The sale and purchase of unauthorized access to compromised enterprise networks has become a significant enabler for criminal cyberattacks, particularly ransomware infections.
Some cybercriminals specialize in network compromises and sell the access that they have obtained to third parties, rather than exploiting the networks themselves. By the same token, many criminals that exploit compromised networks — particularly ransomware operators — do not compromise those networks themselves but instead buy their access from other attackers.