New research by the company cyber security Kaspersky, in which they analyzed more than 200 posts by cybercriminals on the dark webstates that the average cost of access data to a large business It’s found between $1,900 and $3,800.
The cybercriminals responsible for these posts are not just looking information that allows entry to databases of different organizations but also, they want an economic gain At the same time, these facts facilitate other attacks carried out by more cyber criminals.
However, they are the operators of ransomware (data hijacking)the creators of the viruses used in attacks on companies who receive the highest profits, since the figure that Kaspersky estimated as an average is $38 million in these cases.
The data most desired by cybercriminals
The publications analyzed for the Kaspersky study indicate that the 75% of the data that was offered on the dark web was RDP accesses (Remote Desktop Protocols by its name in English), which helps cybercriminals remotely break into employee desk.
The prices of this information obtained is established in relation to the profits of the organizations that were attacked, so if a company has a profit of 450 millions of dollarsthe accesses that are offered can be for sale for 50 thousand dollars.
In addition, a not minor aspect at the time of establishing a price for the information collected, is the possible gain that can be obtained after performing an attack. That is why cybercriminals are willing to pay high amounts of money for this data.
For their part, cybercriminals can also publish some stolen data on their blogs, in fact, they use this medium as evidence and threaten victims to pay the ransom within the stipulated period.
“Gaining visibility into sources on the Dark Web is essential for companies looking to enrich their intelligence of threats”, said Fabio Assolini, director of the Research and Analysis Team for Latin America at Kaspersky.
In addition, he stated that timely information about planned attacks, discussions about vulnerabilities, and data breaches They can help you take the right steps.”
Data breach in companies
IBM’s Cost of a Data Breach Report, which is based on an analysis of real cases experienced by 550 organizations worldwide, including 66 companies in Latin America; has relevant data on the time it takes for organizations to control these attacks.
The time it takes for an organization in this region to identify and control a data breach situation is one period of 331.5 days in 202225 less than that registered in the previous report.
In addition, it is reported that the vast majority of the organizations that were part of the study, in total 83%, have experienced a case of data breach at some time.