Initial Access Brokers Report

Remote-access software, virtual private networks (VPNs), and other innovations have steadily swelled the remote workforce. As the adoption of those technologies has jumped suddenly and  exponentially, threat actors have been quick to find ways to exploit network access tools. Initial access brokers (IABs) are among the threat actors benefitting from this situation, which has elevated their status in the cybercriminal underground to critical. 

Digital Shadows’ Photon Team has been tracking these threat actors since 2016, and we’re now witnessing a “perfect storm“: a dramatic increase in remote working and an incredibly successful ransomware monetization model. To better understand this phenomenon and what it means for security practitioners, we analyzed more than 500 access listings between 1 Jan 2020 and 31 Dec 2020, and made some useful discoveries, covered in this report.

Previous Report
Weekly Intelligence Summary 02 April
Weekly Intelligence Summary 02 April

Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involv...

Next Post
Weekly: More on Microsoft and Acer Receives $50 Million in Ransom Demands
Weekly: More on Microsoft and Acer Receives $50 Million in Ransom Demands

ShadowTalk hosts Alec, Austin, Charles, and Digital Shadows CISO Rick bring you the latest in threat intell...


Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
State- optional
Job Title
Thank you!
Error - something went wrong!