Initial Access Offers, Ransomware Incidents

2021 Underground Activity

Ransomware operators perpetually seek to improve their attack success rates.

Purchasing access to organizations allows threat actors to reduce the time it takes to enter an environment. In 2021, the average time between a network access offer and a ransomware-as-a-service (RaaS) affiliate program breaching the same entity was 71 days. This report reviews offers from the initial access brokers of three of the ten most impactful merchants, each having an overall positive reputation in the cyber underground.

Download the report for insight into the typical time between initial access offers and the announcement of a breach observed on ransomware operator blogs.