Ransomware operators often purchase access to corporate networks

Cybercriminals that manage to break into corporate networks are rarely the ones to conduct ransomware attacks, new research from Proofpoint reveals. 

Instead, according to the security firm, “first-stage” attackers usually sell network access on the black market to other groups, who then deliver the malicious payload. What’s more, multiple groups often use the same malware to distribute their ransomware. 

Source link