Cybercriminals Selling Access to Corporate Servers on the Darknet

Advertisements on darknet forums offering full access to corporate networks jumped almost 70% during the first quarter of 2020 over the previous quarter according to security firm Positive Technologies. This poses a significant potential risk to corporations and their now remote workforces. Network access is being sold on the darknet. It was most likely acquired through phishing (never click an unknown email link), brute force attacks, and login stealing malware. Employees working from home might be vulnerable to hackers by using unprotected computers, web applications, non-updated software, or accessing an incorrectly configured server. Websites with out-of-date plugins and themes may also open the door to hackers.

Security is now more important than ever. Once network access is gained it can be sold to the highest bidder, often with commissions going back to the seller. For more information on what the hackers may do to your servers if they gain access read this article from BankInfo Security.

Make sure your website is protected with security software and that all plugins, themes, and servers are updated to the latest versions. Updates should be made often especially with WordPress websites. WordPress is an open-source application and when a plugin becomes vulnerable, it is immediately known by hackers and bad actors. They go right to work scanning the Internet to find websites using software that creates an opening into your server. Once they find an opening, they can do what they want with your site. Your site could be infected with malware and be delivering malware to anyone who comes to your website. You would never even know unless you have security software that catches it first.

Last but not least, daily backups of your site need to be made. If a website is hacked, it is best to take it down completely and restore a clean version. For this reason, Egeland Wood & Zuber, Inc. has 30 days of full site backups for all our clients. We also archive a monthly full backup for each month as long as the client hosts with us. We have versions of our clients’ websites all the way to the beginning of our relationship. This allows us to go back as far as necessary to find a clean version of a website. The backups are extra protection for our clients should a hacker ever get into the corporate website.

Better to be safe than sorry. Would you ever consider doing away with insurance on your house, your car, or anything that is of great value to you? Security for your network and your website are the insurance that you will not lose that valuable asset or get cleaned out financially. Do you have the resources to get back your business records that have been ransomed or time to rebuild your website from scratch with no backup?

We care about our clients’ security and we provide monthly records of all updates, backups, and cyberattack attempts that have been blocked. If your web developer created your site and left you to figure this out yourself, you might want some help. Give us a call and we can do a security audit of your website.

Scroll to Top