Initial access brokers are the latest cybercriminals targeting Australians. Here's how they work.
Picture: ABC News Australia
Article Excerpt:
In some ways, the newest cybercriminals attacking Australia are a lot like real estate agents.
It's all about location, location, location. Marketing is key, of course, and so is plenty of stock.
And, like the housing market, there's plenty of money to be made.
A big difference is that when real estate agents hand over the keys, it's not a crime.
Known as initial access brokers, this emerging class of hackers use their specialist skills to break into businesses and then sell usernames and passwords — the keys, so to speak — to ransomware gangs on the dark web.
They've become an integral part of the cybercrime economy and the cost to Australians is clear.
Our Co-Founder and CEO Shane Bell was mentioned and provided comment in this article:
Sydney-based private cybersecurity firm NSB Cyber recently tracked sales advertisements on the dark web, finding Australia was the third-most-targeted country.
The research showed that between January and September last year, access brokers sold stolen credentials 1,586 times — 62 of those sales involved Australia.
NSB Cyber's chief executive Shane Bell, who previously led the cybersecurity practice at consulting firm McGrathNicol, says access brokers were an "early indicator" of ransomware attacks.
"I would think that most of the ransomware that takes place in Australia on Australian businesses would be via brokered access," Mr Bell says.
"If I don't have to go and figure out how to get access myself and I can buy it, then it's just a cost of business," he says.
Mr Bell believes access brokers are involved in most Australian ransomeware attacks.
-
Mr Bell from NSB Cyber says that in his line of work, he comes across Australian businesses who don't even know they've been hacked.
He says the biggest issue has been approaching those potential victims because they think he's a scammer or trying to sell them something.
"We've even gone to the point where we've tried to contact people through LinkedIn," Mr Bell said.
"We're doing it because we've seen information and we just want to give it to them. It's not a sales pitch for services, it's not a scam, it's people who have information that could be helpful to you, that I would want to know if it was my business," he said.
"We can provide that information to that organisation, they can shut the door … no strings attached."
Source: ABC News Australia - Saturday 6th April 2024.
Author: Danny Tran
Reference: Initial access brokers are the latest cybercriminals targeting Australians. Here's how they work.