Kaspersky experts analyzed around 200 offers on the dark web that offer access to companies. They found that the average cost of accessing a large company's systems is between $2.000 and $4.000
The amount is quite small compared to a potentially very large damage for attacked companies. Such services are of the greatest interest to ransomware operators, whose profits can reach up to $40 million per year.
Dark Web: high demand for data
Kaspersky research shows that on the dark web, there is not only high demand for data obtained from an attack, but also for the data and services required to orchestrate an attack. Once an attacker gains access to an organization's infrastructure, they can sell that access to other cybercriminals, such as ransomware operators. Such attacks result in significant financial and reputational losses for the attacked organizations, and can result in work and business process disruptions.
According to the Kaspersky analysis, all forms of RDP access are sold most frequently (in 75 percent of the offers posted). These gateways provide access to a remotely hosted desktop or application; it allows cybercriminals to connect, access, and control data and resources from a remote host as if corporate employees controlled the data locally. 8,6 percent are offers for VNC for network access. Furthermore, access to Citrix, SQL Injection or Web Shell was offered a few times.
Mostly RDP access on offer
Prices vary widely, ranging from a few hundred to hundreds of thousands of dollars. Credentials are priced based on the potential victim's revenue - the higher the revenue, the higher the price of the credentials. However, the prices vary depending on the industry, area of application and size of the company. Access to large enterprise infrastructure typically costs between $2.000 and $4.000; for example, the price of credentials for a large company with sales of $465 million is around $50.000.
Ransomware operators, in particular, are willing to pay thousands or even tens of thousands of dollars for the ability to infiltrate a corporate network. These often cost the affected company several million US dollars. The most productive players of the past year have received a potential $5,2 billion over the past three years.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/