PRESS RELEASE
Montreal, Quebec, Canada – February 6, 2024 – GlowThe leading exposure solutions provider (CTEM), has released a new report exploring and analyzing the cyber threat landscape and threats to NATO countries created by Initial Access Brokers (IABs) on language hacking forums Russian.
IABs are key players in the cybercrime landscape. They infiltrate and gain unauthorized access through various techniques, including spear-tracking, exploitation of unpatched vulnerabilities, and exploitation of leaked and stolen credentials, with the primary goal of establishing persistence in these environments.
For this report, Flare analyzed hundreds of IAB posts on Russian-language hacking forums and uncovered recent activity in 21 of 31 NATO countries, confirming the vast reach and potential ongoing threat that IABS poses to national security and stability economical.
One of the key findings of the report is threat actors’ preference for targeting critical infrastructure sectors in NATO member states – their strategic value allowing IABs to command higher prices in the cybercrime market. The report also highlights the anonymous nature of IAB posts and the careful efforts of threat actors to conceal sensitive details, which poses challenges in identifying victims.
The analysis indicates a clear trend toward targeted cyberattacks in the U.S. defense sector and a higher price for access to U.S. defense contractors. This reflects the high value of these targets and suggests that threat actors recognize the significant impact of infiltrating defense-related systems.
“Geopolitics is no longer isolated from cybercrime,” said Eric Clay, VP of Marketing at Flare. “As global tensions rise, we have seen a spillover whereby nation-states can directly exploit cybercrime groups to pursue their own goals.”
To better understand the IAB threat landscape targeting entities in NATO member states, Flare presents a snapshot of recent IAB sales from the Exploit forum in the report. These sales, involving entities in 21 NATO countries and primarily from the years 2023 and 2024, represent only a small sample of the multitude of IAB listings.
To explore this research and the significant impact of IABs gaining unauthorized access to NATO member states’ sensitive information, read the full report at https://flare.io/learn/resources/initial-access-broker-landscape-in-nato-member-states-on-exploit-forum/.
About Flare
Flare provides Continuous Threat Exposure Management (CTEM) solution for organizations. Our AI-driven technology constantly scans the online world, including the Clear & Dark Web, to discover unknown events, automatically prioritize risks, and provide actionable intelligence you can instantly use to improve security. Our solution integrates into your security program in 30 minutes to provide your team with actionable intelligence and automated threat remediation across the Clear & Dark Web. Flare is headquartered in Montreal, Quebec, Canada. For more information visit https://flare.io/.