Phishing and thieves dominate dark web forums (but don’t mention ransomware)


The most discussed malware types and hacking services in the last year on dark web forums are dominated by phishing, thieves, zero-day attacks and ransomware.

But Risk Based Security’s 2021 Year-End Data Breach Report reveals that ransomware has been widely banned on major forums, as evidenced by the reference to ransomware offerings as “encryptors” or “lockers.” to prevent the post or account from being immediately banned.

The most popular types of access advertised for sale on forums are administrator or user level access for Remote Desktop Protocol (RDP), Virtual Private Network (VPN), and Content Management Systems ( CMS).

According to the report, 22 billion records were exposed to data breaches last year. Although this represents 14.5 billion fewer records at risk than the previous year, it is still the second highest year for the amount of confidential data compromised since 2005.

The report also shows there were 5% fewer publicly disclosed violations, however, the number reported in the United States increased by 10% to 2,932 in 2021 from 2,645 in 2020.

Names and Social Security numbers (or their non-US equivalents) are the two most compromised data types. Interestingly, payment card information appears to have become less attractive to malicious actors and was only compromised in three percent of reported breaches.

By sector, healthcare saw the most incidents, accounting for 14% of reported breaches. However, when economic sectors are broken down into risk groups, financial services and software vendors are the top two most violated business groups, with medical professionals’ offices coming third. Manufacturing, which is generally not considered a popular industry to target, accounts for 10.5% of reported breaches.

The authors of the report conclude:

If 2020 was a rollercoaster ride, 2021 was more or less the same, but perhaps with a little less surprise at the twists and turns that defined the year. While we hoped that law enforcement successes against ransomware operators would put a damper on activity, new groups have formed, updated malware strains have arrived on the scene, and operations are picking up. continued after a short break at the end

Accidental insider errors also took their toll, contributing significantly to the number of documents exposed during the year. Additionally, these errors exposed highly sensitive information such as social security numbers and their non-US equivalent. Much has been said about how the pivot to working from home would create a field day for malicious actors. Maybe so, but surely the stress of the past two years also plays a role in the amount of data exposed.

You can get the full report on the Risk Based Security site.

Photo credit: Dmitry Molchanov/Shutterstock


Comments are closed.