Translated and transcribed by KELA Cyber Intelligence Center
On August 23, 2021, the YouTube channel Russian OSINT published an interview with the LockBit 2.0 ransomware gang in Russian. KELA translated the full interview.
All Access Pass: Five Trends with Initial Access Brokers
Victoria Kivilevich, Threat Intelligence Analyst
For more than a year, KELA has been tracking Initial Access Brokers and the initial network access listings that they publish for sale on various cybercrime underground forums. Initial Network Access refers to remote access to a computer in a compromised organization. Threat actors selling these accesses are referred to as Initial Access Brokers. Initial Access Brokers play a crucial role in the ransomware-as-a-service (RaaS) economy, as they significantly facilitate network intrusions by selling remote access to a computer in a compromised organization and linking opportunistic campaigns with targeted attackers, often ransomware operators.
This research includes an in-depth analysis of Initial Access Brokers and their activity for a full year from July 1, 2020 to June, 30 2021. KELA analyzed IABs’ activities over the last year (when their role became increasingly more popular in the cybercrime underground) and summarized 5 major trends that were observed throughout our analysis.