Threat Management, Ransomware

Ransomware gangs use want ads to gain access to networks

Share

In order to gain access to their target company's network, ransomware gangs use initial access brokers who breach networks by brute-force passwords, phishing or exploits and then sell the access to other threat actors, according to BleepingComputer.

Researchers from KELA, a cybersecurity intelligence firm, reviewed 48 forum posts looking to buy network access in July and found that 40% of these want ads were created by those who work with ransomware gangs. These ads contain company information, such as the company's industry, its location and how much they are willing to spend.

Based on the researchers' findings, ransomware gangs prefer to target victims in the U.S., Australia, Canada and Europe; many of these threat actors avoid specific sectors, such as education and healthcare, and companies in the Commonwealth of Independent States, including Armenia, Belarus, Kazakhstan, Moldova and Turkmenistan; and the minimum revenue sought by ransomware gangs is based on their victim's geographic location.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.