Hackers selling high-value targets in the United States

According to a study made by CrowdStrike, hackers are seen selling high-value targets from the United States for profits and the buyers on the dark web are preferring data related to targets from technology, government, and academics.

Usually, such information selling takes place on the dark web in the initial days of every month and those who buy such data will use it to conduct malicious campaigns such as ransomware spread, malware spying, espionage-related tactics, and more.

Till the year 2019, hackers were seen selling such valuable data for $1,500 and the price strictly depended on the location of the targets, the information related to them, and the size of the data file.

Now, the metrics to buy have changed, and the market has zoomed to a higher level where such data is considered highly valuable and can fetch a smart price of anything between $5K to $8K, again influenced by many factors, though.

Tactics used to keep the data supply are simple- depend on vulnerabilities and exploitable flaws, configuration errors, legacy equipment use, and in rare cases, through insider threats.

Ransomware as a service market has flourished in recent times and is said to take an enormous leap in this year, as those spreading are interested in buying data that gives access to corporate networks-big or small.

Usually, only large companies holding business in multiple nations were being targeted until 2020. But now, as the ransomware spreaders are becoming desperate, CrowdStrike has observed that these hackers are targeting even small companies for whom data means lifeblood.

So, in this year 2022 companies are being urged to stay extremely cautious against cyber attacks, especially of ransomware genre.

Law enforcement agency FBI along with CISA issued an alert that targeted companies should stop paying ransom to cybercriminals as it encourages crime and doesn’t guarantee a decryption key for sure!

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display