Hackers are increasingly turning to Dark Web marketplaces to buy and sell tools to attack businesses, according to a Thursday Bromium report Into the Web of Profit: Behind the Dark Net Black Mirror.
The number of Dark Web listings with the potential to harm the enterprise have risen 20% since 2016, the report found. And four in 10 Dark Web hackers are selling targeted hacking services against FTSE 100 or Fortune 500 businesses.
Threats tailored to specific industries or organizations now outnumber off-the-shelf types by two to one, according to the report. Network compromise tools and services including malware, remote access trojans, and targeted hacking and espionage services were found to pose a high threat level to businesses.
SEE: Dark Web activities: 10 signs that you’ve been breached (free PDF) (TechRepublic)
Access to corporate networks is also sold openly on the Dark Web, the report found, and 60% of vendors approached in the study were offering access to more than 10 business networks at a time.
“The dark net has become a veritable candy store for anyone looking to steal IP and data or disrupt business operations,” Gregory Webb, CEO of Bromium, said in a press release. “A world once dominated by off-the-shelf malware has been replaced by a service-driven economy. Savvy vendors have responded to increased demand for business access and targeting, offering bespoke malware, access to corporate networks, and targeted corporate espionage services.”
Malware tools being traded on the Dark Web most frequently target banking (34%), ecommerce (20%), healthcare (15%), and education (12%) industries, according to the report.
“Almost every vendor offered us tailored versions of malware as a way of targeting specific companies or industries,” Mike McGuire, senior lecturer in criminology at the University of Surrey and author of the report. “The more targeted the attack then the higher the price, with costs rising even further when it involved high-value targets like banks. The most expensive piece of malware found was designed to target ATMs and retailed for approximately $1,500.”
The hacking services targeted at companies in the Fortune 500 or FTSE 100 typically came with service plans for conducting the hack, with prices ranging from $150 to $10,000 depending on which company was targeted, McGuire said in the release.
“Organisations need a much better understanding of the threats posed by the dark net, in particular those posed by custom malware and remote access trojans,” McGuire said in the release. “The dark net, however, can be critical in achieving this. Organisations should build capacity to use the dark net for intelligence gathering, monitoring dark net marketplaces for the trade of malware, company or customer data being traded, and for potential brand misuses, such as the sale of invoices or spoof web pages.”
For more, check out 5 ways to avoid top malware threats on TechRepublic.