Cyber security firm KELA published a report stating it indexed 108 network access listings on popular hacking forums. The estimated total value of all the advertised access is around $500,000 USD. This number of ads is triple the amount seen in previous months. Ads selling network access have been on hacking forums for years, but the quantity and asking price is on the rise. Network access on such forums can go for as much as $100,000 depending on the network and level of access being offered. The average price is around $5,000. Asking price tends to vary based on the value of the company and not the size of the network. Many brokers also offer access to RDP or VNC endpoints that have been compromised via brute force attacks launched with IoT botnets.
It is impossible to track all of the sales on these forums, but it is obvious the trend of network access ads is increasing. Cyber-attacks across the board have been on the rise since the beginning of 2020. They increased even more during the onset of the Covid-19 pandemic. It is critical that enterprise IT teams continue to stay vigilant to the threat of attackers coming in through legitimate remote access portals using authorized credentials. All remote access systems should be protected by strong passwords and multi-factor authentication to limit their exposure. It is also important to monitor attributes of logon records such as IP address, geography and time of day to recognize when a seemingly authorized user access is out of the ordinary, or actions performed after logging into a system are unusual for the user account.