just $2 100.

This information can vary but Kaspersky points out that often, it can be as simple as highlighting the flaws in a company’s security practices. These can include unpatched software with known exploits, misconfigured services and even zero-day vulnerabilities.

Creative cybercriminals can execute phishing campaigns that steal data from employees while they work. This data can be captured and then sold through dark web marketplaces.

According to Kaspersky, between 2021 and 2022, over one million user accounts in South Africa were stolen using a data stealer of some form. This can translate into gigabytes of data that a cybercriminal can turn a profit off of.

What we found interesting is that there is a structure to how cybercriminals price the access they’re selling.

“The price for accessing potential victims’ systems is relatively inexpensive when compared to the possible damage that can be done afterwards. The average cost for access to a company’s systems lies in the range of $2 000 to $4 000. The cost of initial access depends on the victim company’s revenue and price.

Globally 42% of all offers for the sale of access are cheaper than $1 000,” Kaspersky explained in a release sent to Hypertext.

“The majority (75%) of all lots offer initial access through Remote Desktop Protocol (RDP), making the access for buyers easy. Other types include access through virtual network computing services, through web shell, through Citrix access or SQL injection,” the firm adds.

This underpins the importance of strict security measures and ongoing analysis of those measures. In addition, cybersecurity awareness is a crucial part of these measures.

“Dark web monitoring should be considered as a threat intelligence data source for cybersecurity staff – CTI analysts, SOC analysts, and others. It will allow to immediately react to security incidents such as offers on selling access to the company and help to prevent data breaches,” says the head of Security Services Analysis at Kaspersky, Yuliya Novikova.

Earlier this year Mimecast revealed that when infected with ransomware companies not only pay that ransom but pay an average of R3.2 million. And paying that ransom doesn’t always lead to your data being decrypted.

Ransomware infections are just one of several methods of attack cybercriminals can use with the data they’ve purchased online and with payments reaching the millions of Rands locally, a R68 000 investment isn’t all that much.

[Image – CC 0 Pixabay]

About Author

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.