(ANSA) – MILAN – Cybercriminals sell access to companies through the Dark Web starting at $ 2,000. Hacking becomes “a business model that sees it as a service” emerges from Kaspersky’s new report in which nearly 200 posts on the dark web offering information for initial access to corporate forums were analyzed.

It mainly sells Remote Desktop (RDP) access, a system that provides access to a remotely hosted desktop or application and allows cybercriminals to connect, access, and control data and resources via a remote host, such as if a company’s employees controlled the data locally. The cost of initial access varies widely and can range from a couple of hundred dollars to hundreds of thousands.

The decisive element is represented by the potential victim’s income: the price increases hand in hand with the income. Furthermore, the sector and the country in which the company operates also affect the cost of the offers. Access to large corporate infrastructure typically costs between $ 2,000 and $ 4,000, relatively modest prices, although there is no cap on the cost. For example, data from a company with $ 465 million in revenue is on sale for $ 50,000.

“Ransomware operators are willing to pay thousands or even tens of thousands of dollars for the opportunity to infiltrate a corporate network. Often these attacks cost the targeted company millions of dollars. last year they have potentially received $ 5.2 billion in transfers over the past three years “explain the company’s IT security and digital privacy experts. “The cybercriminal community has evolved not only technically, but also organizationally. Today, ransomware groups look more like real companies with services and products for sale,” Kaspersky points out.

“In addition, we have observed the growing market for the data needed to organize an attack. Gaining visibility of sources on the dark web is essential for companies that want to enrich their threat intelligence. Receive timely information on planned attacks, discussions about vulnerabilities and breaches. Successful data will help reduce the attack surface and take appropriate action, “said Sergey Shcherbel, Kaspersky security expert. (HANDLE).