Underground forum posts reveal types of company most at risk of ransomware

Instead of going to the trouble of breaching a target network, ransomware operators usually purchase access from third parties (called initial access brokers) on the dark web. New research has shown these groups don’t simply buy up whatever is available, but are only willing to pay for access to specific companies.

Researchers from cybersecurity intelligence company KELA recently visited the dark web and analyzed 48 forum posts from July. They managed to identify a few key criteria that access brokers need to meet if they are to sell to ransomware operators.

Source link